last executing test programs: 3.350930894s ago: executing program 1 (id=217): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x40810) recvmsg(r1, &(0x7f0000004300)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d08022500000004", 0x19}], 0x1, 0x0, 0x0, 0x7400}, 0x0) write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[], 0xfe33) 3.232112598s ago: executing program 1 (id=218): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001b80), 0x1, 0x0, 0x0, 0x10000000}, 0x0) 3.06273633s ago: executing program 1 (id=223): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000071121b000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x57, @void, @value}, 0x94) 2.850826885s ago: executing program 1 (id=229): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000b00)=""/245, 0xf5}, {&(0x7f0000000880)=""/262, 0x106}, {&(0x7f0000000240)=""/192, 0xc0}, {&(0x7f0000000380)=""/193, 0xc1}, {&(0x7f0000000700)=""/284, 0x11c}, {&(0x7f0000000c40)=""/4064, 0xfe0}], 0x6}, 0x104) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000000)="1400000035000b6300800000000000000224fc60", 0x14}], 0x1}, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 2.835589122s ago: executing program 2 (id=230): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000200142603600e1208000f00", 0x2c}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a000000e8fe55a1180015000600142603600e1209001800", 0x28}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0) 2.703949021s ago: executing program 0 (id=233): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004340)={0x6, 0xd, &(0x7f00000007c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 2.630451689s ago: executing program 1 (id=235): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184"], 0xfdef) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22041000f3fe80000000000000110880febb0007aafe80"], 0xfdef) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18) ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"}) 2.59448987s ago: executing program 0 (id=236): close(0xffffffffffffffff) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xd50, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x101, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) 2.520125717s ago: executing program 2 (id=237): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="13030000690005"], 0xfe33) 2.519941862s ago: executing program 4 (id=238): r0 = socket$kcm(0x25, 0x1, 0x0) recvmsg(r0, &(0x7f0000000640)={0x0, 0x3d, 0x0}, 0x40010040) 2.462051073s ago: executing program 3 (id=239): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000040)={r0, 0x2000000, 0xf, 0x0, &(0x7f0000000000)="0990ddc8480000927370dd0032d7b5", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.422540501s ago: executing program 2 (id=240): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000047733757000000000000000085000000ba00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sock_ops=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17fe, @void, @value}, 0x94) 2.360227347s ago: executing program 1 (id=241): r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendto$llc(r4, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000380)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x10) r5 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000004780)={'syz_tun\x00', &(0x7f0000000400)=@ethtool_link_settings={0x50}}) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$kcm(0x29, 0x2, 0x0) write$binfmt_script(r6, &(0x7f0000000100), 0xfecc) syz_genetlink_get_family_id$l2tp(0x0, r0) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 2.360067701s ago: executing program 4 (id=242): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0xfffffffffffffe82, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) bpf$PROG_BIND_MAP(0x23, 0x0, 0x0) 2.303492052s ago: executing program 3 (id=243): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x10, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='tlb_flush\x00', r2}, 0x10) 2.297607975s ago: executing program 0 (id=244): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="ef098f0ae22db11a4a7226324dff6f7dadbb52a4317edf7a1304f6c6070dd24f6b78f0b1b453b345651d55a2546913618937c8d75dcbf82ccf5beb65f78fe922076b1011aaf17788f833e56b89b9cd64b6b787bb1dae2348818ba27c36448eb9cf1544b5d8db68370ada4af6d5197d9a5ef0a1e4edbef917e6515705dea0f0d11ee8db52fbd059d881d5b38a8322c2e3968b15490abcd0a41208f8900ac7ea1691c105544c3f0c4b7ea972d6c456ecbbf736929056afd799e62e815ef4070c91d214c3edc7bd5aa4395c91bc73df6818cacce50c127b9ba3612eeafb8dacaa516b2f9f288482da50d0d71c44a9c69b9fa9eabc9f3d93b703da0e9e506818ed64b32ec0e79d46d048128c1374f8aeccc46170e4af3563edf6f680b2449245fee02f605e25cf5033af53c37ef53a160a5ba281e793da3e38486e2cb4a8bcb54a28f0f8a2bfc3032f1aec6b2d46288496688677ebaf92ed5de5e18ef4810362832c8084f761c7d175c2b10382f4321928ca886610b7b56397890a7740a29a4e3c01316669d32680257d6ef750eb66f671245204913b6204be9bf4f9095dd928112fe3bc8d3af8fc25852ec11c78304f6ee42aa83242d42daf43c08dbcba0a37efeaff8054bbecc652ca60041fb9757e16cb6589dfa0e255fe893751a1219e683200d6293592f3e088d2e1087d86ab111304dff26d341409e6c9aa143825e5b1e544c1143b8078370c94dd15e32e471963b92ac122986a88a012cbd1082d1313aa5ced89b96a5b7d3dc196fdf5e12316cf44efc01d473d430fa068f8899de9c89689d54db69c038f8e430f8354610444ddb9a3213df839c560d2582f5f0542d0eb86721581cedd4307a75708c1418072df31e8d32928e0a64c88c7a7ca8a02046993437918c50a68a9fca66019940baeafc538fa3ec69f1eacf4d85a5c487b4f19799062163c2dda8db6ceda659317a68cc7e76b77abe81b45a611d13e53bcbe083dfa6f5e0a1e3d65ba1e0a8491d387d24ddba0644179e5de381cb80afe59654f35b441dcda703b2e7f5eeadb2544604bc98bec73404fc4859adada98884e9628a4c5e446ba74215465731cebfd7cd16ddc7b54a591304fd0f2c35e74d73554ab35ceedaeea56c42dda6f5c8e7b0c7c2c7529d396cce6f7219eef81f9838ecd683b748fe8a1c91793e078853d326484673f7491edf330ba936851add4bc7af1a890e86409db3f0a0e735e6ba457b40f944df757c4b732ca39fd270a4d54877e520f9146f9f87913569f4c459d04a00d5f0b152a0cf30443b117295b09d64a55d6a0bedbb902