last executing test programs: 32.321714185s ago: executing program 1 (id=1584): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x80000000000}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b000000000"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chdir(&(0x7f0000000240)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file3\x00', 0x1d0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0/file3\x00', 0x2) 32.045690749s ago: executing program 1 (id=1587): syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4048001) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000040)=@buf={0x0, &(0x7f00000004c0)}) 31.895444837s ago: executing program 1 (id=1588): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="11000000040000000400000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x50) 31.604935937s ago: executing program 1 (id=1590): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB") openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f030010000000002e100200000000002604fdffff020000140100001a0000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815540a00000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd5a2c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dbda3fcd9266d6b5dd31af9612fa402d4b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000200000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1dee617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b0"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6}, 0x94) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000040)=0x4) 31.087787029s ago: executing program 1 (id=1599): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x208, 0x1ffe0000000}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat(0xffffffffffffff9c, 0x0, 0x101042, 0x8) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) 29.921674208s ago: executing program 1 (id=1604): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) gettid() syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4) 13.765594258s ago: executing program 32 (id=1604): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) gettid() syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4) 6.783518193s ago: executing program 0 (id=1720): r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 6.355816486s ago: executing program 0 (id=1725): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000009b80)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_DATA={0x4}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x24000850}, 0x40) 5.456535325s ago: executing program 0 (id=1728): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioperm(0x0, 0x3, 0x2) 4.242466497s ago: executing program 5 (id=1740): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = epoll_create1(0x0) poll(&(0x7f0000000040)=[{r1, 0x200}], 0x1, 0xdb3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)) shutdown(r2, 0x0) epoll_wait(r1, &(0x7f0000000000)=[{}], 0x1, 0x101) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000140)={0x2000200b}) 3.939260119s ago: executing program 2 (id=1742): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000000ac0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)={0x20, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x711}, @CTA_FILTER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pread64(r5, 0x0, 0x0, 0x89a) io_setup(0x8, 0x0) io_pgetevents(0x0, 0x3, 0x3, &(0x7f0000000a40)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x989680}, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r6, &(0x7f00000001c0), 0x0, 0xe7b, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) 3.522755664s ago: executing program 4 (id=1743): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 2.310312302s ago: executing program 4 (id=1744): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) 2.073752215s ago: executing program 5 (id=1745): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x44000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) ioctl(r0, 0x8b1b, &(0x7f0000000040)) 1.993509553s ago: executing program 0 (id=1746): bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x24}}, 0x48850) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_USE_IFADDR={0x5, 0x18, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048d0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) sendfile(r3, r3, 0x0, 0x4) close(0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0xfca804a0, 0xe, 0x0, &(0x7f0000000580)="b80022ab98d1db1b883e04000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x1, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x38, r5, 0x5, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x70000, {0x18, 0x0, 0x8000, 0x1ff}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4800}, 0x8060040) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 1.947326067s ago: executing program 4 (id=1747): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r2) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001240)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_FLAGS={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40044}, 0x4804) 1.793570586s ago: executing program 3 (id=1748): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) syz_emit_ethernet(0xf5f, &(0x7f0000001380)={@broadcast, @empty, @void, {@ipv6={0x86dd, @generic={0xf, 0x6, "d3b6af", 0xf29, 0x11, 0x1, @private2, @local, {[@srh={0x87, 0x0, 0x4, 0x0, 0xf, 0x28, 0x8}], "077caad79881c4ca0a6e663d7aa1d0ba436f18e7d893a612a66f387b89c539b6c2dba9bff5423d9765515c9b1d86e119a44955b31649705be256270a3d1e5801386d8d6be68a8aedfe7fa782a93b99a3afaeee854e9a507413132977da5d9e54047593db66a822dd2f71a974fa21bbe9423df5ee8ae7d787751a4abc6b00553a008f2cc684786e85245e42f8470d982db8a3733c1cbbb145b599437d80b20ff9c7f1b1ef6aca36a5562dd94fec9b886a90bf5b816ea9ed1ccd9c4bf525782891ed3c57e445102e7082d50f9daf2e005eff09b85b8a2ac431d6b9125614a620331017bba37f7674643a41a832afc5e2c020862f2581e038e819db12780a36432ed0e2aa69fd135c398cb36c6c948e2005b8c983c5656a6ec783b590c373aca40e34f1f1bb0391df83c47681d3a05e3e942d85e25046383fe42df03889586f4c70bc440c3afd85da26e64b20ba11cbb4bccb8bbed745bc29bc84ed162ee50d1145287ab0abbf632b5932881c3dca5190aab739738b5c483e97da78c1bfa1a03acf2b8a1df4428a53a13f64d749039f8a329b5bc3d50495b6fdc9e86232d04730a118e7cab5b468374d6a1ef9e2be894412cb2baae5e509a8eab1ff3f15575ccb29e934ab5d5f9b265d706b8c3e56ded9abf9d15b1b7a782db7d680a23e7066dd86d2deb89a40431a356996227b723363a2a3449298a06c0dcdc6ab4fd647232c4839cfdfaf81c1e4bccb7313bd6da2f9ef6d5f032eabeb0b086c08dc79a97f87b20cddf2db7015353c9d9e9d8addf8189500dc6cc19b560c829483fd1cba4f78cb01b83215612c9f1243ab8652b1473b583e032ac1ff98b9b1b5844fa1643335bb38766357590a87342bea2b91cfb5c755b54062883f6576d1c86a03a5030407538561f868ce9ae0a4e83614df4583b9de19803e333eb3e635f7676f15675ca1c3a028c6a95f8e83b57d706b0b6e69ebdf50076c194f05dd4b619395d33f5cdd49875f07108d07e6d75b5b743a3612450d66df23354437239b78bb27f83fac19da3a2597df93e8fd52151878ea4c09939629451bd455f289cfcead14a32e822c2b945433fc63d71263faa0fa3b72cf8dbc0895514e586fddb158176939359534e72cc443493eda5b8ede7ba68ca8a9de87bcc4387d0634470bf5b0f4b131fd2b29adbc80ec3710bb47c43cb5ace29c0f985131ddb3f69a14b8ed56239089f5760b3be86c28d45bd2466521f1e4308439ee85bb3bc8c1c8d10beabbad9e3e73c3fc46a6fc661a1ee93a484a3ea404429835d968b13fa00e7e0d9421c06d4e92f3752226bb3bb918d9cd81182180e01c186c4e5e000c66894b07a2939f501880af145a00b22c7c7b5f0fd37dd15f25d0079582fbeb6359cc9fc0501d1a16da71e2709884d366c098d863004f042a98cadeb435fdfa9b754ae6c63a774b48327dabab7df4fad03d8d3ff3edc890d22c7294f8563e3919050bc1c3633ab551973df976f1b3f2b1e97ecc4e1ce556bf170f402db887e0bdc16c91320e80ba17f2852fb066745f79c0216ab1a2182b67e494a0cf6d3f54205844dd81f21313fdcf0ee4496831e05f74da56df2c0113903382e4e36a3e161813e0643f4e419b9a64b83646cc7897abdef7046ea987468b965709c4d8b36798bc26a07ebe4566f8f47c0e99ed0b7d126b4020c1b81b7471b589ea32784de7bbd473ca8e51d1ba85b415d850e3b1b55a16eebd77f2cd256e05e0d66455bc88f191f34c277ad723d5642d238df77b63b9fd397088f765fc6099934ffbf1d6b81219a7cdd0ca6f656c87398e7fddfca75a2af8ff6337a683bab21d5cfbb2e90d4ad61ad8a186839bcf2f0abc1c575e4ec721ebe31d1fd874ec64dd4b605515e937e80c1a450944de966b31ea7b52506773a6bfbfa64b866a0721861b59f68149b56b49f1395eb6bb5ae911bf3423a13bb8f86ba8d821ec4f85cd5ccbecdfb97f39ce528caff7953a4926676a11a8ae8855f26f6e43bbf5ce4344423ff20b04f59ee02502fa1e9e397888c180b680599f9fa8776d64ba73f2489404155fcbcbbf74ad7ff90e18dcabfd662b94261ae576bc17a6b92fb043b5ea09ed035d0c1e7a7722e7f9a8339f6b64e2c9dc1d0b5122a2107b2e9571b87c2717fc62fcf5a9ba04c77b4705a9b8d34af28d097221ac12712bf2744fe8ebf045889fa6ddddde090ee376ffa2f7d6f69c3a6132b6fb65168ac6352aac1e57e3c09f36a03e1842c1a893c0ac343a39ee4f5d464de3e4297baacfc06f1a950e6f76604ae61f794decdcbd8c86f91e96cf9c84cc32994df1528742ab3ddf01ee88e8cd7e0916735dba41c3b92e0c13d73ee7c2c6d3bca0d26b68b79ba0a9944d55525867942398886b4ac284a17cc4750dc1c974f2a5676a7eb6bf4ad6a5124a051e0c2891eef5d57af8e486f95f78cd70c157794e7e90ab2a344f035f25102b6cdf804b0eff6531fd8a9c7be508714bdd19a24034cfd6a3ca586e2656a32f7a2b02bbeb8db5d072e9dfc9b0f9ecdad8b170a42596500873bc2544e83d00201e2988d3ddbf82c00968e6e5f581c620a271a45b61ef898f93381ffca1eef16f1c45fc7c11c687738457a87d135da484412d47edc3c497b97bfbbfe10448a49a379a88e2ad423eba9d3b95519d903a89fa7af6b0efc9c41c20a817d4bcefbea0a25081bae1c8e5825a3c29a21b4cc3629cbeb7f3899b6174c124db2ca7d74de587c4a2c40d2729d18a095375d2e0aaed73e3c08342e3e77300fb120a812bec032f7d2e48e5cde927b11fe900b083355bcea4ee2fcb5db48f318d72638d5e1b4cc7533d1e22662d380fe4f886dbb257ba4a759346eb5cb7aded87eff90abfa0fe408e215be1333fd4cb42ab7d7121754169f2b3c33ba10d0e701292573715b45fcc214674ba85611bc7e769a53df655dccc1b90b36803da6736c57f8d9e253109d68d7b925ebffba8090b5a07f5492291db8028c5592ed1d995276723aba8cf5d0069454350bfba40747fc33b2909f25c6d818c15eb2063ebcd0f6788c5ec7925793f039556cca7a2252f8b8dd45ee795963e8be3ec98c44b99e5025eccc76b1b455d5eee93c7b3a33669b89cd9db1287d3d722e911f10c534d34d813e5ec75b95ce9440b6a625c355fdcb89f907b4983d2cc02fb7a7e1bda793962953d8f8424e4b6716d39e1d0124a72512c929a71f38aae1504f2de0700a3789c94278447a4109ccdfbdb0ef53f19384a749b8783160b0157954e879ba9538201f6531634c04687fedc552a97e28968f71850978d82d08e78bfc238150d46fb366c0563068149ab9cdcc267680c64c061fb72a7977ce6f02fbbc62e959f72617a815e98799cbcdd3c13520eff44c374f0181d9782a70e710e6adaa0c82dfc9ac4ab7929291186f5556ad56de16d53b4f45d098c0d1c971e9a6585e05b3bdb452b2d7cc5ce03db92ba9ca9740b48a3416215bc714bac488c4a21b22b812e9ff54bbce57d7549215cb9d02b50aca98fe28676a41f766f34539a33d52e7f7ddd76b0758f4e1bebd45486e3c460017616a2db7de200f221e29caafb089a569236269ff803e07ff9b72d72232b1bb09109f6ed6f74d272ba88d02010dec381f53b2c42cb9f888ab2943a493c6337ae4cc93d82b27a8972026535b7ca3a09b9c86ffbcc84776ce355d50ead9a26f07025f13e82121e5c1e51f6dcf187387915569354ba6cba13a6d80b084c11ef060361e11edeeba3d4dae28f70a178b55f1d6f5656cb272ed1f74fc854e5c8f03bbb8f15663f02a2cf05f52d16a9be6eafd51732d24193833a95e4a912b0f92481886447364d21769e57aa84035813ca7b4ea16f0a640ebd8bce4c168dd09ae16d6cf5ae633074c6d8dae2caae72a5f08f3b7ab8f66a4c621e45f0af38e9f0ff7cd1a5ac690484d476e4b22a6038737c88ab9a5b1801a8454d1c377e408b3dc2bb3e8cfcefc278d3166753d0da168415376efec6e20ad35be98bcea4cddc8b733af8e1d2f4cbd247e80c5d7e9636c4bb7e1228852bd2bf42ffad57b9d6a2f1ac0a1c033ac0285e1ee95f6d03eb129f792df0149e8ed2aa9665012eeec4d8cd952eb92e8fdec856f33e2ab1da629e9a988ab057e3e3143202d794206a8d4df6a24d42a6d84e6e1cbebb53c7dd4114a8010648018b4cd24565a9504fa0c9f26c25d6bc39d893cdb43a1bb77cd4d8ce7728b921fbc5c1b8abbaf03a1388c017aa22cabf1115602381a53f33ddbd24f8aa3aa99a6990730faa9ef0e960d820184713d1fc8e2eac5373d8703adc0e4a9d6ed15bb8acebd896804aa37abf45e5fce2e888d14edbbd2ebd1a91fa65c4c9623e6944eadd8148aca8f6495f89af8aaa42d4c2e0fde04c58aff2d259c0223e01b1b9f2b8d65882695a2163d4e0b1057afb25bcf529cb61a9b4c034208ff363d1ab8c029d5329d9b92b3e9ee2179b760e3eba29befa0a8cfd477d081f89ff0fd5b6901724f45ad1aa68de7ef0beec249f01d246d7799466958ebb75d9f956215887005b15b1a2a4d2e689a21028d58adb3a99722b3a400d5ef0a184fb472c92512be53b2d508e930088c7e1f3c28420eabd7d2c1b0319a4ac5b7f94d3c9842a39cc0a3f391667e18851539d8ffc32a3ede8e6f638afcfd075b179a4e5167681de86f7e9e92f61703fd6ae6d54e3efbf43c1f059bfffe238f90d1fa14efec29df8c75d362940593fcbeb49e8de10f2956443abd53a9940b2bc7281d02c2a3722309bd2103c99f44b98bbcd38c209f80b2f002e8a9765405d073ed10515fe40e979f683d0565042cc0aef02dd6c9fd07fa19466ca8e9942ec528d42a6f1b3f1b2fa2476292885dd155f593109d7c457db9a48f189f9f6e825a4f151eadb6f5423e85a80e56e5da56725d88d68cc93d0f81304921c5f5072ca03f1cfe8101413e82a54688986cac913b7f456a3b2e90c045fe6599f69bc2e57e9f3c6f292cd2523ba82482d83fee62dd6ae3214b53d57d121db194ce61264d6fe470da6646d3d464cefef2ff8c3fba115db5bcaf386e069ed045db323c2c22f247af165ea28bcbd376c7b115585c09ae3b4fe59b5d6bfd9481b911c483fa17dc1712b7dc69c35eb3f9fec453fca0c4f5d5b626b31044a5069446dcf9e6b4547bf712c0714d153957a005ce737823dd7de52e14bc45be33dcc617e541f310e708a2480fc42306832bd0ad951a810e1ee9548d6a12fa13e9cf4cfe6572708d236c4512b8ac9f902588d543aa95f51795280c65425cb8d75ce1e0d17750e3abe4f1ce60cadf8c0f6a2a39f072f6f89292cf6428fb100ab8b2226e47e26849156c75a35fd752cb1f8e1baf0fe7e94c38ed8bfc772b7b07ff1c4258dc91fa718647cbc92240c0d0b5fb05822372ffe88b737bc87e91ecf3af81881e5621a6a39d15a92b75f561220193194d33f8a03b155c2b7ec5be4276f49a67bb59996146e296df56348d1233901f9a6525bcb32af"}}}}}, 0x0) 1.668840149s ago: executing program 3 (id=1749): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x841}, 0x84) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x4040) 1.622469187s ago: executing program 2 (id=1750): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=ANY=[@ANYBLOB="700100001a00330600000000000000000a010101000000000000000000000000ffffffff000000000000000000000000000040004e2480010a0020000d000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800000000000000000000000001010000000032000000fe80000000000000000000000000000d23030000000000000000000000000000000000000000000000000000000000000040000000000000fdffffffffffffff00000000000000080000000000000000000000000400000009000000000000000000000000000000000000000040000000000000000000000000000029bd7000053500000a000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00200000004e22000000000a0101010000000000000000000000001c"], 0x170}}, 0x0) 1.471851603s ago: executing program 3 (id=1751): r0 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r1, 0x0, 0x9}, 0x18) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000400000000000000f782db44fd233c56170d12a0b9b545", 0x19}], 0x1}, 0x24018001) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r4}) 1.46510237s ago: executing program 2 (id=1752): openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000002440)=[{&(0x7f00000002c0)="62af263ea3c1befb3bd81deb2fc1cacaa4d2f3c7d8ed578a43f7c4bb44173641f1fd8524ba1d6678d41a89626989170aadb2c8de3262863630637e1f80b2b4b51ee58b9299e10879e5e7cf131a96d45102b25ddcd1a9c1396236f8a9e1be48f3df174a31122fc89187100d16d31e65e68a314119e411a442d36d25fa1a910a16926bbe70937af1a2daffcd5c3a62c21741d80998ec5bdc21609f993fe686eab92a3d9509e824ba65d8ca5a278c2daaa30bae078462870b37ea7868c8f4793a95dfe47a9c60ea83231e51dda3ae07e726e228a4b101565798f3c4d0633da550910f4615720e9ca37e6f3e77bb52ae52a1312724d2f1a641035db3e81b35e55ca077ae17a98a375b6c3f56395c052113c3f125304a41a735b325b05243c1b8a0b8e47ad70f831e640e4d68e32614faef764f07940dbd655c7c45a7a22630e1c3d77bd86fd2c51621f5196efd4844bc327210f9d34141daa5acc425005e38ccdbeba7eafd392b4f3eb9f297aa6dbc28320b48b3f878d9e45916396519eb2f5c4084d210892cc8bd34489e4e12d78c16e5abcf841243e65dddfd7cbe36ec49b51d4ad368a01bba", 0x1a5}], 0x1, 0x9) r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) 1.384049312s ago: executing program 3 (id=1753): syz_init_net_socket$rose(0xb, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0) connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000880)={0x28, 0x0, 0x2711}, 0x10, 0x80000) shutdown(r1, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x107c80, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) close(0x4) unshare(0x6a040000) r4 = socket(0x8, 0x3, 0x0) ioctl$sock_netrom_SIOCADDRT(r4, 0x6180, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000040), r4) 847.12071ms ago: executing program 0 (id=1754): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0xff, 0x7, 0x0, 0x1}, 0x48) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 779.182536ms ago: executing program 2 (id=1755): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xfc}}, 0x0) r1 = socket$kcm(0xa, 0x3, 0x87) sendmsg$kcm(r1, &(0x7f0000000580)={&(0x7f0000000380)=@l2tp6={0xa, 0x0, 0x7, @dev={0xfe, 0x80, '\x00', 0x28}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000b80)="afd1c9ef", 0x4}], 0x1}, 0x40810) 777.999053ms ago: executing program 5 (id=1756): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x4, 0x8, 0xc}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000001080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70fd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0x40}]}}}]}, 