cace39995f06a085cc11b89ff07b12a9298ac06e45c35b68f59bd30d4cdecd3e7d5ddef6a993c5706de58990a40b26136eb5c670315eac1ee00f8904b445748bc19e624c306ca371f4cb8aa13a457c3edf2ed722796848b44e55902f8519266b3d7449b35cf753c8d7bc7a524df8271be8246415f32fd6f5356cbc6c5ccf0f9158821931f7e317e9554c2010bfad8d913f544e642b117e2de43e7c039f5f6589ac6ec903a66d08a595a1d2472de2c4fdaab0e13ef5b1ab22e449c92954af11662a3c4f707e34dc1cd6deabd2520afc7364df1dd9446698b76a5e6c81d7b0c11f356f8cd0fb1dec706a56c342cfae8e363c89b4bf97d5e386cc37963459cbc60f829286c09b7dbd0d1a270f79c2fbd3f3c82ba091c9bf0ce355b7982ab4724aefed303218770704dcdad5ccbbe07607ade5c9e6a59d731dc875d678cc0abcd0317c17b16cd04af3b8cd8fd5c2fef20b13aa6e923ba78db41ec00d441a045181a9196ce5a6fcdefb5f5bdb1c779bfcc40f87821a5a859a4a1087dffa75c2ac0345584dde821f77c1a97c07ba970dc111887737bb36e902e1714ea482d4529b88fdcc6ed4ac4e0736c28e300708ef129fb44d3109a4dd3ff5563bbd46982c749c381fff16545ae0ae28f45125457df94142b5fb2f12cff20c127082137ac001f4533791ba8c36d3e2a53496d495546d7ca717560e7c52f5a17a3dd39137d2b850584ed0692c44d407470b34760ac647bff6ca15fbd86e6f3a37ffc3b7f7ddcbd713fdd69efefc6d16c1f2ea058f81792a7cba272e5922c45b8b5a2de45e02d96e80c13c6832eb3b77bed5d4e28df716afd4752d2fdbc8da203d0ea330939eb7f4d6e1e308f2424712813078ac359616faaa34d9db2a695746f1fb2ee86956683b416c6578c4ee4b0ab8f511709e80e8bf72fa1ebd0fe1cc96a2b9060b6edd814dd327da84eba28d73d53cd846bc19cfda672ca4914d1596bc85171e5f8d22167edc2896e5659b3108cc13b5109390538f845d83140a8431d5e394b0bd82158d8b9ac4cf2d27f6e7db625e9193d2284d9234a886f6e59db400c7e3b19973f5baf72816e059b5e95a9a361b0f1abf1996b5fa082f0e5edeeff7eb90d55dcabad8adea331986790d4a8b1115ab960902da3e3bf31ab0e265952581", 0x6dc}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x11, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f97e24fc60040f100047000000103582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 636.108575ms ago: executing program 3 (id=245): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2e, 0x0, 0x0, @void, @value}, 0x20) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r1, 0x4) bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r2, 0x4) 621.033731ms ago: executing program 4 (id=246): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000030085000000a8000000850000000800000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 589.732844ms ago: executing program 0 (id=247): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711213000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 540.137146ms ago: executing program 2 (id=248): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b90402", 0x11}], 0x1, 0x0, 0x0, 0x7400}, 0x0) write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[], 0xfe33) 428.153173ms ago: executing program 3 (id=249): r0 = socket$kcm(0x2, 0x3, 0x106) setsockopt$sock_attach_bpf(r0, 0x0, 0x16, 0x0, 0x6bf37b480ae252de) 420.408463ms ago: executing program 4 (id=250): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, &(0x7f0000000240)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 375.796126ms ago: executing program 0 (id=251): r0 = socket$kcm(0x2, 0x2, 0x73) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) sendmsg$inet(r0, &(0x7f00000008c0)={&(0x7f0000000700)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000740)="08dc0b52bfc1226efb01f5ec", 0xc}], 0x1}, 0x24) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1800000039000511d25a80648c63940d0224fc600b003540", 0x18}], 0x1}, 0x0) 300.194696ms ago: executing program 2 (id=252): r0 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r0, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2c0000000000000000000000070000004415"], 0x30}, 0x0) 265.249331ms ago: executing program 4 (id=253): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'veth0_vlan\x00', @random='\x00\x00\x00 \x00'}) 212.555812ms ago: executing program 3 (id=254): socket$kcm(0xf, 0x3, 0x2) socket$kcm(0xf, 0x3, 0x2) 108.215206ms ago: executing program 0 (id=255): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000019c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000001800000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe, 0x0, &(0x7f00000009c0)="0000ffffff8d00f03f0100000001", 0x0, 0xfffffffe, 0x500, 0x0, 0x0, 0x0, 0x0}, 0x50) 108.033652ms ago: executing program 2 (id=256): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x20) r1 = socket$kcm(0x2, 0x922000000001, 0x106) setsockopt$sock_attach_bpf(r1, 0x1, 0xc, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) close(r0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20) 107.934144ms ago: executing program 4 (id=257): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000b00)={'hsr0\x00', 0x20}) 0s ago: executing program 3 (id=258): r0 = socket$kcm(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f00)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90224fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts. [ 54.721531][ T5818] cgroup: Unknown subsys name 'net' [ 54.827048][ T5818] cgroup: Unknown subsys name 'cpuset' [ 54.836162][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 56.177500][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.606027][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.624560][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.626740][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.632412][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.639816][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.654867][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.663775][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.664706][ T5848] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 58.671296][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.680182][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.685677][ T5841] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.694538][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 58.700100][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.715441][ T5848] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.717039][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.723182][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.737924][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.745204][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.745486][ T5841] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.759889][ T5846] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 58.767158][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.772598][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.775156][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.798722][ T5848] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.806670][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.814592][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 58.822139][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.829281][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.837366][ T5850] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 58.862722][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.224722][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 59.270507][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 59.340849][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 59.431330][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 59.486877][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.494586][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.501861][ T5831] bridge_slave_0: entered allmulticast mode [ 59.509435][ T5831] bridge_slave_0: entered promiscuous mode [ 59.522463][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.529862][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.537149][ T5831] bridge_slave_1: entered allmulticast mode [ 59.544275][ T5831] bridge_slave_1: entered promiscuous mode [ 59.582436][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 59.601266][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.608565][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.616381][ T5833] bridge_slave_0: entered allmulticast mode [ 59.622895][ T5833] bridge_slave_0: entered promiscuous mode [ 59.646569][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.664124][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.671244][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.678655][ T5843] bridge_slave_0: entered allmulticast mode [ 59.685370][ T5843] bridge_slave_0: entered promiscuous mode [ 59.692724][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.700350][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.707806][ T5843] bridge_slave_1: entered allmulticast mode [ 59.714793][ T5843] bridge_slave_1: entered promiscuous mode [ 59.721143][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.728467][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.735840][ T5833] bridge_slave_1: entered allmulticast mode [ 59.742358][ T5833] bridge_slave_1: entered promiscuous mode [ 59.768051][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.835043][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.846582][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.905585][ T5831] team0: Port device team_slave_0 added [ 59.930942][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.944001][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.954279][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.961380][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.968930][ T5834] bridge_slave_0: entered allmulticast mode [ 59.976301][ T5834] bridge_slave_0: entered promiscuous mode [ 59.984921][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.992015][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.999255][ T5834] bridge_slave_1: entered allmulticast mode [ 60.006335][ T5834] bridge_slave_1: entered promiscuous mode [ 60.014948][ T5831] team0: Port device team_slave_1 added [ 60.072399][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.079617][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.087226][ T5830] bridge_slave_0: entered allmulticast mode [ 60.094019][ T5830] bridge_slave_0: entered promiscuous mode [ 60.104235][ T5843] team0: Port device team_slave_0 added [ 60.112148][ T5833] team0: Port device team_slave_0 added [ 60.129725][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.139640][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.146939][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.173014][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.185705][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.192877][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.200223][ T5830] bridge_slave_1: entered allmulticast mode [ 60.207544][ T5830] bridge_slave_1: entered promiscuous mode [ 60.216105][ T5843] team0: Port device team_slave_1 added [ 60.232751][ T5833] team0: Port device team_slave_1 added [ 60.250798][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.260811][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.271209][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.297360][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.379064][ T5831] hsr_slave_0: entered promiscuous mode [ 60.385593][ T5831] hsr_slave_1: entered promiscuous mode [ 60.403052][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.414080][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.421039][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.447717][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.462702][ T5834] team0: Port device team_slave_0 added [ 60.470985][ T5834] team0: Port device team_slave_1 added [ 60.478525][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.485807][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.511865][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.525285][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.534967][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.541923][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.568178][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.609391][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.616492][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.642912][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.677805][ T5830] team0: Port device team_slave_0 added [ 60.685234][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.692195][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.718161][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.754311][ T5830] team0: Port device team_slave_1 added [ 60.770266][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.777325][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.803570][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.844237][ T5850] Bluetooth: hci0: command tx timeout [ 60.844242][ T5847] Bluetooth: hci2: command tx timeout [ 60.869332][ T5833] hsr_slave_0: entered promiscuous mode [ 60.875997][ T5833] hsr_slave_1: entered promiscuous mode [ 60.882037][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.890304][ T5833] Cannot create hsr debugfs directory [ 60.896606][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.903747][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.930425][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.935077][ T5847] Bluetooth: hci1: command tx timeout [ 60.946631][ T5840] Bluetooth: hci3: command tx timeout [ 60.953163][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.953222][ T5850] Bluetooth: hci4: command tx timeout [ 60.960104][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.960141][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.006473][ T5843] hsr_slave_0: entered promiscuous mode [ 61.012730][ T5843] hsr_slave_1: entered promiscuous mode [ 61.019038][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.026694][ T5843] Cannot create hsr debugfs directory [ 61.055361][ T5834] hsr_slave_0: entered promiscuous mode [ 61.061679][ T5834] hsr_slave_1: entered promiscuous mode [ 61.068003][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.075637][ T5834] Cannot create hsr debugfs directory [ 61.169087][ T5830] hsr_slave_0: entered promiscuous mode [ 61.175756][ T5830] hsr_slave_1: entered promiscuous mode [ 61.181673][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.190140][ T5830] Cannot create hsr debugfs directory [ 61.445847][ T5831] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.459843][ T5831] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.473778][ T5831] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 61.493248][ T5831] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.538613][ T5843] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 61.548044][ T5843] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 61.571451][ T5843] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 61.587798][ T5843] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 61.603491][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 61.619252][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 61.632199][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 61.656352][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 61.720313][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.731615][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.761868][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.774451][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.830188][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 61.839505][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 61.850267][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.868621][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.891831][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.948334][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.981495][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.993673][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.000953][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.041486][ T3538] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.048644][ T3538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.072887][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.098532][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.105651][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.147047][ T3487] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.154234][ T3487] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.170650][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.190042][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.241781][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.250627][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.274805][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.281933][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.300907][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.308063][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.318469][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.350504][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.357654][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.398718][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.407335][ T3538] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.414516][ T3538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.471020][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.478237][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.546977][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.554156][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.586845][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.715355][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.750480][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.791915][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.901821][ T5843] veth0_vlan: entered promiscuous mode [ 62.926081][ T5850] Bluetooth: hci0: command tx timeout [ 