0x40}}, 0x0) 773.780123ms ago: executing program 4 (id=1757): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) 473.263194ms ago: executing program 3 (id=1758): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFO40AUhv8ZZxPtaoutVogGJCIRkHBsBxANRQp6JAiIjoiYKOAkKHFBIlFQcQUaCk7ABSgoOAIHCFQ0oaM2sj1JhggIBSAh/q9487/x83jmWfotGYSQH8vd7WOn4188GAD+Io2Umr83BjVSq/9/XSulTlbGLm+OZs8Kp/nh9QSAIHj/8xMArvIGfJUHwfO702pch+zrAiRmlN6EgKn0NiQ2lHYhsKX0nqbrYb1p7lY819ype6VQWGGww+CEITe8v+6xQEnbn9CuN1vt/aLnuY1PFKP6181LLGv7099XrzeW1j8bErbSOQisKb2EVK83cUu0848nBusbX3x+CgqK7yYG/hScC0xr/pTQ/CPrVw+yzVZ7rlItlt2yW3Oc3KI1b1kLTjYyoji+4X+/I3/6o63/65XapEjisOj7DTuO/dyJ40uOm4z8TyIzFedCzelE34N/YjIcMobKCSGEEEIIIYQQQggh5MOZgIj+go7AWY2qnwIAAP//ntd3Nw==") lsetxattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0, 0x2) 468.760509ms ago: executing program 2 (id=1759): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080)=0x20, &(0x7f00000001c0)=r1}, 0x20) 404.515868ms ago: executing program 4 (id=1760): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0x65bf, 0x9, 0x0, 0x1, 0xcb00}, 0x50) getdents(0xffffffffffffffff, 0xfffffffffffffffd, 0x0) 312.286374ms ago: executing program 0 (id=1761): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000000ac0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)={0x20, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x711}, @CTA_FILTER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pread64(r5, 0x0, 0x0, 0x89a) io_setup(0x8, 0x0) io_pgetevents(0x0, 0x3, 0x3, &(0x7f0000000a40)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x989680}, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r6, &(0x7f00000001c0), 0x0, 0xe7b, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) 300.799573ms ago: executing program 2 (id=1762): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000240), 0xffffffffffffffff) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'erspan0\x00'}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x600}, 0x24044800) 198.102442ms ago: executing program 5 (id=1763): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x841}, 0x84) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x4040) 197.282499ms ago: executing program 3 (id=1764): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a70000000060a010400000000000000000200000044000480400001800e000100627974656f726465720000002c000280080001400000000108000240000000000800044000000004080003400000000008000540000000080900010073797a30000000000900020073797a32"], 0x98}}, 0x800) 149.40117ms ago: executing program 4 (id=1765): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x24}}, 0x48850) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000008c0)={'wlan0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_USE_IFADDR={0x5, 0x18, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048d0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) sendfile(r4, r4, 0x0, 0x4) close(0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0xfca804a0, 0xe, 0x0, &(0x7f0000000580)="b80022ab98d1db1b883e04000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x1, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x38, r6, 0x5, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x70000, {0x18, 0x0, 0x8000, 0x1ff}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4800}, 0x8060040) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 58.570163ms ago: executing program 5 (id=1766): clock_adjtime(0x0, &(0x7f0000000480)={0xfffffffffffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 0s ago: executing program 5 (id=1767): openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000002440)=[{&(0x7f00000002c0)="62af263ea3c1befb3bd81deb2fc1cacaa4d2f3c7d8ed578a43f7c4bb44173641f1fd8524ba1d6678d41a89626989170aadb2c8de3262863630637e1f80b2b4b51ee58b9299e10879e5e7cf131a96d45102b25ddcd1a9c1396236f8a9e1be48f3df174a31122fc89187100d16d31e65e68a314119e411a442d36d25fa1a910a16926bbe70937af1a2daffcd5c3a62c21741d80998ec5bdc21609f993fe686eab92a3d9509e824ba65d8ca5a278c2daaa30bae078462870b37ea7868c8f4793a95dfe47a9c60ea83231e51dda3ae07e726e228a4b101565798f3c4d0633da550910f4615720e9ca37e6f3e77bb52ae52a1312724d2f1a641035db3e81b35e55ca077ae17a98a375b6c3f56395c052113c3f125304a41a735b325b05243c1b8a0b8e47ad70f831e640e4d68e32614faef764f07940dbd655c7c45a7a22630e1c3d77bd86fd2c51621f5196efd4844bc327210f9d34141daa5acc425005e38ccdbeba7eafd392b4f3eb9f297aa6dbc28320b48b3f878d9e45916396519eb2f5c4084d210892cc8bd34489e4e12d78c16e5abcf841243e65dddfd7cbe36ec49b51d4ad368a01bba", 0x1a5}], 0x1, 0x9) r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.181' (ED25519) to the list of known hosts. [ 85.197926][ T5847] cgroup: Unknown subsys name 'net' [ 85.346377][ T5847] cgroup: Unknown subsys name 'cpuset' [ 85.357423][ T5847] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.888738][ T5847] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 89.956858][ T5866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.965901][ T5871] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.975464][ T5871] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.986197][ T5877] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.997719][ T5877] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.006636][ T5880] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.022081][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.041677][ T5880] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.049959][ T5880] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.053596][ T5878] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.064755][ T5878] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.068197][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.073546][ T5878] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.079855][ T5872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.087529][ T5878] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.093850][ T5880] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.107434][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.112131][ T5878] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.117861][ T5880] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.129434][ T5878] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.130617][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.144172][ T5872] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.152204][ T5880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 90.176285][ T5882] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.184253][ T5882] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.196960][ T5882] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.204626][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.206938][ T5882] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.223222][ T5882] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.233532][ T5882] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.957525][ T5875] chnl_net:caif_netlink_parms(): no params data found [ 91.013113][ T5868] chnl_net:caif_netlink_parms(): no params data found [ 91.208663][ T5867] chnl_net:caif_netlink_parms(): no params data found [ 91.359984][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.369992][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.377528][ T5875] bridge_slave_0: entered allmulticast mode [ 91.385590][ T5875] bridge_slave_0: entered promiscuous mode [ 91.419017][ T5873] chnl_net:caif_netlink_parms(): no params data found [ 91.430729][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.438771][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.446047][ T5875] bridge_slave_1: entered allmulticast mode [ 91.453969][ T5875] bridge_slave_1: entered promiscuous mode [ 91.559346][ T5875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.568758][ T5859] chnl_net:caif_netlink_parms(): no params data found [ 91.581584][ T5868] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.588705][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.596123][ T5868] bridge_slave_0: entered allmulticast mode [ 91.603558][ T5868] bridge_slave_0: entered promiscuous mode [ 91.656286][ T5858] chnl_net:caif_netlink_parms(): no params data found [ 91.673051][ T5875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.688549][ T5868] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.696228][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.703471][ T5868] bridge_slave_1: entered allmulticast mode [ 91.710878][ T5868] bridge_slave_1: entered promiscuous mode [ 91.717837][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.725374][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.732854][ T5867] bridge_slave_0: entered allmulticast mode [ 91.740209][ T5867] bridge_slave_0: entered promiscuous mode [ 91.803478][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.810590][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.818292][ T5867] bridge_slave_1: entered allmulticast mode [ 91.825718][ T5867] bridge_slave_1: entered promiscuous mode [ 91.933476][ T5875] team0: Port device team_slave_0 added [ 91.957191][ T5868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.013100][ T5875] team0: Port device team_slave_1 added [ 92.035996][ T5868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.063648][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.073005][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.080128][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.091931][ T5873] bridge_slave_0: entered allmulticast mode [ 92.099409][ T5873] bridge_slave_0: entered promiscuous mode [ 92.172175][ T5882] Bluetooth: hci2: command tx timeout [ 92.182997][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.192360][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.199494][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.206809][ T5873] bridge_slave_1: entered allmulticast mode [ 92.215144][ T5873] bridge_slave_1: entered promiscuous mode [ 92.237430][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.244450][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.270451][ T51] Bluetooth: hci0: command tx timeout [ 92.271948][ T5882] Bluetooth: hci5: command tx timeout [ 92.275874][ T5875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.323886][ T5868] team0: Port device team_slave_0 added [ 92.329902][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.337115][ T51] Bluetooth: hci3: command tx timeout [ 92.337128][ T5877] Bluetooth: hci4: command tx timeout [ 92.337444][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.355131][ T5882] Bluetooth: hci1: command tx timeout [ 92.355634][ T5859] bridge_slave_0: entered allmulticast mode [ 92.368436][ T5859] bridge_slave_0: entered promiscuous mode [ 92.424450][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.431382][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.457798][ T5875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.486780][ T5868] team0: Port device team_slave_1 added [ 92.509174][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.516907][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.524824][ T5859] bridge_slave_1: entered allmulticast mode [ 92.532528][ T5859] bridge_slave_1: entered promiscuous mode [ 92.555766][ T5867] team0: Port device team_slave_0 added [ 92.564741][ T5867] team0: Port device team_slave_1 added [ 92.574108][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.586825][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.604536][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.611960][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.619097][ T5858] bridge_slave_0: entered allmulticast mode [ 92.626899][ T5858] bridge_slave_0: entered promiscuous mode [ 92.668561][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.743308][ T5873] team0: Port device team_slave_0 added [ 92.749334][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.757232][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.764979][ T5858] bridge_slave_1: entered allmulticast mode [ 92.772917][ T5858] bridge_slave_1: entered promiscuous mode [ 92.780299][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.787472][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.813656][ T5868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.826548][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.833618][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.859586][ T5868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.873891][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.883831][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.890759][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.916705][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.930522][ T5873] team0: Port device team_slave_1 added [ 93.012291][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.019261][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.048582][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.094290][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.125199][ T5875] hsr_slave_0: entered promiscuous mode [ 93.132004][ T5875] hsr_slave_1: entered promiscuous mode [ 93.161390][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.168702][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.199869][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.219162][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.229964][ T5859] team0: Port device team_slave_0 added [ 93.255060][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.262159][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.288645][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.316734][ T5859] team0: Port device team_slave_1 added [ 93.429016][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.436334][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.462312][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.529199][ T5867] hsr_slave_0: entered promiscuous mode [ 93.539154][ T5867] hsr_slave_1: entered promiscuous mode [ 93.545838][ T5867] debugfs: 'hsr0' already exists in 'hsr' [ 93.552966][ T5867] Cannot create hsr debugfs directory [ 93.565592][ T5868] hsr_slave_0: entered promiscuous mode [ 93.572456][ T5868] hsr_slave_1: entered promiscuous mode [ 93.578850][ T5868] debugfs: 'hsr0' already exists in 'hsr' [ 93.584781][ T5868] Cannot create hsr debugfs directory [ 93.622711][ T5858] team0: Port device team_slave_0 added [ 93.629399][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.636912][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.665545][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.749443][ T5858] team0: Port device team_slave_1 added [ 93.846582][ T5873] hsr_slave_0: entered promiscuous mode [ 93.853377][ T5873] hsr_slave_1: entered promiscuous mode [ 93.859766][ T5873] debugfs: 'hsr0' already exists in 'hsr' [ 93.866554][ T5873] Cannot create hsr debugfs directory [ 93.927518][ T5859] hsr_slave_0: entered promiscuous mode [ 93.934710][ T5859] hsr_slave_1: entered promiscuous mode [ 93.941013][ T5859] debugfs: 'hsr0' already exists in 'hsr' [ 93.946998][ T5859] Cannot create hsr debugfs directory [ 93.989797][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.997819][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.024873][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.098279][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.106332][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.132357][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.251781][ T5882] Bluetooth: hci2: command tx timeout [ 94.341800][ T5882] Bluetooth: hci5: command tx timeout [ 94.347210][ T5882] Bluetooth: hci0: command tx timeout [ 94.411719][ T51] Bluetooth: hci3: command tx timeout [ 94.412151][ T5877] Bluetooth: hci4: command tx timeout [ 94.417196][ T5882] Bluetooth: hci1: command tx timeout [ 94.440552][ T5858] hsr_slave_0: entered promiscuous mode [ 94.452765][ T5858] hsr_slave_1: entered promiscuous mode [ 94.459078][ T5858] debugfs: 'hsr0' already exists in 'hsr' [ 94.464861][ T5858] Cannot create hsr debugfs directory [ 94.766906][ T5868] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.791002][ T5868] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.829474][ T5868] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.855893][ T5868] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.957953][ T5875] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 94.994112][ T5875] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 95.026821][ T5875] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 95.037879][ T5875] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 95.073583][ T5867] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.091219][ T5867] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.109573][ T5867] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.127733][ T5867] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.256040][ T5873] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.266344][ T5873] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.303559][ T5873] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.322585][ T5873] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.437841][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.485950][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.499981][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.534619][ T5868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.546144][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.610893][ T5868] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.630332][ T5858] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 95.659148][ T5858] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 95.670247][ T5858] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 95.686161][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.693423][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.712013][ T5858] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 95.768365][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.775553][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.814850][ T5875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.831491][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.897124][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.929647][ T5875] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.980769][ T5867] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.009927][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.017081][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.029027][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.036140][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.048322][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.055454][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.093240][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.100506][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.121306][ T5873] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.161073][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.168234][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.205016][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.212171][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.310363][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.331871][ T5882] Bluetooth: hci2: command tx timeout [ 96.409672][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.417023][ T5882] Bluetooth: hci0: command tx timeout [ 96.417041][ T5877] Bluetooth: hci5: command tx timeout [ 96.459766][ T5859] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.491967][ T5877] Bluetooth: hci1: command tx timeout [ 96.497385][ T5877] Bluetooth: hci4: command tx timeout [ 96.497728][ T5882] Bluetooth: hci3: command tx timeout [ 96.534477][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.541650][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.581114][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.588697][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.714998][ T5858] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.746813][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.753990][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.808591][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.815773][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.876417][ T5868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.123110][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.170444][ T5868] veth0_vlan: entered promiscuous mode [ 97.259928][ T5868] veth1_vlan: entered promiscuous mode [ 97.297978][ T5875] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.384035][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.487353][ T5867] veth0_vlan: entered promiscuous mode [ 97.605866][ T5873] veth0_vlan: entered promiscuous mode [ 97.637952][ T5868] veth0_macvtap: entered promiscuous mode [ 97.648026][ T5867] veth1_vlan: entered promiscuous mode [ 97.676900][ T5868] veth1_macvtap: entered promiscuous mode [ 97.702301][ T5873] veth1_vlan: entered promiscuous mode [ 97.736125][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.779605][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.825039][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.869110][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.886073][ T5873] veth0_macvtap: entered promiscuous mode [ 97.922506][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.949350][ T5873] veth1_macvtap: entered promiscuous mode [ 97.960615][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.975743][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.029187][ T5859] veth0_vlan: entered promiscuous mode [ 98.046820][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.079363][ T5867] veth0_macvtap: entered promiscuous mode [ 98.120589][ T5859] veth1_vlan: entered promiscuous mode [ 98.139516][ T5867] veth1_macvtap: entered promiscuous mode [ 98.187233][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.218814][ T5875] veth0_vlan: entered promiscuous mode [ 98.264403][ T5875] veth1_vlan: entered promiscuous mode [ 98.275892][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.303646][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.317499][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.352258][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.361000][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.375996][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.422120][ T5882] Bluetooth: hci2: command tx timeout [ 98.433016][ T3496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.444269][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.444462][ T3496] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.491886][ T5882] Bluetooth: hci5: command tx timeout [ 98.492025][ T5877] Bluetooth: hci0: command tx timeout [ 98.514447][ T5875] veth0_macvtap: entered promiscuous mode [ 98.540841][ T1147] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.551404][ T1147] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.572878][ T5877] Bluetooth: hci3: command tx timeout [ 98.578283][ T5877] Bluetooth: hci1: command tx timeout [ 98.581918][ T5882] Bluetooth: hci4: command tx timeout [ 98.595982][ T5859] veth0_macvtap: entered promiscuous mode [ 98.616378][ T1147] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.625911][ T48] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.641965][ T5875] veth1_macvtap: entered promiscuous mode [ 98.651359][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.659657][ T5858] veth0_vlan: entered promiscuous mode [ 98.668445][ T975] cfg80211: failed to load regulatory.db [ 98.673907][ T5859] veth1_macvtap: entered promiscuous mode [ 98.677069][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.735141][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.745204][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.776344][ T5858] veth1_vlan: entered promiscuous mode [ 98.807109][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.836741][ T5868] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 98.862971][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.894223][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.927715][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.957448][ T3496] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.974534][ T3496] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.999399][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.020799][ T3496] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.029571][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.047314][ T3496] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.061298][ T5858] veth0_macvtap: entered promiscuous mode [ 99.075337][ T5858] veth1_macvtap: entered promiscuous mode [ 99.094120][ T1163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.106673][ T3496] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.123711][ T3496] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.134580][ T1163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.195867][ T3496] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.240325][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.275902][ T3496] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.316986][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.347066][ T3496] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.360516][ T6015] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4'. [ 99.413843][ T3496] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.441750][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.472763][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.537842][ T3496] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.547741][ T3496] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.697280][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.729124][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.822238][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.858937][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.911429][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.945769][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.143049][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.185728][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.285660][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.314889][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.382386][ T6032] Zero length message leads to an empty skb [ 100.430877][ T6032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11'. [ 100.488093][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.508733][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.530590][ T6032] ip6tnl0: entered promiscuous mode [ 100.536904][ T6032] ip6tnl0: entered allmulticast mode [ 101.151411][ T6049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13'. [ 101.766639][ T6049] syz.1.13 (6049) used greatest stack depth: 17864 bytes left [ 101.983281][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16'. [ 102.060125][ T6068] loop4: detected capacity change from 0 to 512 [ 102.141262][ T6068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 102.223384][ T6068] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.673159][ T6085] netlink: 36 bytes leftover after parsing attributes in process `syz.3.23'. [ 103.047966][ T6095] netlink: 'syz.3.27': attribute type 1 has an invalid length. [ 103.355896][ T6100] veth3: entered promiscuous mode [ 103.492542][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 103.506439][ T6091] netlink: 36 bytes leftover after parsing attributes in process `syz.0.24'. [ 103.535055][ T6104] erspan0: entered allmulticast mode [ 104.251065][ T6126] loop2: detected capacity change from 0 to 256 [ 104.288336][ T6126] vfat: Unknown parameter 'le0' [ 105.386170][ T6148] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 106.723400][ T6165] loop4: detected capacity change from 0 to 512 [ 106.819424][ T6165] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 106.865282][ T6165] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.294126][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 110.632035][ T6005] IPVS: starting estimator thread 0... [ 110.732621][ T6216] IPVS: using max 23 ests per chain, 55200 per kthread [ 110.965522][ T6225] fuse: Unknown parameter '0x0000000000000004' [ 111.543301][ T6238] netlink: 24 bytes leftover after parsing attributes in process `syz.2.69'. [ 111.571796][ T6237] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.657650][ T6237] netlink: 'syz.3.67': attribute type 12 has an invalid length. [ 111.676049][ T6237] netlink: 'syz.3.67': attribute type 29 has an invalid length. [ 111.699826][ T6237] netlink: 148 bytes leftover after parsing attributes in process `syz.3.67'. [ 111.988335][ T6249] netlink: 8 bytes leftover after parsing attributes in process `syz.5.72'. [ 112.447555][ T6263] fuse: Unknown parameter '0x0000000000000004' [ 112.514405][ T6266] syz.0.81 uses obsolete (PF_INET,SOCK_PACKET) [ 112.629343][ T6268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.82'. [ 112.712730][ T6274] netlink: 'syz.1.85': attribute type 12 has an invalid length. [ 112.721422][ T6274] netlink: 'syz.1.85': attribute type 29 has an invalid length. [ 112.761940][ T6274] netlink: 148 bytes leftover after parsing attributes in process `syz.1.85'. [ 112.866723][ T6278] netlink: 20 bytes leftover after parsing attributes in process `syz.0.86'. [ 113.176409][ T6292] wireguard0: entered allmulticast mode [ 114.362834][ T6316] netlink: 'syz.1.103': attribute type 12 has an invalid length. [ 114.387718][ T6316] netlink: 'syz.1.103': attribute type 29 has an invalid length. [ 114.408017][ T6316] netlink: 148 bytes leftover after parsing attributes in process `syz.1.103'. [ 114.512990][ T6319] netlink: 36 bytes leftover after parsing attributes in process `syz.5.102'. [ 114.540923][ T6319] netlink: 16 bytes leftover after parsing attributes in process `syz.5.102'. [ 114.567457][ T6319] netlink: 36 bytes leftover after parsing attributes in process `syz.5.102'. [ 114.728805][ T6335] warning: `syz.1.107' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 115.096981][ T6349] bond0: option use_carrier: invalid value (255) [ 115.405878][ T6358] loop4: detected capacity change from 0 to 256 [ 116.163878][ T6372] netlink: 'syz.3.121': attribute type 1 has an invalid length. [ 116.314831][ T6358] FAT-fs (loop4): Directory bread(block 64) failed [ 116.332024][ T6358] FAT-fs (loop4): Directory bread(block 65) failed [ 116.358887][ T6358] FAT-fs (loop4): Directory bread(block 66) failed [ 116.411425][ T6358] FAT-fs (loop4): Directory bread(block 67) failed [ 116.427011][ T6378] Driver unsupported XDP return value 0 on prog (id 31) dev N/A, expect packet loss! [ 116.443232][ T6358] FAT-fs (loop4): Directory bread(block 68) failed [ 116.449868][ T6358] FAT-fs (loop4): Directory bread(block 69) failed [ 116.505763][ T6358] FAT-fs (loop4): Directory bread(block 70) failed [ 116.523981][ T6358] FAT-fs (loop4): Directory bread(block 71) failed [ 116.551722][ T6358] FAT-fs (loop4): Directory bread(block 72) failed [ 116.563991][ T6358] FAT-fs (loop4): Directory bread(block 73) failed [ 116.826048][ T6386] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 117.143370][ T6396] loop1: detected capacity change from 0 to 1024 [ 117.163458][ T6396] ======================================================= [ 117.163458][ T6396] WARNING: The mand mount option has been deprecated and [ 117.163458][ T6396] and is ignored by this kernel. Remove the mand [ 117.163458][ T6396] option from the mount to silence this warning. [ 117.163458][ T6396] ======================================================= [ 117.269571][ T6396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.904986][ T6422] loop5: detected capacity change from 0 to 256 [ 118.320453][ T6422] FAT-fs (loop5): Directory bread(block 64) failed [ 118.351856][ T6422] FAT-fs (loop5): Directory bread(block 65) failed [ 118.358545][ T6422] FAT-fs (loop5): Directory bread(block 66) failed [ 118.491356][ T6422] FAT-fs (loop5): Directory bread(block 67) failed [ 118.508473][ T6422] FAT-fs (loop5): Directory bread(block 68) failed [ 118.515854][ T6422] FAT-fs (loop5): Directory bread(block 69) failed [ 118.530242][ T6422] FAT-fs (loop5): Directory bread(block 70) failed [ 118.621648][ T6422] FAT-fs (loop5): Directory bread(block 71) failed [ 118.645780][ T6422] FAT-fs (loop5): Directory bread(block 72) failed [ 118.687636][ T6422] FAT-fs (loop5): Directory bread(block 73) failed [ 118.836252][ T6441] __nla_validate_parse: 3 callbacks suppressed [ 118.836283][ T6441] netlink: 4 bytes leftover after parsing attributes in process `syz.4.145'. [ 118.946108][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.954492][ T6434] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.448542][ T6452] loop0: detected capacity change from 0 to 256 [ 119.457988][ T6452] vfat: Unknown parameter 'le0' [ 119.809207][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.943288][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.234771][ T6465] netlink: 'syz.2.153': attribute type 1 has an invalid length. [ 120.271967][ T6465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.153'. [ 120.475664][ T6475] netlink: 28 bytes leftover after parsing attributes in process `syz.0.154'. [ 120.497518][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.603215][ T6441] hsr_slave_0: left promiscuous mode [ 120.619135][ T6441] hsr_slave_1: left promiscuous mode [ 120.693020][ T3496] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.702764][ T3496] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.719567][ T6435] loop3: detected capacity change from 0 to 40427 [ 120.741331][ T6478] netlink: 'syz.1.155': attribute type 1 has an invalid length. [ 120.778099][ T3496] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.778585][ T6478] netlink: 'syz.1.155': attribute type 1 has an invalid length. [ 120.795535][ T3496] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.832828][ T6435] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 120.845627][ T6435] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 120.896977][ T6435] F2FS-fs (loop3): invalid crc value [ 121.163081][ T6435] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 121.417704][ T6502] loop0: detected capacity change from 0 to 256 [ 121.475232][ T6502] FAT-fs (loop0): Directory bread(block 64) failed [ 121.571260][ T6502] FAT-fs (loop0): Directory bread(block 65) failed [ 121.586957][ T6502] FAT-fs (loop0): Directory bread(block 66) failed [ 121.593874][ T6502] FAT-fs (loop0): Directory bread(block 67) failed [ 121.602898][ T6502] FAT-fs (loop0): Directory bread(block 68) failed [ 121.614145][ T6502] FAT-fs (loop0): Directory bread(block 69) failed [ 121.629663][ T6502] FAT-fs (loop0): Directory bread(block 70) failed [ 121.634677][ T6507] netlink: 'syz.1.164': attribute type 12 has an invalid length. [ 121.645425][ T6507] netlink: 'syz.1.164': attribute type 29 has an invalid length. [ 121.647787][ T6502] FAT-fs (loop0): Directory bread(block 71) failed [ 121.659870][ T6502] FAT-fs (loop0): Directory bread(block 72) failed [ 121.666475][ T6502] FAT-fs (loop0): Directory bread(block 73) failed [ 121.684972][ T6507] netlink: 148 bytes leftover after parsing attributes in process `syz.1.164'. [ 122.020427][ T6511] netlink: 52 bytes leftover after parsing attributes in process `syz.1.167'. [ 122.035547][ T6511] netlink: 52 bytes leftover after parsing attributes in process `syz.1.167'. [ 122.044511][ T6511] netlink: 52 bytes leftover after parsing attributes in process `syz.1.167'. [ 122.110061][ T6516] loop0: detected capacity change from 0 to 256 [ 123.045817][ T6523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.170'. [ 123.818829][ T6543] loop4: detected capacity change from 0 to 256 [ 123.898458][ T6543] FAT-fs (loop4): Directory bread(block 64) failed [ 123.900905][ T6546] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 123.935301][ T6543] FAT-fs (loop4): Directory bread(block 65) failed [ 123.977401][ T6543] FAT-fs (loop4): Directory bread(block 66) failed [ 124.033605][ T6543] FAT-fs (loop4): Directory bread(block 67) failed [ 124.072284][ T6543] FAT-fs (loop4): Directory bread(block 68) failed [ 124.079911][ T6543] FAT-fs (loop4): Directory bread(block 69) failed [ 124.097571][ T6543] FAT-fs (loop4): Directory bread(block 70) failed [ 124.157155][ T6543] FAT-fs (loop4): Directory bread(block 71) failed [ 124.169363][ T6543] FAT-fs (loop4): Directory bread(block 72) failed [ 124.176211][ T6543] FAT-fs (loop4): Directory bread(block 73) failed [ 124.206995][ T6557] netlink: 68 bytes leftover after parsing attributes in process `syz.1.180'. [ 124.417887][ T6563] loop2: detected capacity change from 0 to 1024 [ 124.472668][ T6563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.618257][ T6568] loop1: detected capacity change from 0 to 256 [ 125.662421][ T6568] vfat: Unknown parameter 'le0' [ 125.674929][ T5867] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.775728][ T6590] netlink: 8 bytes leftover after parsing attributes in process `syz.5.190'. [ 125.846371][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.2.189'. [ 125.928275][ T6599] sctp: [Deprecated]: syz.2.189 (pid 6599) Use of int in max_burst socket option deprecated. [ 125.928275][ T6599] Use struct sctp_assoc_value instead [ 127.410069][ T6629] loop3: detected capacity change from 0 to 1024 [ 127.497764][ T6629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.632763][ T6638] loop5: detected capacity change from 0 to 256 [ 129.630606][ T5873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.079285][ T6664] loop1: detected capacity change from 0 to 512 [ 130.174217][ T6664] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 130.191888][ T6664] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.693753][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 131.036143][ T6683] erspan0: entered promiscuous mode [ 131.118910][ T6683] Bluetooth: MGMT ver 1.23 [ 132.002599][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.4.217'. [ 132.045835][ T6699] loop2: detected capacity change from 0 to 256 [ 132.350754][ T6705] loop0: detected capacity change from 0 to 1024 [ 132.936725][ T6705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.212275][ T6742] raw_sendmsg: syz.1.229 forgot to set AF_INET. Fix it! [ 134.712967][ T6752] tipc: Started in network mode [ 134.761667][ T6752] tipc: Node identity 6a0a406c0184, cluster identity 4711 [ 134.819403][ T6752] tipc: Enabled bearer , priority 0 [ 134.896119][ T6754] syzkaller0: entered promiscuous mode [ 134.911458][ T6750] loop2: detected capacity change from 0 to 40427 [ 134.920643][ T6754] syzkaller0: entered allmulticast mode [ 134.927612][ T6750] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 134.934009][ T6750] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 134.949027][ T6750] F2FS-fs (loop2): invalid crc value [ 135.045537][ T6752] tipc: Resetting bearer [ 135.058412][ T6750] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 135.160155][ T6750] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 135.167576][ T6750] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 135.218282][ T6764] netlink: 24 bytes leftover after parsing attributes in process `syz.5.233'. [ 135.324882][ T6752] tipc: Resetting bearer [ 135.366770][ T6752] tipc: Disabling bearer [ 135.907894][ T6785] netlink: 36 bytes leftover after parsing attributes in process `syz.1.240'. [ 136.320281][ T6800] bond0: entered promiscuous mode [ 136.357763][ T6800] bond_slave_0: entered promiscuous mode [ 136.397161][ T6800] bond_slave_1: entered promiscuous mode [ 136.425754][ T6800] bond0: entered allmulticast mode [ 136.446139][ T6800] bond_slave_0: entered allmulticast mode [ 136.477781][ T6800] bond_slave_1: entered allmulticast mode [ 136.506484][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.547594][ T6805] netlink: 'syz.3.247': attribute type 6 has an invalid length. [ 137.118002][ T5867] syz-executor: attempt to access beyond end of device [ 137.118002][ T5867] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 137.252127][ T5867] CPU: 1 UID: 0 PID: 5867 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 137.252161][ T5867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 137.252176][ T5867] Call Trace: [ 137.252195][ T5867] [ 137.252205][ T5867] dump_stack_lvl+0x189/0x250 [ 137.252245][ T5867] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.252278][ T5867] ? __pfx_queue_work_on+0x10/0x10 [ 137.252302][ T5867] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 137.252342][ T5867] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 137.252392][ T5867] f2fs_handle_critical_error+0x37c/0x540 [ 137.252437][ T5867] f2fs_write_end_io+0x886/0xb60 [ 137.252483][ T5867] __submit_merged_bio+0x27a/0x6a0 [ 137.252526][ T5867] __submit_merged_write_cond+0x255/0x530 [ 137.252568][ T5867] f2fs_write_data_pages+0x261d/0x3000 [ 137.252648][ T5867] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 137.252684][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.252770][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.252830][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.252857][ T5867] ? __lock_acquire+0xab9/0xd20 [ 137.252904][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.252930][ T5867] ? do_raw_spin_lock+0x121/0x290 [ 137.252967][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.252999][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253026][ T5867] ? do_raw_spin_unlock+0x122/0x240 [ 137.253057][ T5867] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 137.253097][ T5867] do_writepages+0x32e/0x550 [ 137.253137][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253169][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253196][ T5867] ? do_raw_spin_unlock+0x122/0x240 [ 137.253232][ T5867] filemap_fdatawrite+0x199/0x240 [ 137.253267][ T5867] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 137.253351][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253384][ T5867] ? do_raw_spin_unlock+0x122/0x240 [ 137.253420][ T5867] f2fs_sync_dirty_inodes+0x31f/0x830 [ 137.253465][ T5867] f2fs_write_checkpoint+0x95a/0x1df0 [ 137.253520][ T5867] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 137.253602][ T5867] ? kill_f2fs_super+0x298/0x6c0 [ 137.253634][ T5867] kill_f2fs_super+0x2c3/0x6c0 [ 137.253666][ T5867] ? __pfx_kill_f2fs_super+0x10/0x10 [ 137.253688][ T5867] ? radix_tree_delete_item+0x2b6/0x400 [ 137.253731][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253758][ T5867] ? shrinker_free+0x2ce/0x3e0 [ 137.253793][ T5867] deactivate_locked_super+0xbc/0x130 [ 137.253825][ T5867] cleanup_mnt+0x425/0x4c0 [ 137.253850][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.253877][ T5867] ? lockdep_hardirqs_on+0x9c/0x150 [ 137.253914][ T5867] task_work_run+0x1d4/0x260 [ 137.253952][ T5867] ? __pfx_task_work_run+0x10/0x10 [ 137.253982][ T5867] ? __x64_sys_umount+0x122/0x160 [ 137.254021][ T5867] ? exit_to_user_mode_loop+0x40/0x110 [ 137.254061][ T5867] exit_to_user_mode_loop+0xec/0x110 [ 137.254097][ T5867] do_syscall_64+0x2bd/0x3b0 [ 137.254133][ T5867] ? lockdep_hardirqs_on+0x9c/0x150 [ 137.254167][ T5867] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.254190][ T5867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 137.254217][ T5867] ? exc_page_fault+0x9f/0xf0 [ 137.254254][ T5867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.254277][ T5867] RIP: 0033:0x7f715bd8ff17 [ 137.254298][ T5867] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 137.254317][ T5867] RSP: 002b:00007fff676632d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 137.254342][ T5867] RAX: 0000000000000000 RBX: 00007f715be11c05 RCX: 00007f715bd8ff17 [ 137.254359][ T5867] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff67663390 [ 137.254374][ T5867] RBP: 00007fff67663390 R08: 0000000000000000 R09: 0000000000000000 [ 137.254389][ T5867] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff67664420 [ 137.254406][ T5867] R13: 00007f715be11c05 R14: 0000000000021067 R15: 00007fff67664460 [ 137.254444][ T5867] [ 137.254453][ T5867] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 137.859271][ T6851] loop4: detected capacity change from 0 to 1024 [ 137.981635][ T5947] IPVS: starting estimator thread 0... [ 138.001329][ T6851] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.091783][ T6860] IPVS: using max 26 ests per chain, 62400 per kthread [ 138.460567][ T6872] IPVS: ip_vs_edit_dest(): server weight less than zero [ 139.617713][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.624582][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.994972][ T6922] overlay: ./file0 is not a directory [ 140.123264][ T6927] netlink: 24 bytes leftover after parsing attributes in process `syz.3.281'. [ 141.464649][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.770803][ T6965] netlink: 'syz.4.291': attribute type 5 has an invalid length. [ 142.034499][ T5947] IPVS: starting estimator thread 0... [ 142.041382][ T6979] bond0: entered promiscuous mode [ 142.107434][ T6979] bond_slave_0: entered promiscuous mode [ 142.122147][ T6981] IPVS: using max 23 ests per chain, 55200 per kthread [ 142.158928][ T6979] bond_slave_1: entered promiscuous mode [ 142.179515][ T6979] bond0: entered allmulticast mode [ 142.199309][ T6979] bond_slave_0: entered allmulticast mode [ 142.211673][ T6979] bond_slave_1: entered allmulticast mode [ 142.567995][ T6989] overlay: ./file0 is not a directory [ 144.666136][ T7038] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 144.838110][ T7045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.320'. [ 146.467997][ T7071] loop3: detected capacity change from 0 to 40427 [ 146.477890][ T7071] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 146.526347][ T7071] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 146.624246][ T7071] F2FS-fs (loop3): invalid crc value [ 147.149636][ T7071] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 147.174183][ T7071] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 147.185167][ T7071] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 147.641274][ T5873] syz-executor: attempt to access beyond end of device [ 147.641274][ T5873] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 147.661104][ T5873] CPU: 1 UID: 0 PID: 5873 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 147.661136][ T5873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 147.661150][ T5873] Call Trace: [ 147.661161][ T5873] [ 147.661171][ T5873] dump_stack_lvl+0x189/0x250 [ 147.661211][ T5873] ? __pfx_dump_stack_lvl+0x10/0x10 [ 147.661241][ T5873] ? __pfx_queue_work_on+0x10/0x10 [ 147.661264][ T5873] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 147.661298][ T5873] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 147.661349][ T5873] f2fs_handle_critical_error+0x37c/0x540 [ 147.661395][ T5873] f2fs_write_end_io+0x886/0xb60 [ 147.661447][ T5873] __submit_merged_bio+0x27a/0x6a0 [ 147.661496][ T5873] __submit_merged_write_cond+0x255/0x530 [ 147.661558][ T5873] f2fs_write_data_pages+0x261d/0x3000 [ 147.661596][ T5873] ? ktime_get+0x3e/0x1f0 [ 147.661670][ T5873] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 147.661706][ T5873] ? __switch_to+0xdae/0x1670 [ 147.661803][ T5873] ? rcu_is_watching+0x15/0xb0 [ 147.661828][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.661855][ T5873] ? trace_sched_exit_tp+0x36/0x110 [ 147.661886][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.661912][ T5873] ? __schedule+0x17ae/0x4cc0 [ 147.661951][ T5873] ? folios_put_refs+0x559/0x640 [ 147.661994][ T5873] ? __pfx_folios_put_refs+0x10/0x10 [ 147.662034][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662060][ T5873] ? __lock_acquire+0xab9/0xd20 [ 147.662121][ T5873] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 147.662161][ T5873] do_writepages+0x32e/0x550 [ 147.662202][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662234][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662261][ T5873] ? do_raw_spin_unlock+0x122/0x240 [ 147.662298][ T5873] filemap_fdatawrite+0x199/0x240 [ 147.662333][ T5873] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 147.662430][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662464][ T5873] ? do_raw_spin_unlock+0x122/0x240 [ 147.662501][ T5873] f2fs_sync_dirty_inodes+0x31f/0x830 [ 147.662554][ T5873] f2fs_write_checkpoint+0x95a/0x1df0 [ 147.662614][ T5873] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 147.662709][ T5873] ? kill_f2fs_super+0x298/0x6c0 [ 147.662742][ T5873] kill_f2fs_super+0x2c3/0x6c0 [ 147.662776][ T5873] ? __pfx_kill_f2fs_super+0x10/0x10 [ 147.662798][ T5873] ? radix_tree_delete_item+0x2b6/0x400 [ 147.662842][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662868][ T5873] ? shrinker_free+0x2ce/0x3e0 [ 147.662899][ T5873] deactivate_locked_super+0xbc/0x130 [ 147.662932][ T5873] cleanup_mnt+0x425/0x4c0 [ 147.662958][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.662984][ T5873] ? lockdep_hardirqs_on+0x9c/0x150 [ 147.663023][ T5873] task_work_run+0x1d4/0x260 [ 147.663061][ T5873] ? __pfx_task_work_run+0x10/0x10 [ 147.663091][ T5873] ? __x64_sys_umount+0x122/0x160 [ 147.663132][ T5873] ? exit_to_user_mode_loop+0x40/0x110 [ 147.663174][ T5873] exit_to_user_mode_loop+0xec/0x110 [ 147.663210][ T5873] do_syscall_64+0x2bd/0x3b0 [ 147.663245][ T5873] ? lockdep_hardirqs_on+0x9c/0x150 [ 147.663279][ T5873] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.663301][ T5873] ? srso_alias_return_thunk+0x5/0xfbef5 [ 147.663327][ T5873] ? exc_page_fault+0x9f/0xf0 [ 147.663365][ T5873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.663388][ T5873] RIP: 0033:0x7fab77b8ff17 [ 147.663410][ T5873] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 147.663428][ T5873] RSP: 002b:00007ffc60ec4ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 