62.931537][ T5850] Bluetooth: hci2: command tx timeout [ 62.938772][ T5843] veth1_vlan: entered promiscuous mode [ 62.959784][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.004339][ T5847] Bluetooth: hci3: command tx timeout [ 63.009848][ T5850] Bluetooth: hci1: command tx timeout [ 63.032240][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.051940][ T5843] veth0_macvtap: entered promiscuous mode [ 63.084765][ T5850] Bluetooth: hci4: command tx timeout [ 63.091382][ T5843] veth1_macvtap: entered promiscuous mode [ 63.127570][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.186305][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.199460][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.225999][ T5843] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.235157][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.245024][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.254277][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.275472][ T5831] veth0_vlan: entered promiscuous mode [ 63.304014][ T5834] veth0_vlan: entered promiscuous mode [ 63.316674][ T5834] veth1_vlan: entered promiscuous mode [ 63.332550][ T5831] veth1_vlan: entered promiscuous mode [ 63.371657][ T5833] veth0_vlan: entered promiscuous mode [ 63.378815][ T5830] veth0_vlan: entered promiscuous mode [ 63.420315][ T5830] veth1_vlan: entered promiscuous mode [ 63.439004][ T5833] veth1_vlan: entered promiscuous mode [ 63.482904][ T5834] veth0_macvtap: entered promiscuous mode [ 63.516333][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.537088][ T5834] veth1_macvtap: entered promiscuous mode [ 63.549506][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.575940][ T5830] veth0_macvtap: entered promiscuous mode [ 63.607162][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.620124][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.631515][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.646273][ T5830] veth1_macvtap: entered promiscuous mode [ 63.653716][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.662248][ T5831] veth0_macvtap: entered promiscuous mode [ 63.668141][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.677464][ T5831] veth1_macvtap: entered promiscuous mode [ 63.692936][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.703897][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.716274][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.729664][ T5833] veth0_macvtap: entered promiscuous mode [ 63.748505][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.759185][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.769689][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.780553][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.792899][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.816691][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.826781][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.836161][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.845670][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.860732][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.872182][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.882462][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.896233][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.907140][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.917816][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.929759][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.931598][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 63.938377][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.964517][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.974543][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.985023][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.996361][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.007139][ T5833] veth1_macvtap: entered promiscuous mode [ 64.016562][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.027159][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.037302][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.048115][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.057994][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.068618][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.079988][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.096768][ T5830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.108805][ T5830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.120926][ T5830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.146906][ T5830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.176995][ T5831] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.189226][ T5831] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.213156][ T5831] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.221900][ T5831] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.340500][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.348857][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.362220][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.377631][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.388111][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.398801][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.409519][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.421919][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.438610][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.451564][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.463460][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.481114][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.505268][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.516061][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.530372][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.540505][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.551933][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.562694][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.578661][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.589940][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.601108][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.610665][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.619730][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.628905][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.689135][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.704266][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.739179][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.762449][ T5918] loop2: detected capacity change from 0 to 32768 [ 64.779293][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.789632][ T5918] ======================================================= [ 64.789632][ T5918] WARNING: The mand mount option has been deprecated and [ 64.789632][ T5918] and is ignored by this kernel. Remove the mand [ 64.789632][ T5918] option from the mount to silence this warning. [ 64.789632][ T5918] ======================================================= [ 64.840229][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.882339][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.962047][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.963032][ T3487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.972100][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.993634][ T5918] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 65.022164][ T3487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.046089][ T5850] Bluetooth: hci2: command tx timeout [ 65.053352][ T5847] Bluetooth: hci0: command tx timeout [ 65.083482][ T5850] Bluetooth: hci1: command tx timeout [ 65.088961][ T5850] Bluetooth: hci3: command tx timeout [ 65.099115][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.122982][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.173946][ T5850] Bluetooth: hci4: command tx timeout [ 65.215249][ T5918] XFS (loop2): Ending clean mount [ 65.285308][ T2906] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.319083][ T5935] loop3: detected capacity change from 0 to 512 [ 65.351926][ T2906] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.369792][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.378902][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.619645][ T5937] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.149158][ T5935] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4: invalid indirect mapped block 256 (level 2) [ 66.323950][ T5843] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 66.351745][ T5935] EXT4-fs (loop3): 2 truncates cleaned up [ 66.407801][ T5935] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.620292][ T5943] loop4: detected capacity change from 0 to 2048 [ 66.622317][ T5928] loop1: detected capacity change from 0 to 40427 [ 66.639429][ T5928] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x1fffff [ 66.663373][ T5928] F2FS-fs (loop1): heap/no_heap options were deprecated [ 66.671438][ T5928] F2FS-fs (loop1): Image doesn't support compression [ 66.676881][ T5943] EXT4-fs: Ignoring removed nobh option [ 66.727978][ T5941] loop0: detected capacity change from 0 to 4096 [ 66.786024][ T5941] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 66.885926][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.921572][ T5928] F2FS-fs (loop1): invalid crc value [ 66.942092][ T5943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.945539][ T5928] F2FS-fs (loop1): Found nat_bits in checkpoint [ 67.117378][ T5850] Bluetooth: hci2: command tx timeout [ 67.122841][ T5850] Bluetooth: hci0: command tx timeout [ 67.152083][ T5956] Process accounting resumed [ 67.163611][ T5850] Bluetooth: hci3: command tx timeout [ 67.170038][ T5850] Bluetooth: hci1: command tx timeout [ 67.190725][ T5955] EXT4-fs (loop4): shut down requested (0) [ 67.201088][ T5941] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 67.230588][ T5928] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 67.244119][ T5847] Bluetooth: hci4: command tx timeout [ 67.369007][ T5953] loop3: detected capacity change from 0 to 32768 [ 67.376284][ T5953] XFS: ikeep mount option is deprecated. [ 67.438431][ T5928] F2FS-fs (loop1): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x14d/0x1220 [ 67.454150][ T2906] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 67.470204][ T2906] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1090 with error 28 [ 67.484101][ T2906] EXT4-fs (loop4): This should not happen!! Data will be lost [ 67.484101][ T2906] [ 67.494863][ T2906] EXT4-fs (loop4): Total free blocks count 0 [ 67.501718][ T2906] EXT4-fs (loop4): Free/Dirty block details [ 67.508005][ T2906] EXT4-fs (loop4): free_blocks=2415919104 [ 67.514049][ T2906] EXT4-fs (loop4): dirty_blocks=1120 [ 67.519371][ T2906] EXT4-fs (loop4): Block reservation details [ 67.525683][ T2906] EXT4-fs (loop4): i_reserved_data_blocks=69 [ 67.552067][ T5834] syz-executor: attempt to access beyond end of device [ 67.552067][ T5834] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 67.571185][ T5953] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 67.608926][ T5834] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 67.633618][ T5834] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 67.695556][ T5970] loop0: detected capacity change from 0 to 512 [ 67.702552][ T5970] EXT4-fs: Ignoring removed nomblk_io_submit option [ 67.757308][ T5970] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 67.844724][ T5970] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 67.865806][ T5970] EXT4-fs (loop0): orphan cleanup on readonly fs [ 67.889845][ T5970] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.10: attempt to clear invalid blocks 1024 len 1 [ 67.909920][ T5975] loop2: detected capacity change from 0 to 16 [ 67.917085][ T5953] XFS (loop3): Ending clean mount [ 67.926993][ T5975] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 67.989879][ T5970] EXT4-fs (loop0): Remounting filesystem read-only [ 68.060037][ T5970] EXT4-fs (loop0): 1 truncate cleaned up [ 68.079675][ T5970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 69.127480][ T5953] syz.3.8 (5953) used greatest stack depth: 17952 bytes left [ 69.256217][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 69.275609][ T5830] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 69.290970][ T5984] loop2: detected capacity change from 0 to 4096 [ 69.321726][ T5986] loop1: detected capacity change from 0 to 2048 [ 69.382335][ T5986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 69.622723][ T5972] loop4: detected capacity change from 0 to 65536 [ 69.876256][ T5834] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.013775][ T5989] loop0: detected capacity change from 0 to 32768 [ 70.064825][ T5989] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 70.086631][ T5972] XFS (loop4): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 70.113451][ T5989] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 70.263590][ T5972] XFS (loop4): Ending clean mount [ 70.327674][ T5996] loop3: detected capacity change from 0 to 32768 [ 70.352823][ T5989] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 70.389501][ T5886] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 70.396770][ T5886] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 70.405340][ T5996] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 70.415942][ T5831] XFS (loop4): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 70.428620][ T5996] CPU: 1 UID: 0 PID: 5996 Comm: syz.3.17 Not tainted 6.12.0-rc6-next-20241108-syzkaller #0 [ 70.438648][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 70.448742][ T5996] Call Trace: [ 70.452042][ T5996] [ 70.454995][ T5996] dump_stack_lvl+0x241/0x360 [ 70.459713][ T5996] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.464951][ T5996] ? __pfx__printk+0x10/0x10 [ 70.469584][ T5996] ? __kmalloc_cache_noprof+0x243/0x390 [ 70.475203][ T5996] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 70.480523][ T5996] sysfs_create_dir_ns+0x2ce/0x3a0 [ 70.485672][ T5996] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 70.491348][ T5996] kobject_add_internal+0x435/0x8d0 [ 70.496589][ T5996] kobject_init_and_add+0x124/0x190 [ 70.501828][ T5996] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 70.507666][ T5996] ? __pfx_kobject_init_and_add+0x10/0x10 [ 70.513429][ T5996] ? __init_swait_queue_head+0xae/0x150 [ 70.519008][ T5996] gfs2_sys_fs_add+0x23b/0x4a0 [ 70.523803][ T5996] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 70.529131][ T5996] ? __pfx_alloc_workqueue+0x10/0x10 [ 70.534459][ T5996] ? read_word_at_a_time+0xe/0x20 [ 70.539514][ T5996] ? sized_strscpy+0x8d/0x220 [ 70.544231][ T5996] gfs2_fill_super+0x11ee/0x24d0 [ 70.549229][ T5996] ? __pfx_gfs2_fill_super+0x10/0x10 [ 70.554554][ T5996] ? snprintf+0xda/0x120 [ 70.558859][ T5996] ? __pfx_lock_release+0x10/0x10 [ 70.563912][ T5996] ? do_raw_spin_lock+0x14f/0x370 [ 70.569063][ T5996] ? __pfx_snprintf+0x10/0x10 [ 70.574003][ T5996] ? sb_set_blocksize+0x98/0xf0 [ 70.578887][ T5996] ? setup_bdev_super+0x4e6/0x5d0 [ 70.583951][ T5996] get_tree_bdev_flags+0x48c/0x5c0 [ 70.589095][ T5996] ? __pfx_gfs2_fill_super+0x10/0x10 [ 70.594408][ T5996] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 70.600076][ T5996] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 70.605741][ T5996] gfs2_get_tree+0x54/0x220 [ 70.610366][ T5996] vfs_get_tree+0x90/0x2b0 [ 70.614812][ T5996] do_new_mount+0x2be/0xb40 [ 70.619348][ T5996] ? __pfx_do_new_mount+0x10/0x10 [ 70.624417][ T5996] __se_sys_mount+0x2d6/0x3c0 [ 70.629113][ T5996] ? __pfx___se_sys_mount+0x10/0x10 [ 70.634313][ T5996] ? exc_page_fault+0x590/0x8c0 [ 70.639161][ T5996] ? __x64_sys_mount+0x20/0xc0 [ 70.643928][ T5996] do_syscall_64+0xf3/0x230 [ 70.648432][ T5996] ? clear_bhb_loop+0x35/0x90 [ 70.653111][ T5996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.659000][ T5996] RIP: 0033:0x7f7183f7feba [ 70.663423][ T5996] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.683047][ T5996] RSP: 002b:00007f7184e4ce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 70.691468][ T5996] RAX: ffffffffffffffda RBX: 00007f7184e4cef0 RCX: 00007f7183f7feba [ 70.699437][ T5996] RDX: 0000000020037f40 RSI: 0000000020037f80 RDI: 00007f7184e4ceb0 [ 70.707411][ T5996] RBP: 0000000020037f40 R08: 00007f7184e4cef0 R09: 0000000000000000 [ 70.715376][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 70.723348][ T5996] R13: 00007f7184e4ceb0 R14: 0000000000037f64 R15: 00000000200000c0 [ 70.731328][ T5996] [ 70.734462][ C1] vkms_vblank_simulate: vblank timer overrun [ 70.787951][ T5886] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 391ms [ 70.796513][ T5886] gfs2: fsid=syz:syz.0: jid=0: Done [ 70.803698][ T5989] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 70.823522][ T5996] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 70.920320][ T5996] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 71.030001][ T6012] loop1: detected capacity change from 0 to 2048 [ 71.203542][ T6012] loop1: p1 < > p4 [ 71.251879][ T6019] syz.2.23 uses obsolete (PF_INET,SOCK_PACKET) [ 71.265814][ T6012] loop1: p4 size 8388608 extends beyond EOD, truncated [ 71.318074][ T5202] loop1: p1 < > p4 [ 71.327113][ T5202] loop1: p4 size 8388608 extends beyond EOD, truncated [ 71.568115][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.580899][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.761941][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 72.503645][ T6031] loop1: detected capacity change from 0 to 1024 [ 72.511311][ T6031] ext4: Bad value for 'sb' [ 72.527747][ T5832] udevd[5832]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 72.580302][ T5844] udevd[5844]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 74.912943][ T6050] loop4: detected capacity change from 0 