147.663453][ T5873] RAX: 0000000000000000 RBX: 00007fab77c11c05 RCX: 00007fab77b8ff17 [ 147.663469][ T5873] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc60ec4d60 [ 147.663484][ T5873] RBP: 00007ffc60ec4d60 R08: 0000000000000000 R09: 0000000000000000 [ 147.663498][ T5873] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc60ec5df0 [ 147.663514][ T5873] R13: 00007fab77c11c05 R14: 0000000000023f6d R15: 00007ffc60ec5e30 [ 147.663560][ T5873] [ 148.059890][ T5873] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 149.393600][ T5961] IPVS: starting estimator thread 0... [ 149.502922][ T7145] IPVS: using max 23 ests per chain, 55200 per kthread [ 150.600521][ T7164] netlink: 'syz.2.362': attribute type 1 has an invalid length. [ 150.715693][ T7164] 8021q: adding VLAN 0 to HW filter on device bond1 [ 151.030146][ T7168] bond1: (slave ip6gretap1): making interface the new active one [ 151.039985][ T7168] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 151.196140][ T7180] veth3: entered promiscuous mode [ 151.203829][ T7181] erspan0: entered allmulticast mode [ 151.266292][ T7181] bond1: (slave erspan0): Enslaving as an active interface with an up link [ 151.455400][ T7199] netlink: 'syz.3.375': attribute type 6 has an invalid length. [ 152.479377][ T7208] netlink: 88 bytes leftover after parsing attributes in process `syz.5.377'. [ 152.526583][ T7209] netlink: 32 bytes leftover after parsing attributes in process `syz.0.378'. [ 152.541666][ T7208] netlink: 16 bytes leftover after parsing attributes in process `syz.5.377'. [ 152.625432][ T7190] loop1: detected capacity change from 0 to 40427 [ 152.657343][ T7208] bridge_slave_0: left allmulticast mode [ 152.675092][ T7190] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 152.696324][ T7190] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 152.717175][ T7208] bridge_slave_0: left promiscuous mode [ 152.761941][ T7208] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.773334][ T7190] F2FS-fs (loop1): invalid crc value [ 152.949039][ T7190] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 153.122937][ T7208] bridge_slave_1: left allmulticast mode [ 153.129536][ T7208] bridge_slave_1: left promiscuous mode [ 153.135953][ T7208] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.263982][ T7208] bond0: (slave bond_slave_0): Releasing backup interface [ 153.327064][ T7208] bond0: (slave bond_slave_1): Releasing backup interface [ 153.398479][ T7208] team0: Port device team_slave_0 removed [ 153.425662][ T7239] netlink: 'syz.2.387': attribute type 1 has an invalid length. [ 153.461050][ T7208] team0: Port device team_slave_1 removed [ 153.477139][ T7240] overlay: ./file0 is not a directory [ 153.498230][ T7208] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.516045][ T7208] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.528068][ T7208] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.540094][ T7208] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.709967][ T7239] 8021q: adding VLAN 0 to HW filter on device bond2 [ 153.852411][ T7245] veth5: entered promiscuous mode [ 153.937865][ T7254] loop5: detected capacity change from 0 to 1024 [ 154.003211][ T7247] bond1: (slave erspan0): Releasing active interface [ 154.031988][ T7247] ip6gretap1: entered promiscuous mode [ 154.049861][ T7254] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.089002][ T7247] bond2: (slave erspan0): making interface the new active one [ 154.138653][ T7247] bond2: (slave erspan0): Enslaving as an active interface with an up link [ 154.537311][ T30] audit: type=1326 audit(1756355088.587:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7250 comm="syz.4.391" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1125d8ebe9 code=0x0 [ 156.255640][ T7295] netlink: 32 bytes leftover after parsing attributes in process `syz.0.401'. [ 156.319071][ T7297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.401'. [ 156.427376][ T7299] bond0: left promiscuous mode [ 156.433661][ T7299] bond_slave_0: left promiscuous mode [ 156.463001][ T7299] bond_slave_1: left promiscuous mode [ 156.474897][ T7299] bond0: left allmulticast mode [ 156.491441][ T7299] bond_slave_0: left allmulticast mode [ 156.521696][ T7299] bond_slave_1: left allmulticast mode [ 156.945250][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.960076][ T7306] netlink: 100 bytes leftover after parsing attributes in process `syz.4.405'. [ 158.421414][ T30] audit: type=1326 audit(1756355092.307:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7312 comm="syz.5.407" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7de18ebe9 code=0x0 [ 158.676467][ T7327] overlay: ./file0 is not a directory [ 159.016983][ T7347] netlink: 100 bytes leftover after parsing attributes in process `syz.5.421'. [ 159.053150][ T7348] loop0: detected capacity change from 0 to 1024 [ 159.126815][ T7348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.256371][ T7355] macsec1: entered allmulticast mode [ 159.304856][ T7355] macvlan1: entered allmulticast mode [ 159.330727][ T7355] veth1_vlan: entered allmulticast mode [ 159.378775][ T7355] macvlan1: left allmulticast mode [ 159.384720][ T7355] veth1_vlan: left allmulticast mode [ 159.774133][ T7371] netlink: 24 bytes leftover after parsing attributes in process `syz.2.431'. [ 160.123714][ T30] audit: type=1326 audit(1756355094.177:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7366 comm="syz.5.430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7de18ebe9 code=0x0 [ 160.780371][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.973708][ T7384] netlink: 28 bytes leftover after parsing attributes in process `syz.2.437'. [ 161.009169][ T7384] netlink: 28 bytes leftover after parsing attributes in process `syz.2.437'. [ 161.059535][ T7384] batadv0: entered promiscuous mode [ 161.068789][ T7392] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 161.076967][ T7384] team0: entered promiscuous mode [ 161.106009][ T7384] team_slave_0: entered promiscuous mode [ 161.121946][ T7384] team_slave_1: entered promiscuous mode [ 161.143447][ T7397] netlink: 'syz.1.442': attribute type 6 has an invalid length. [ 161.143750][ T7384] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 161.241306][ T7395] wireguard0: entered allmulticast mode [ 161.322368][ T7397] netlink: 'syz.1.442': attribute type 12 has an invalid length. [ 161.351699][ T7397] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.442'. [ 161.508399][ T7414] loop4: detected capacity change from 0 to 1024 [ 161.738110][ T7414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.087062][ T7433] loop1: detected capacity change from 0 to 256 [ 162.095703][ T7433] vfat: Unknown parameter 'le0' [ 162.280406][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.458466][ T7442] (unnamed net_device) (uninitialized): option use_carrier: invalid value (255) [ 163.391086][ T7470] loop4: detected capacity change from 0 to 256 [ 163.418640][ T7470] vfat: Unknown parameter 'le0' [ 163.454087][ T7477] netlink: 'syz.2.473': attribute type 7 has an invalid length. [ 163.497582][ T7480] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 4, id = 0 [ 164.038352][ T7492] team0: No ports can be present during mode change [ 164.771216][ T7509] netlink: 592 bytes leftover after parsing attributes in process `syz.5.485'. [ 164.799105][ T7513] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 165.014852][ T7520] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8 [ 165.068411][ T7518] loop1: detected capacity change from 0 to 256 [ 165.104073][ T7518] vfat: Unknown parameter 'le0' [ 165.989594][ T7554] netlink: 592 bytes leftover after parsing attributes in process `syz.2.503'. [ 166.474062][ T7569] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 166.547204][ T7569] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 167.417420][ T7587] netlink: 100 bytes leftover after parsing attributes in process `syz.5.517'. [ 167.807830][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.520'. [ 168.102770][ T72] ip6gretap1: left promiscuous mode [ 168.208434][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.2.529'. [ 168.240069][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.2.529'. [ 168.312815][ T7614] gretap0: entered promiscuous mode [ 168.340188][ T7614] gretap0: left promiscuous mode [ 170.385209][ T7668] netlink: 28 bytes leftover after parsing attributes in process `syz.3.550'. [ 170.394271][ T7668] netlink: 28 bytes leftover after parsing attributes in process `syz.3.550'. [ 170.478935][ T7672] netlink: 'syz.1.552': attribute type 6 has an invalid length. [ 170.548418][ T7668] gretap0: entered promiscuous mode [ 170.572854][ T7668] gretap0: left promiscuous mode [ 170.732066][ T7672] netlink: 'syz.1.552': attribute type 12 has an invalid length. [ 170.807821][ T7672] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.552'. [ 170.871214][ T7689] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.928484][ T7689] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.338543][ T7710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.521195][ T7712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.565'. [ 172.051421][ T7723] netlink: 28 bytes leftover after parsing attributes in process `syz.5.572'. [ 172.101103][ T7723] netlink: 28 bytes leftover after parsing attributes in process `syz.5.572'. [ 172.206587][ T7723] gretap0: entered promiscuous mode [ 172.255872][ T7723] gretap0: left promiscuous mode [ 173.197880][ T7743] netlink: 48 bytes leftover after parsing attributes in process `syz.2.580'. [ 173.448095][ T7751] netlink: 28 bytes leftover after parsing attributes in process `syz.5.583'. [ 173.481821][ T7759] netlink: 36 bytes leftover after parsing attributes in process `syz.2.586'. [ 173.909752][ T7773] netlink: 144 bytes leftover after parsing attributes in process `syz.4.595'. [ 174.009428][ T7780] netlink: 'syz.1.596': attribute type 1 has an invalid length. [ 174.164068][ T7780] 8021q: adding VLAN 0 to HW filter on device bond1 [ 174.230345][ T7782] veth3: entered promiscuous mode [ 174.270923][ T7782] bond1: (slave veth3): Enslaving as an active interface with a down link [ 174.422106][ T7780] erspan0: entered allmulticast mode [ 174.462993][ T7780] bond1: (slave erspan0): making interface the new active one [ 174.501411][ T7780] erspan0: entered promiscuous mode [ 174.512335][ T7780] bond1: (slave erspan0): Enslaving as an active interface with an up link [ 174.651356][ T7802] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9 [ 174.875390][ T7811] netlink: 'syz.0.607': attribute type 6 has an invalid length. [ 175.008258][ T7811] netlink: 'syz.0.607': attribute type 12 has an invalid length. [ 175.466337][ T30] audit: type=1326 audit(1756355109.527:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.3.611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fab77b8ebe9 code=0x0 [ 176.060336][ T7844] __nla_validate_parse: 2 callbacks suppressed [ 176.060357][ T7844] netlink: 28 bytes leftover after parsing attributes in process `syz.0.618'. [ 176.111720][ T7844] netlink: 28 bytes leftover after parsing attributes in process `syz.0.618'. [ 177.437779][ T30] audit: type=1326 audit(1756355111.497:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7874 comm="syz.2.634" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f715bd8ebe9 code=0x0 [ 177.609929][ T7887] tipc: Started in network mode [ 177.641722][ T7887] tipc: Node identity 42e56539094b, cluster identity 4711 [ 177.649113][ T7887] tipc: Enabled bearer , priority 0 [ 177.674659][ T7893] syzkaller0: entered promiscuous mode [ 177.694827][ T7893] syzkaller0: entered allmulticast mode [ 178.667728][ T7885] tipc: Resetting bearer [ 178.740602][ T7885] tipc: Disabling bearer [ 180.197223][ T7942] netlink: 'syz.1.657': attribute type 6 has an invalid length. [ 180.345462][ T7942] netlink: 'syz.1.657': attribute type 12 has an invalid length. [ 180.362715][ T7942] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.657'. [ 181.578387][ T7981] netlink: 24 bytes leftover after parsing attributes in process `syz.1.673'. [ 183.261278][ T7997] syz_tun: entered allmulticast mode [ 183.359571][ T7997] dvmrp8: entered allmulticast mode [ 183.540052][ T8014] netlink: 4 bytes leftover after parsing attributes in process `syz.1.681'. [ 183.745992][ T8012] loop4: detected capacity change from 0 to 256 [ 183.812587][ T8012] vfat: Unknown parameter 'le0' [ 184.088781][ T8030] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input10 [ 184.548222][ T8033] netlink: 240 bytes leftover after parsing attributes in process `syz.2.691'. [ 184.934863][ T7995] syz_tun: left allmulticast mode [ 184.940123][ T7995] dvmrp8: left allmulticast mode [ 186.732942][ T8066] loop1: detected capacity change from 0 to 256 [ 186.742487][ T8067] veth5: entered promiscuous mode [ 186.760873][ T8066] vfat: Unknown parameter 'le0' [ 186.811342][ T8074] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 186.861953][ T8074] netlink: 28 bytes leftover after parsing attributes in process `syz.0.706'. [ 187.135002][ T8082] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input11 [ 187.593073][ T3450] erspan0: left promiscuous mode [ 187.886067][ T8105] netlink: 24 bytes leftover after parsing attributes in process `syz.1.717'. [ 187.971740][ T8109] bond0: left promiscuous mode [ 188.012181][ T8109] bond_slave_0: left promiscuous mode [ 188.017826][ T8109] bond_slave_1: left promiscuous mode [ 188.083386][ T8109] bond0: left allmulticast mode [ 188.088295][ T8109] bond_slave_0: left allmulticast mode [ 188.161583][ T8109] bond_slave_1: left allmulticast mode [ 188.167431][ T8118] netlink: 'syz.0.722': attribute type 1 has an invalid length. [ 188.306059][ T8118] veth3: entered promiscuous mode [ 188.332276][ T8121] erspan0: entered allmulticast mode [ 188.973104][ T8144] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input12 [ 189.155898][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.736'. [ 189.547625][ T8168] netlink: 'syz.3.741': attribute type 1 has an invalid length. [ 189.651245][ T8168] veth5: entered promiscuous mode [ 190.051075][ T8188] tipc: Started in network mode [ 190.088477][ T8188] tipc: Node identity 2a43904fa213, cluster identity 4711 [ 190.111890][ T8188] tipc: Enabled bearer , priority 0 [ 190.138086][ T8188] syzkaller0: entered promiscuous mode [ 190.167384][ T8188] syzkaller0: entered allmulticast mode [ 190.246581][ T8188] tipc: Resetting bearer [ 190.279689][ T8187] tipc: Resetting bearer [ 190.339612][ T8187] tipc: Disabling bearer [ 190.587350][ T8197] netlink: 'syz.3.752': attribute type 6 has an invalid length. [ 190.669207][ T8197] netlink: 'syz.3.752': attribute type 12 has an invalid length. [ 190.697597][ T8197] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.752'. [ 191.026230][ T8206] netlink: 28 bytes leftover after parsing attributes in process `syz.1.756'. [ 191.072165][ T8208] netlink: 'syz.3.757': attribute type 1 has an invalid length. [ 191.175205][ T8208] veth7: entered promiscuous mode [ 191.357935][ T8214] netlink: 28 bytes leftover after parsing attributes in process `syz.2.759'. [ 191.418267][ T8214] netlink: 28 bytes leftover after parsing attributes in process `syz.2.759'. [ 191.515608][ T8170] loop0: detected capacity change from 0 to 40427 [ 191.531731][ T8170] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 191.551635][ T8170] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 191.578599][ T8170] F2FS-fs (loop0): invalid crc value [ 191.584525][ T8170] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-4) [ 191.818805][ T8222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.762'. [ 192.446047][ T8222] veth1_macvtap: left promiscuous mode [ 193.010859][ T8242] netlink: 32 bytes leftover after parsing attributes in process `syz.1.772'. [ 193.061179][ T8242] netlink: 48 bytes leftover after parsing attributes in process `syz.1.772'. [ 193.100241][ T8242] netlink: 48 bytes leftover after parsing attributes in process `syz.1.772'. [ 194.111381][ T8281] bridge2: entered promiscuous mode [ 194.132833][ T8281] bridge2: entered allmulticast mode [ 194.861144][ T8309] netlink: 'syz.5.801': attribute type 6 has an invalid length. [ 194.934751][ T8309] netlink: 'syz.5.801': attribute type 12 has an invalid length. [ 194.942740][ T8309] netlink: 9472 bytes leftover after parsing attributes in process `syz.5.801'. [ 195.626584][ T8333] netlink: 28 bytes leftover after parsing attributes in process `syz.5.810'. [ 195.653051][ T8333] netlink: 28 bytes leftover after parsing attributes in process `syz.5.810'. [ 196.900084][ T8368] netlink: 12 bytes leftover after parsing attributes in process `syz.1.824'. [ 197.737268][ T8396] netlink: 'syz.5.838': attribute type 6 has an invalid length. [ 197.784788][ T8396] netlink: 'syz.5.838': attribute type 12 has an invalid length. [ 197.803855][ T8398] netlink: 28 bytes leftover after parsing attributes in process `syz.0.839'. [ 197.821669][ T8396] netlink: 9472 bytes leftover after parsing attributes in process `syz.5.838'. [ 199.279385][ T8434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.855'. [ 199.365898][ T5939] IPVS: starting estimator thread 0... [ 199.462175][ T8440] IPVS: using max 25 ests per chain, 60000 per kthread [ 199.871142][ T8455] netlink: 'syz.5.862': attribute type 1 has an invalid length. [ 200.000035][ T8455] 8021q: adding VLAN 0 to HW filter on device bond1 [ 200.081473][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.865'. [ 200.138659][ T8459] bond1: (slave ip6gretap1): making interface the new active one [ 200.179687][ T8459] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 200.288984][ T8464] veth5: entered promiscuous mode [ 200.304245][ T8464] bond1: (slave veth5): Enslaving as an active interface with a down link [ 200.343089][ T8455] erspan0: entered allmulticast mode [ 200.384731][ T8455] bond1: (slave erspan0): Enslaving as an active interface with an up link [ 200.837620][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.879'. [ 200.882293][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.879'. [ 201.032480][ T8507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.882'. [ 201.061317][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 201.069220][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.199763][ T8512] geneve2: entered promiscuous mode [ 201.509213][ T8522] netlink: 28 bytes leftover after parsing attributes in process `syz.3.886'. [ 201.875923][ T8536] netlink: 'syz.4.891': attribute type 6 has an invalid length. [ 201.983176][ T8544] netlink: 'syz.4.891': attribute type 12 has an invalid length. [ 202.009797][ T8544] netlink: 9472 bytes leftover after parsing attributes in process `syz.4.891'. [ 202.930718][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.5.900'. [ 204.188975][ T8607] netlink: 'syz.5.916': attribute type 4 has an invalid length. [ 204.219860][ T8607] netlink: 76 bytes leftover after parsing attributes in process `syz.5.916'. [ 204.734560][ T8615] netlink: 28 bytes leftover after parsing attributes in process `syz.5.917'. [ 205.196103][ T8624] loop4: detected capacity change from 0 to 1024 [ 205.279637][ T8624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.279347][ T30] audit: type=1326 audit(1756355140.307:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.5.924" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7de18ebe9 code=0x0 [ 206.534413][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.847589][ T8662] lo: entered allmulticast mode [ 206.901862][ T8662] dvmrp8: entered allmulticast mode [ 207.420157][ T8657] lo: left allmulticast mode [ 207.449663][ T8657] dvmrp8: left allmulticast mode [ 207.596144][ T30] audit: type=1326 audit(1756355141.657:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8679 comm="syz.4.941" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1125d8ebe9 code=0x0 [ 208.395968][ T8699] tipc: Started in network mode [ 208.408110][ T8699] tipc: Node identity fe523a362278, cluster identity 4711 [ 208.425972][ T8699] tipc: Enabled bearer , priority 0 [ 208.451746][ T8699] syzkaller0: entered promiscuous mode [ 208.482881][ T8699] syzkaller0: entered allmulticast mode [ 208.499096][ T8699] tipc: Resetting bearer [ 208.665228][ T8698] tipc: Resetting bearer [ 208.811385][ T8698] tipc: Disabling bearer [ 213.058176][ T8747] loop0: detected capacity change from 0 to 40427 [ 213.451867][ T5871] Bluetooth: hci5: command 0x0406 tx timeout [ 213.459493][ T5179] Bluetooth: hci1: command 0x0406 tx timeout [ 213.467538][ T5880] Bluetooth: hci3: command 0x0406 tx timeout [ 213.474724][ T5872] Bluetooth: hci2: command 0x0406 tx timeout [ 213.712341][ T8747] F2FS-fs (loop0): Unable to read 1th superblock [ 213.739448][ T8747] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 213.809034][ T8747] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 215.200920][ T8807] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13 [ 216.432509][ T8836] overlay: ./file0 is not a directory [ 216.450751][ T8835] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1007'. [ 217.440360][ T8846] netlink: 'syz.2.1010': attribute type 6 has an invalid length. [ 217.512882][ T8846] netlink: 'syz.2.1010': attribute type 12 has an invalid length. [ 217.520731][ T8846] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.1010'. [ 217.986145][ T8856] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input14 [ 218.760533][ T8867] tipc: Started in network mode [ 218.789524][ T8867] tipc: Node identity 6e71ed93868e, cluster identity 4711 [ 218.841342][ T8867] tipc: Enabled bearer , priority 0 [ 218.862928][ T8870] syzkaller0: entered promiscuous mode [ 218.868432][ T8870] syzkaller0: entered allmulticast mode [ 218.943109][ T8867] tipc: Resetting bearer [ 219.012352][ T8861] tipc: Resetting bearer [ 219.098908][ T8861] tipc: Disabling bearer [ 221.065914][ T8922] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1040'. [ 221.325255][ T30] audit: type=1326 audit(1756355155.397:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8925 comm="syz.1.1042" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9c698ebe9 code=0x0 [ 221.349631][ T8933] _Z`Ԁ@S!!: entered promiscuous mode [ 221.509659][ T8937] netlink: 'syz.2.1046': attribute type 12 has an invalid length. [ 221.551908][ T8937] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.1046'. [ 222.876784][ T8977] netlink: 'syz.2.1064': attribute type 12 has an invalid length. [ 222.914456][ T8977] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.1064'. [ 224.532267][ T8992] netlink: 'syz.4.1069': attribute type 22 has an invalid length. [ 224.787591][ T9008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1075'. [ 224.797380][ T9008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1075'. [ 225.094351][ T9014] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.1078'. [ 225.356975][ T9025] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1081'. [ 226.773549][ T9072] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1096'. [ 226.802422][ T9071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1098'. [ 228.160887][ T49] IPVS: starting estimator thread 0... [ 228.167552][ T9104] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 228.275858][ T9105] IPVS: using max 25 ests per chain, 60000 per kthread [ 229.198199][ T9096] syz_tun: entered allmulticast mode [ 229.239588][ T9097] dvmrp8: entered allmulticast mode [ 229.259399][ T9097] syz_tun: left allmulticast mode [ 229.278749][ T9097] dvmrp8: left allmulticast mode [ 229.563733][ T9113] loop1: detected capacity change from 0 to 1024 [ 229.585008][ T9116] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1113'. [ 229.701233][ T9113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.596861][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.072402][ T9149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1122'. [ 231.729635][ T9170] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1129'. [ 231.977825][ T9177] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1132'. [ 232.086406][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1133'. [ 232.812396][ T9205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1145'. [ 232.902734][ T9211] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1148'. [ 232.979412][ T9212] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 233.876377][ T9252] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1162'. [ 234.172836][ T9260] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1165'. [ 235.415840][ T9295] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1181'. [ 235.478876][ T9299] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 235.949448][ T9316] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1188'. [ 237.047672][ T9349] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1201'. [ 237.082359][ T9349] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1201'. [ 237.161168][ T9352] syz_tun: entered allmulticast mode [ 237.227365][ T9352] dvmrp8: entered allmulticast mode [ 237.505178][ T9350] syz_tun: left allmulticast mode [ 237.514203][ T9350] dvmrp8: left allmulticast mode [ 238.391195][ T9387] trusted_key: syz.1.1219 sent an empty control message without MSG_MORE. [ 238.539275][ T9393] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1222'. [ 239.299126][ T9418] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1233'. [ 239.543028][ T9427] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1237'. [ 240.035005][ T9444] loop5: detected capacity change from 0 to 1024 [ 240.149152][ T9452] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1248'. [ 240.179598][ T9444] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.254195][ T9455] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1249'. [ 241.290335][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.586385][ T9472] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1254'. [ 241.895886][ T9477] netlink: 'syz.3.1256': attribute type 1 has an invalid length. [ 242.080268][ T9477] 8021q: adding VLAN 0 to HW filter on device bond1 [ 242.233593][ T9483] veth11: entered promiscuous mode [ 242.263480][ T9483] bond1: (slave veth11): Enslaving as an active interface with a down link [ 242.432179][ T9492] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1259'. [ 242.826161][ T9504] loop5: detected capacity change from 0 to 1024 [ 242.876819][ T9504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.988994][ T9508] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1265'. [ 243.386446][ T9516] netlink: 'syz.4.1267': attribute type 12 has an invalid length. [ 243.415715][ T9516] netlink: 9472 bytes leftover after parsing attributes in process `syz.4.1267'. [ 243.577955][ T9521] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1269'. [ 243.785963][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.290069][ T9538] netlink: 'syz.5.1275': attribute type 72 has an invalid length. [ 244.331664][ T9538] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1275'. [ 245.213257][ T9555] netlink: 'syz.4.1284': attribute type 21 has an invalid length. [ 245.237225][ T9555] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1284'. [ 245.273449][ T9555] netlink: 'syz.4.1284': attribute type 5 has an invalid length. [ 245.308509][ T9555] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1284'. [ 245.341207][ T9557] loop3: detected capacity change from 0 to 1024 [ 245.372972][ T9560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1284'. [ 245.414825][ T9557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 245.845329][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'. [ 246.322252][ T5873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.433763][ T9575] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1292'. [ 247.332713][ T9615] loop1: detected capacity change from 0 to 1024 [ 247.442594][ T9615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.088425][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.949616][ T9685] __nla_validate_parse: 3 callbacks suppressed [ 249.949643][ T9685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1336'. [ 250.082991][ T9688] netlink: 752 bytes leftover after parsing attributes in process `syz.0.1340'. [ 251.236389][ T9731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1357'. [ 251.258481][ T9730] syz_tun: entered allmulticast mode [ 251.343281][ T9730] dvmrp8: entered allmulticast mode [ 252.070867][ T9729] syz_tun: left allmulticast mode [ 252.084847][ T9729] dvmrp8: left allmulticast mode [ 252.090139][ T9754] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1368'. [ 252.865450][ T9779] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1377'. [ 253.700733][ T9790] loop5: detected capacity change from 0 to 1024 [ 253.839172][ T9790] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.872500][ T9798] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1384'. [ 254.997821][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.861903][ T9820] netlink: 'syz.3.1392': attribute type 32 has an invalid length. [ 255.869758][ T9820] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1392'. [ 256.602136][ T9851] loop5: detected capacity change from 0 to 256 [ 256.671637][ T30] audit: type=1800 audit(1756355190.727:10): pid=9851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1406" name="file0" dev="loop5" ino=1048607 res=0 errno=0 [ 258.083616][ T9879] lo: entered allmulticast mode [ 258.117882][ T9879] dvmrp8: entered allmulticast mode [ 258.628874][ T9894] netlink: 'syz.1.1424': attribute type 1 has an invalid length. [ 258.675161][ T9878] lo: left allmulticast mode [ 258.680286][ T9878] dvmrp8: left allmulticast mode [ 258.969764][ T9894] 8021q: adding VLAN 0 to HW filter on device bond2 [ 259.679322][ T9895] bond2: (slave ip6gretap1): making interface the new active one [ 259.746670][ T9895] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 259.848473][ T9899] veth7: entered promiscuous mode [ 259.870479][ T9899] bond2: (slave veth7): Enslaving as an active interface with a down link [ 259.920328][ T9901] bond1: (slave erspan0): Releasing active interface [ 259.960853][ T9901] bond2: (slave erspan0): Enslaving as an active interface with an up link [ 259.970059][ T9911] loop3: detected capacity change from 0 to 128 [ 260.002594][ T9911] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 260.019038][ T9915] netlink: 120 bytes leftover after parsing attributes in process `syz.2.1431'. [ 260.040355][ T9911] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 260.294544][ T9927] loop0: detected capacity change from 0 to 128 [ 260.356597][ T9927] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 260.415729][ T9927] ext4 filesystem being mounted at /203/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 261.321332][ T9955] netlink: 'syz.3.1446': attribute type 1 has an invalid length. [ 261.358642][ T5859] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 261.466144][ T9955] 8021q: adding VLAN 0 to HW filter on device bond2 [ 261.584431][ T9961] veth13: entered promiscuous mode [ 261.614843][ T9961] bond2: (slave veth13): Enslaving as an active interface with a down link [ 261.630071][ T9966] loop0: detected capacity change from 0 to 1024 [ 261.703798][ T9955] bond2: (slave erspan0): making interface the new active one [ 261.717568][ T5866] Bluetooth: hci1: unexpected event for opcode 0x1004 [ 261.743743][ T9955] erspan0: entered promiscuous mode [ 261.802057][ T9955] bond2: (slave erspan0): Enslaving as an active interface with an up link [ 262.454121][ T9971] loop4: detected capacity change from 0 to 512 [ 262.500973][ T9971] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 262.512230][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.518514][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.577650][ T9971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.638005][ T9971] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.867835][ T9976] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 263.012470][ T5961] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 263.197898][ T5961] usb 5-1: Using ep0 maxpacket: 8 [ 263.226598][ T5961] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 263.264822][ T5961] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 263.340351][ T5961] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 263.364065][ T5961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 263.381667][ T5961] usb 5-1: SerialNumber: syz [ 263.426506][ T5961] cdc_acm 5-1:1.0: skipping garbage [ 263.457032][ T5961] cdc_acm 5-1:1.0: skipping garbage [ 263.475605][ T5961] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 263.511631][ T5961] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 263.522379][ T9993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1455'. [ 263.528317][ T5961] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 263.561978][ T9993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1455'. [ 263.624054][ T9971] mmap: syz.4.1448 (9971) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 263.759823][ T9997] loop0: detected capacity change from 0 to 512 [ 263.790943][ T9997] EXT4-fs: inline encryption not supported [ 263.815977][ T9999] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1448: corrupted xattr block 19: overlapping e_value [ 263.842463][ T9997] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 263.859030][T10002] EXT4-fs error (device loop4): ext4_xattr_block_list:762: inode #15: comm syz.4.1448: corrupted xattr block 19: overlapping e_value [ 263.898832][ T9999] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.1448' sets config #0 [ 263.978050][ T9997] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 264.076940][ T9997] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.330707][T10013] loop1: detected capacity change from 0 to 512 [ 264.389519][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.393704][ T5939] usb 5-1: USB disconnect, device number 2 [ 264.439775][T10013] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 264.526658][T10013] ext4 filesystem being mounted at /280/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 264.619698][T10024] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1462'. [ 264.729931][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.985820][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.006006][T10037] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1469'. [ 265.773672][ T5866] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 265.782523][ T5866] Bluetooth: hci1: Injecting HCI hardware error event [ 265.790222][ T5866] Bluetooth: hci1: hardware error 0x00 [ 266.353535][T10063] loop1: detected capacity change from 0 to 8 [ 266.453141][T10065] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1478'. [ 266.463569][T10063] SQUASHFS error: zlib decompression failed, data probably corrupt [ 266.521659][T10063] SQUASHFS error: Failed to read block 0x9b: -5 [ 266.527939][T10063] SQUASHFS error: Unable to read metadata cache entry [99] [ 266.558628][T10063] SQUASHFS error: Unable to read inode 0x127 [ 267.457472][T10062] loop0: detected capacity change from 0 to 40427 [ 267.510913][T10062] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 267.540955][T10062] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 267.619531][T10062] F2FS-fs (loop0): invalid crc value [ 267.853160][ T5866] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 267.965028][T10100] loop4: detected capacity change from 0 to 512 [ 267.972508][T10100] EXT4-fs: Ignoring removed nomblk_io_submit option [ 267.979196][T10100] EXT4-fs: Ignoring removed i_version option [ 268.001938][T10062] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 268.003501][T10100] EXT4-fs (loop4): 1 orphan inode deleted [ 268.018249][T10100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.145903][T10105] EXT4-fs error (device loop4): ext4_add_entry:2417: inode #2: comm syz.4.1489: Directory hole found for htree leaf block 0 [ 268.187137][T10062] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 268.201969][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 268.210562][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 268.219227][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 268.291908][T10062] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 268.326853][T10100] EXT4-fs error (device loop4): ext4_add_entry:2417: inode #2: comm syz.4.1489: Directory hole found for htree leaf block 0 [ 268.469546][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.942016][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 270.634402][T10142] syzkaller0: entered promiscuous mode [ 270.654390][T10142] syzkaller0: entered allmulticast mode [ 271.405578][T10164] loop0: detected capacity change from 0 to 512 [ 271.458734][T10164] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #15: comm syz.0.1510: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964) [ 271.509673][T10164] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1510: couldn't read orphan inode 15 (err -117) [ 271.530315][T10164] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.610060][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.672436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 272.022401][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 273.437286][T10150] loop5: detected capacity change from 0 to 40427 [ 273.609235][T10150] F2FS-fs (loop5): Invalid SB checksum offset: 0 [ 273.631236][T10150] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 273.685007][T10150] F2FS-fs (loop5): invalid crc value [ 273.797111][T10150] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 273.835827][T10150] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 273.921651][T10150] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 274.167952][T10225] loop1: detected capacity change from 0 to 16 [ 274.754961][ T6156] erspan0: left promiscuous mode [ 274.755122][T10225] erofs (device loop1): failed to read inode meta block (nid: 18446744073575399424): -117 [ 276.252596][ T5866] Bluetooth: hci2: command 0x0406 tx timeout [ 276.633238][T10255] input: syz0 as /devices/virtual/input/input15 [ 276.960516][T10263] loop2: detected capacity change from 0 to 512 [ 277.265832][T10263] EXT4-fs error (device loop2): ext4_quota_enable:7128: inode #3: comm syz.2.1547: iget: special inode unallocated [ 277.445192][T10274] loop5: detected capacity change from 0 to 16 [ 277.485493][T10263] EXT4-fs error (device loop2): ext4_quota_enable:7131: comm syz.2.1547: Bad quota inode: 3, type: 0 [ 277.619203][T10274] erofs (device loop5): failed to read inode meta block (nid: 18446744073575399424): -117 [ 277.654306][T10263] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 277.697987][T10263] EXT4-fs (loop2): mount failed [ 278.550374][T10288] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1556'. [ 278.552514][T10263] loop2: detected capacity change from 0 to 2048 [ 278.581661][T10288] netlink: 43 bytes leftover after parsing attributes in process `syz.5.1556'. [ 278.610336][T10288] netlink: 'syz.5.1556': attribute type 6 has an invalid length. [ 278.644588][T10263] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 278.692019][T10288] netlink: 'syz.5.1556': attribute type 5 has an invalid length. [ 278.756934][T10288] netlink: 43 bytes leftover after parsing attributes in process `syz.5.1556'. [ 280.027117][T10313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1563'. [ 281.226566][T10333] netlink: 9286 bytes leftover after parsing attributes in process `syz.5.1572'. [ 282.435531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 282.600431][T10349] 9pnet: p9_errstr2errno: server reported unknown error @hQIte} [ 284.173363][T10368] loop4: detected capacity change from 0 to 8 [ 284.279809][T10368] SQUASHFS error: zlib decompression failed, data probably corrupt [ 284.321806][T10368] SQUASHFS error: Failed to read block 0x9b: -5 [ 284.368049][T10368] SQUASHFS error: Unable to read metadata cache entry [99] [ 284.391811][T10368] SQUASHFS error: Unable to read inode 0x127 [ 284.575815][T10375] loop1: detected capacity change from 0 to 512 [ 284.669990][T10375] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1590: bg 0: block 5: invalid block bitmap [ 284.715127][T10375] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 284.774222][T10375] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1590: invalid indirect mapped block 3 (level 2) [ 284.851825][T10375] EXT4-fs (loop1): 2 truncates cleaned up [ 284.859559][T10375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.989684][T10392] loop3: detected capacity change from 0 to 1024 [ 285.026957][ T5868] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.055867][T10392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.127460][T10392] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1597: Allocating blocks 385-513 which overlap fs metadata [ 285.128895][T10399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1582'. [ 285.191481][T10392] EXT4-fs (loop3): pa ffff8880116e6488: logic 16, phys. 129, len 24 [ 285.199828][T10392] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 285.396460][ T5873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.430081][T10417] loop2: detected capacity change from 0 to 128 [ 286.440988][T10417] EXT4-fs: Ignoring removed nobh option [ 286.600003][T10417] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 286.616232][T10417] ext4 filesystem being mounted at /247/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 287.088479][T10422] loop5: detected capacity change from 0 to 1024 [ 287.158766][T10422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.457468][ T5867] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 288.135533][T10432] loop3: detected capacity change from 0 to 2048 [ 288.198694][T10432] EXT4-fs: Ignoring removed mblk_io_submit option [ 288.289293][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.303562][T10432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.370106][T10432] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1611: bg 0: block 234: padding at end of block bitmap is not set [ 288.400141][T10432] EXT4-fs (loop3): Remounting filesystem read-only [ 288.508119][ T5873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.543223][T10446] loop5: detected capacity change from 0 to 512 [ 288.618720][T10446] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.658741][T10446] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.724725][T10457] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1618'. [ 288.855877][ T5875] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.734739][T10499] netlink: 'syz.3.1636': attribute type 32 has an invalid length. [ 290.769280][T10499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1636'. [ 291.127621][T10506] loop0: detected capacity change from 0 to 128 [ 291.158978][T10506] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 292.006046][T10506] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.027585][T10516] tipc: Enabled bearer , priority 0 [ 292.082143][T10510] tipc: Resetting bearer [ 292.275470][T10508] tipc: Disabling bearer [ 292.303761][ T5859] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 292.693320][T10534] loop3: detected capacity change from 0 to 1024 [ 292.768503][T10534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.875013][T10540] netlink: 'syz.0.1652': attribute type 32 has an invalid length. [ 292.913022][T10540] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1652'. [ 293.623142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.632035][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.640638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.859075][ T5873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.978475][ T973] hid-generic 0005:0000:0005.0001: item fetching failed at offset 0/2 [ 294.141023][ T973] hid-generic 0005:0000:0005.0001: probe with driver hid-generic failed with error -22 [ 295.657982][T10572] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1663'. [ 295.962090][T10578] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.1666'. [ 296.054546][T10580] loop2: detected capacity change from 0 to 1024 [ 296.117107][T10580] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.281970][T10587] netlink: 'syz.3.1669': attribute type 32 has an invalid length. [ 296.310260][T10587] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1669'. [ 296.615752][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 297.209824][ T5867] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.291819][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 297.310123][ T24] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 297.323644][T10593] loop4: detected capacity change from 0 to 1024 [ 297.341897][ T24] usb 1-1: config 179 has no interface number 0 [ 297.367948][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 297.430873][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 297.497351][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 297.539603][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 297.601615][ T24] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 297.697802][T10599] tipc: Enabled bearer , priority 0 [ 297.820319][ T24] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 297.829589][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.856719][T10584] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 297.942267][T10603] tipc: Resetting bearer [ 298.763710][ T10] tipc: Node number set to 2286981199 [ 299.007865][T10584] loop0: detected capacity change from 0 to 256 [ 299.137920][T10610] loop4: detected capacity change from 0 to 256 [ 299.487616][T10610] vfat: Unknown parameter 'le0' [ 300.468551][T10629] loop2: detected capacity change from 0 to 2048 [ 301.316303][T10629] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.569357][ T5947] usb 1-1: USB disconnect, device number 2 [ 301.569425][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 301.569508][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 302.334000][ T51] Bluetooth: hci4: command 0x0405 tx timeout [ 302.554897][T10645] loop2: detected capacity change from 0 to 128 [ 302.576794][T10645] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 302.666184][T10645] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 303.042900][T10641] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 305.079901][T10668] netlink: 14212 bytes leftover after parsing attributes in process `syz.3.1698'. [ 305.386384][ T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 305.398053][ T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 305.405894][ T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 305.416848][ T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 305.425366][ T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 305.477412][T10676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1701'. [ 305.721316][T10679] loop5: detected capacity change from 0 to 1024 [ 305.768663][ T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.512690][T10691] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1707'. [ 306.963060][ T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.453025][ T5866] Bluetooth: hci6: command tx timeout [ 308.011943][T10698] syz.2.1709 (10698) used obsolete PPPIOCDETACH ioctl [ 308.281984][ T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.415479][ T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.532316][ T5866] Bluetooth: hci6: command tx timeout [ 309.632600][T10735] loop2: detected capacity change from 0 to 1024 [ 309.691252][T10735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.506262][T10737] veth5: entered promiscuous mode [ 310.539826][T10749] loop5: detected capacity change from 0 to 256 [ 310.644832][T10741] erspan0: entered allmulticast mode [ 310.686230][T10672] chnl_net:caif_netlink_parms(): no params data found [ 310.726958][T10751] loop3: detected capacity change from 0 to 1024 [ 310.771220][ T5867] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.816228][T10751] hfsplus: trying to free free bnode 0(1) [ 310.978809][ T6157] hfsplus: b-tree write err: -5, ino 4 [ 311.390675][T10766] loop4: detected capacity change from 0 to 1024 [ 311.399122][T10766] hfsplus: Bad value for 'session' [ 311.564765][T10672] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.585989][T10672] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.611778][ T5866] Bluetooth: hci6: command tx timeout [ 311.621193][T10672] bridge_slave_0: entered allmulticast mode [ 311.638541][T10672] bridge_slave_0: entered promiscuous mode [ 311.647663][ T36] bridge_slave_1: left allmulticast mode [ 311.783210][ T36] bridge_slave_1: left promiscuous mode [ 311.790795][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.837445][ T36] bridge_slave_0: left allmulticast mode [ 311.861654][ T36] bridge_slave_0: left promiscuous mode [ 311.867604][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.361971][T10791] loop2: detected capacity change from 0 to 1024 [ 312.480758][T10791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.642345][ T36] bond2 (unregistering): (slave ip6gretap1): Releasing active interface [ 312.722846][ T36] bond2 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - b2:1e:1a:52:94:4a - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 313.761821][ T5866] Bluetooth: hci6: command tx timeout [ 313.771713][ T36] bond2 (unregistering): (slave erspan0): making interface the new active one [ 314.354604][T10814] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1747'. [ 314.370854][ T36] bond2 (unregistering): (slave erspan0): Releasing active interface [ 314.499761][ T5867] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.597459][T10820] netlink: 'syz.2.1750': attribute type 32 has an invalid length. [ 314.837275][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 314.849509][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 314.860201][ T36] bond0 (unregistering): Released all slaves [ 314.949683][ T36] bond1 (unregistering): (slave veth3): Releasing active interface [ 314.959972][ T36] bond1 (unregistering): Released all slaves [ 315.048725][ T36] bond2 (unregistering): (slave veth7): Releasing active interface [ 315.059521][ T36] bond2 (unregistering): Released all slaves [ 315.076391][T10672] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.083909][T10672] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.091134][T10672] bridge_slave_1: entered allmulticast mode [ 315.103338][T10672] bridge_slave_1: entered promiscuous mode [ 315.221843][ T36] tipc: Left network mode [ 315.245526][T10672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 315.277283][ T36] IPVS: stopping backup sync thread 9299 ... [ 315.288095][T10672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 315.468069][T10836] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1755'. [ 315.696789][T10842] loop3: detected capacity change from 0 to 16 [ 315.727690][T10672] team0: Port device team_slave_0 added [ 315.738923][T10842] erofs (device loop3): mounted with root inode @ nid 36. [ 315.811054][T10672] team0: Port device team_slave_1 added [ 421.121508][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 421.128479][ C0] rcu: 1-...!: (1 GPs behind) idle=d2ec/1/0x4000000000000000 softirq=37800/37801 fqs=1 [ 421.139229][ C0] rcu: (detected by 0, t=10506 jiffies, g=33593, q=398 ncpus=2) [ 421.146942][ C0] Sending NMI from CPU 0 to CPUs 1: [ 421.146972][ C1] NMI backtrace for cpu 1 [ 421.146987][ C1] CPU: 1 UID: 0 PID: 10848 Comm: syz.0.1761 Not tainted syzkaller #0 PREEMPT(full) [ 421.147009][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 421.147022][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 421.147061][ C1] Code: 8b 3d 64 59 fe 0b 48 89 de 5b e9 43 9d 58 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 50 a0 92 65 8b 15 88 a4 e0 10 81 e2 00 01 ff 00 [ 421.147078][ C1] RSP: 0018:ffffc90000a08c68 EFLAGS: 00000002 [ 421.147097][ C1] RAX: ffffffff899ab7ed RBX: 1866dc37c1b70c6a RCX: ffff88807c915a00 [ 421.147113][ C1] RDX: 0000000000010000 RSI: 0000000004000001 RDI: 0000000000000000 [ 421.147127][ C1] RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000004 [ 421.147139][ C1] R10: dffffc0000000000 R11: fffff5200014117c R12: dffffc0000000000 [ 421.147155][ C1] R13: ffff88802803fcc0 R14: ffff88802803fc00 R15: 0000000000000000 [ 421.147172][ C1] FS: 00007f2c1a8356c0(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000 [ 421.147190][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 421.147204][ C1] CR2: 0000200000000200 CR3: 0000000062af3000 CR4: 0000000000350ef0 [ 421.147220][ C1] Call Trace: [ 421.147229][ C1] [ 421.147236][ C1] advance_sched+0x60d/0xc90 [ 421.147273][ C1] ? __pfx_advance_sched+0x10/0x10 [ 421.147293][ C1] __hrtimer_run_queues+0x52c/0xc60 [ 421.147314][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.147352][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 421.147371][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.147403][ C1] hrtimer_interrupt+0x45b/0xaa0 [ 421.147443][ C1] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 421.147471][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 421.147502][ C1] [ 421.147508][ C1] [ 421.147517][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 421.147539][ C1] RIP: 0010:lock_acquire+0x175/0x360 [ 421.147570][ C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 3b f4 02 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e [ 421.147587][ C1] RSP: 0018:ffffc9001f637460 EFLAGS: 00000206 [ 421.147604][ C1] RAX: 21435018c0edc400 RBX: 0000000000000000 RCX: 21435018c0edc400 [ 421.147619][ C1] RDX: 0000000000000000 RSI: ffffffff8dba7259 RDI: ffffffff8be33780 [ 421.147633][ C1] RBP: ffffffff822bcc09 R08: 0000000000000000 R09: ffffffff822bcc09 [ 421.147648][ C1] R10: dffffc0000000000 R11: fffff94000246e01 R12: 0000000000000002 [ 421.147662][ C1] R13: ffffffff8e139ee0 R14: 0000000000000000 R15: 0000000000000246 [ 421.147678][ C1] ? percpu_ref_get_many+0x19/0x140 [ 421.147711][ C1] ? percpu_ref_get_many+0x19/0x140 [ 421.147750][ C1] ? get_mem_cgroup_from_mm+0x38/0x2a0 [ 421.147774][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.147798][ C1] ? percpu_ref_get_many+0x19/0x140 [ 421.147830][ C1] percpu_ref_get_many+0x35/0x140 [ 421.147860][ C1] ? percpu_ref_get_many+0x19/0x140 [ 421.147892][ C1] charge_memcg+0xcb/0x180 [ 421.147921][ C1] __mem_cgroup_charge+0x25/0x80 [ 421.147949][ C1] shmem_alloc_and_add_folio+0x7c1/0xf60 [ 421.147980][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148008][ C1] ? filemap_get_entry+0xad/0x2f0 [ 421.148038][ C1] ? filemap_get_entry+0xad/0x2f0 [ 421.148061][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148087][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148110][ C1] ? shmem_huge_global_enabled+0x174/0x3a0 [ 421.148137][ C1] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 421.148169][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148192][ C1] ? shmem_allowable_huge_orders+0x414/0x420 [ 421.148223][ C1] shmem_get_folio_gfp+0x59d/0x1660 [ 421.148264][ C1] shmem_fault+0x179/0x390 [ 421.148304][ C1] __do_fault+0x138/0x390 [ 421.148342][ C1] __handle_mm_fault+0x3611/0x5440 [ 421.148382][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 421.148419][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148443][ C1] ? follow_page_pte+0x7ef/0x13e0 [ 421.148480][ C1] handle_mm_fault+0x40a/0x8e0 [ 421.148515][ C1] __get_user_pages+0x1699/0x2ce0 [ 421.148565][ C1] populate_vma_page_range+0x29f/0x3a0 [ 421.148593][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 421.148617][ C1] ? userfaultfd_unmap_complete+0x278/0x2d0 [ 421.148651][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148677][ C1] ? down_read+0x1ad/0x2e0 [ 421.148699][ C1] __mm_populate+0x24c/0x380 [ 421.148729][ C1] ? __pfx___mm_populate+0x10/0x10 [ 421.148755][ C1] ? up_write+0x1c4/0x420 [ 421.148782][ C1] vm_mmap_pgoff+0x387/0x4d0 [ 421.148807][ C1] ? __se_sys_futex+0x36f/0x400 [ 421.148836][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 421.148860][ C1] ? __pfx___se_sys_futex+0x10/0x10 [ 421.148887][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148916][ C1] ? rcu_is_watching+0x15/0xb0 [ 421.148938][ C1] ? ksys_mmap_pgoff+0xf4/0x760 [ 421.148965][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.148988][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 421.149013][ C1] do_syscall_64+0xfa/0x3b0 [ 421.149049][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.149079][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.149099][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.149123][ C1] ? exc_page_fault+0x9f/0xf0 [ 421.149153][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.149173][ C1] RIP: 0033:0x7f2c1998ebe9 [ 421.149191][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.149207][ C1] RSP: 002b:00007f2c1a835038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 421.149227][ C1] RAX: ffffffffffffffda RBX: 00007f2c19bb5fa0 RCX: 00007f2c1998ebe9 [ 421.149242][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 421.149257][ C1] RBP: 00007f2c19a11e19 R08: ffffffffffffffff R09: 0000000000000000 [ 421.149271][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 421.149284][ C1] R13: 00007f2c19bb6038 R14: 00007f2c19bb5fa0 R15: 00007ffe7ba0f658 [ 421.149311][ C1] [ 421.149964][ C0] rcu: rcu_preempt kthread starved for 10500 jiffies! g33593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 421.760525][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 421.770485][ C0] rcu: RCU grace-period kthread stack dump: [ 421.776359][ C0] task:rcu_preempt state:R running task stack:26472 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 421.789882][ C0] Call Trace: [ 421.793150][ C0] [ 421.796076][ C0] __schedule+0x1798/0x4cc0 [ 421.800605][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.806246][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.811879][ C0] ? __lock_acquire+0xab9/0xd20 [ 421.816737][ C0] ? __pfx___schedule+0x10/0x10 [ 421.821619][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.827251][ C0] ? schedule+0x91/0x360 [ 421.831497][ C0] schedule+0x165/0x360 [ 421.835657][ C0] schedule_timeout+0x12b/0x270 [ 421.840508][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 421.845877][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 421.851770][ C0] ? __pfx_process_timeout+0x10/0x10 [ 421.857063][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.862691][ C0] ? prepare_to_swait_event+0x341/0x380 [ 421.868242][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 421.873117][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 421.879019][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 421.884306][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 421.889510][ C0] ? finish_swait+0xcd/0x1f0 [ 421.894102][ C0] rcu_gp_kthread+0x99/0x390 [ 421.898730][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 421.903934][ C0] ? __kthread_parkme+0x7b/0x200 [ 421.908867][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.914496][ C0] ? __kthread_parkme+0x1a1/0x200 [ 421.919528][ C0] kthread+0x711/0x8a0 [ 421.923599][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 421.928805][ C0] ? __pfx_kthread+0x10/0x10 [ 421.933389][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.939030][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 421.944229][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.949860][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.955062][ C0] ? __pfx_kthread+0x10/0x10 [ 421.959652][ C0] ret_from_fork+0x3fc/0x770 [ 421.964245][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 421.969358][ C0] ? __switch_to_asm+0x39/0x70 [ 421.974124][ C0] ? __switch_to_asm+0x33/0x70 [ 421.978886][ C0] ? __pfx_kthread+0x10/0x10 [ 421.983477][ C0] ret_from_fork_asm+0x1a/0x30 [ 421.988260][ C0] [ 421.991271][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 421.997581][ C0] CPU: 0 UID: 0 PID: 10863 Comm: syz.5.1767 Not tainted syzkaller #0 PREEMPT(full) [ 422.006939][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 422.016984][ C0] RIP: 0010:smp_call_function_many_cond+0xd38/0x12d0 [ 422.023659][ C0] Code: 89 ee 83 e6 01 31 ff e8 06 63 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 b1 5e 0b 00 eb 38 f3 90 42 0f b6 04 2b <84> c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 95 5e 0b 00 eb e4 44 [ 422.043266][ C0] RSP: 0018:ffffc9001f8d6a40 EFLAGS: 00000246 [ 422.049334][ C0] RAX: 0000000000000000 RBX: 1ffff110170e7f61 RCX: 0000000000080000 [ 422.057305][ C0] RDX: ffffc9000cae7000 RSI: 000000000007ffff RDI: 0000000000080000 [ 422.065275][ C0] RBP: ffffc9001f8d6bc0 R08: ffffffff8fa38c37 R09: 1ffffffff1f47186 [ 422.073241][ C0] R10: dffffc0000000000 R11: fffffbfff1f47187 R12: ffff8880b873fb08 [ 422.081206][ C0] R13: dffffc0000000000 R14: ffff8880b863b1c0 R15: 0000000000000001 [ 422.089172][ C0] FS: 00007fd7df0806c0(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000 [ 422.098093][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 422.104665][ C0] CR2: 0000200000009b40 CR3: 0000000075639000 CR4: 0000000000350ef0 [ 422.112627][ C0] Call Trace: [ 422.115900][ C0] [ 422.118828][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 422.123872][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 422.130193][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 422.135570][ C0] ? __ip6_local_out+0x4d1/0x870 [ 422.140514][ C0] ? __pfx___text_poke+0x10/0x10 [ 422.145451][ C0] ? rcu_is_watching+0x15/0xb0 [ 422.150209][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.155841][ C0] ? trace_contention_end+0x39/0x120 [ 422.161129][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.166766][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 422.171793][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 422.176905][ C0] smp_text_poke_batch_finish+0x5f9/0x1130 [ 422.182716][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 422.188882][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 422.193914][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 422.200164][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.205792][ C0] ? arch_jump_label_transform_queue+0x97/0x110 [ 422.212047][ C0] ? __jump_label_update+0x37e/0x3a0 [ 422.217351][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 422.223340][ C0] static_key_slow_inc_cpuslocked+0x86/0x120 [ 422.229326][ C0] static_key_slow_inc+0x1a/0x30 [ 422.234267][ C0] __nf_register_net_hook+0x727/0x930 [ 422.239665][ C0] nf_register_net_hook+0xb2/0x190 [ 422.244785][ C0] nf_register_net_hooks+0x44/0x1b0 [ 422.249979][ C0] nf_defrag_ipv6_enable+0x87/0x120 [ 422.255186][ C0] nf_ct_netns_do_get+0x1e7/0x5a0 [ 422.260206][ C0] ? __pfx_nf_ct_netns_do_get+0x10/0x10 [ 422.265748][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.271387][ C0] nft_connlimit_do_init+0x1de/0x2e0 [ 422.276689][ C0] nft_set_elem_expr_alloc+0x1db/0x590 [ 422.282158][ C0] ? __pfx_nft_set_elem_expr_alloc+0x10/0x10 [ 422.288159][ C0] ? nft_rhash_init+0x2b3/0x3a0 [ 422.293023][ C0] ? __pfx_nft_rhash_init+0x10/0x10 [ 422.298231][ C0] ? __pfx_nft_rhash_key+0x10/0x10 [ 422.303333][ C0] ? __pfx_nft_rhash_obj+0x10/0x10 [ 422.308436][ C0] ? __pfx_nft_rhash_cmp+0x10/0x10 [ 422.313535][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.319172][ C0] nft_set_expr_alloc+0x68/0x760 [ 422.324113][ C0] ? kfree+0x18e/0x440 [ 422.328190][ C0] nf_tables_newset+0x1c47/0x2530 [ 422.333231][ C0] ? __pfx_nf_tables_newset+0x10/0x10 [ 422.338621][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.344277][ C0] ? __nla_parse+0x40/0x60 [ 422.348707][ C0] nfnetlink_rcv+0x1132/0x2520 [ 422.353510][ C0] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 422.358649][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.364279][ C0] ? ref_tracker_free+0x63a/0x7d0 [ 422.369339][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.374967][ C0] ? __netlink_deliver_tap+0x807/0x850 [ 422.380428][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 422.385633][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.391275][ C0] netlink_unicast+0x82f/0x9e0 [ 422.396056][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 422.401345][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.406980][ C0] ? skb_put+0x11b/0x210 [ 422.411219][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.416854][ C0] netlink_sendmsg+0x805/0xb30 [ 422.421643][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 422.426945][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.432574][ C0] ? aa_sock_msg_perm+0xf1/0x1d0 [ 422.437511][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.443145][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.448773][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 422.454069][ C0] __sock_sendmsg+0x21c/0x270 [ 422.458755][ C0] ____sys_sendmsg+0x505/0x830 [ 422.463520][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 422.468808][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.474437][ C0] ? import_iovec+0x74/0xa0 [ 422.478942][ C0] ___sys_sendmsg+0x21f/0x2a0 [ 422.483616][ C0] ? __pfx____sys_sendmsg+0x10/0x10 [ 422.488818][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.494478][ C0] ? __fget_files+0x2a/0x420 [ 422.499073][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.504706][ C0] ? __fget_files+0x3a0/0x420 [ 422.509401][ C0] __x64_sys_sendmsg+0x19b/0x260 [ 422.514344][ C0] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 422.519832][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.525461][ C0] ? rcu_is_watching+0x15/0xb0 [ 422.530227][ C0] ? do_syscall_64+0xbe/0x3b0 [ 422.534916][ C0] do_syscall_64+0xfa/0x3b0 [ 422.539424][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 422.544625][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.550685][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.556311][ C0] ? exc_page_fault+0x9f/0xf0 [ 422.560994][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.566883][ C0] RIP: 0033:0x7fd7de18ebe9 [ 422.571293][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.590895][ C0] RSP: 002b:00007fd7df080038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 422.599307][ C0] RAX: ffffffffffffffda RBX: 00007fd7de3b5fa0 RCX: 00007fd7de18ebe9 [ 422.607274][ C0] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000005 [ 422.615236][ C0] RBP: 00007fd7de211e19 R08: 0000000000000000 R09: 0000000000000000 [ 422.623196][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.631156][ C0] R13: 00007fd7de3b6038 R14: 00007fd7de3b5fa0 R15: 00007ffce3991f18 [ 422.639143][ C0]