to 1024 [ 74.942609][ T6050] EXT4-fs: Ignoring removed i_version option [ 74.948858][ T6050] EXT4-fs: Ignoring removed i_version option [ 74.955111][ T6050] EXT4-fs: Ignoring removed bh option [ 75.147167][ T6054] loop3: detected capacity change from 0 to 1024 [ 75.183493][ T6050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.271265][ T6062] loop2: detected capacity change from 0 to 1024 [ 75.992011][ T6063] gfs2: gfs2 mount does not exist [ 76.079005][ T2906] hfsplus: b-tree write err: -5, ino 4 [ 76.433603][ T6066] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 76.469970][ T6055] loop0: detected capacity change from 0 to 32768 [ 76.501393][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.542712][ T5850] Bluetooth: hci5: sending frame failed (-49) [ 76.553479][ T5847] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 76.584126][ T6055] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 76.632565][ T6046] loop1: detected capacity change from 0 to 32768 [ 76.717790][ T6046] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 76.761240][ T6055] XFS (loop0): Ending clean mount [ 76.780339][ T6046] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 76.845222][ T6055] XFS (loop0): Quotacheck needed: Please wait. [ 76.914061][ T6083] loop2: detected capacity change from 0 to 1024 [ 76.964009][ T6083] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 77.007338][ T6085] loop4: detected capacity change from 0 to 16 [ 77.038623][ T6083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.068892][ T6085] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 77.081653][ T6055] XFS (loop0): Quotacheck: Done. [ 77.444262][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.468055][ T6046] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 77.491575][ T6090] loop4: detected capacity change from 0 to 1024 [ 77.540112][ T6092] block device autoloading is deprecated and will be removed. [ 77.602081][ T5916] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 77.639046][ T5916] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 77.657106][ T6094] loop2: detected capacity change from 0 to 256 [ 77.737857][ T5833] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 77.739322][ T5916] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 100ms [ 77.778387][ T6090] hfsplus: xattr searching failed [ 77.813300][ T5916] gfs2: fsid=syz:syz.0: jid=0: Done [ 77.815019][ T6094] FAT-fs (loop2): Directory bread(block 64) failed [ 77.828385][ T6094] FAT-fs (loop2): Directory bread(block 65) failed [ 77.844224][ T6094] FAT-fs (loop2): Directory bread(block 66) failed [ 77.846330][ T6046] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 77.850785][ T6094] FAT-fs (loop2): Directory bread(block 67) failed [ 77.893484][ T6094] FAT-fs (loop2): Directory bread(block 68) failed [ 77.906392][ T6094] FAT-fs (loop2): Directory bread(block 69) failed [ 77.921887][ T6094] FAT-fs (loop2): Directory bread(block 70) failed [ 77.929861][ T6094] FAT-fs (loop2): Directory bread(block 71) failed [ 77.937682][ T6094] FAT-fs (loop2): Directory bread(block 72) failed [ 77.944329][ T6094] FAT-fs (loop2): Directory bread(block 73) failed [ 77.973792][ T12] hfsplus: bad catalog file entry [ 77.979951][ T12] hfsplus: b-tree write err: -5, ino 3 [ 78.168792][ T6046] gfs2: fsid=syz:syz.0: can't create logd thread: -4 [ 78.437814][ T6112] loop2: detected capacity change from 0 to 256 [ 78.449173][ T6112] exfat: Deprecated parameter 'utf8' [ 78.517668][ T6112] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 80.001921][ T6101] loop4: detected capacity change from 0 to 32768 [ 80.008660][ T6135] capability: warning: `syz.3.55' uses deprecated v2 capabilities in a way that may be insecure [ 80.085364][ T6101] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 80.132252][ T6145] loop2: detected capacity change from 0 to 256 [ 80.512425][ T6145] FAT-fs (loop2): Directory bread(block 64) failed [ 80.520849][ T6105] loop0: detected capacity change from 0 to 40427 [ 80.534465][ T6145] FAT-fs (loop2): Directory bread(block 65) failed [ 80.543002][ T6145] FAT-fs (loop2): Directory bread(block 66) failed [ 80.574836][ T6105] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x1fffff [ 80.910727][ T6145] FAT-fs (loop2): Directory bread(block 67) failed [ 81.019005][ T6105] F2FS-fs (loop0): invalid crc value [ 81.155700][ T6145] FAT-fs (loop2): Directory bread(block 68) failed [ 81.178414][ T6105] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-4) [ 81.207559][ T6101] XFS (loop4): Ending clean mount [ 81.225258][ T6145] FAT-fs (loop2): Directory bread(block 69) failed [ 81.236268][ T6145] FAT-fs (loop2): Directory bread(block 70) failed [ 81.249637][ T6145] FAT-fs (loop2): Directory bread(block 71) failed [ 81.256684][ T6145] FAT-fs (loop2): Directory bread(block 72) failed [ 81.278697][ T6145] FAT-fs (loop2): Directory bread(block 73) failed [ 81.374325][ T5831] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 81.809250][ T764] cfg80211: failed to load regulatory.db [ 81.844744][ T6186] loop0: detected capacity change from 0 to 64 [ 82.072418][ T6191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.68'. [ 82.381229][ T6178] loop3: detected capacity change from 0 to 32768 [ 82.444649][ T6203] loop2: detected capacity change from 0 to 64 [ 82.471696][ T6203] hfs: creator requires a 4 character value [ 83.184282][ T6178] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 83.364183][ T6178] JBD2: Ignoring recovery information on journal [ 83.412936][ T6208] loop0: detected capacity change from 0 to 256 [ 83.450418][ T6210] netlink: 32 bytes leftover after parsing attributes in process `syz.2.76'. [ 83.557045][ T6208] FAT-fs (loop0): Directory bread(block 64) failed [ 83.578947][ T6208] FAT-fs (loop0): Directory bread(block 65) failed [ 83.586094][ T6178] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 83.603311][ T6208] FAT-fs (loop0): Directory bread(block 66) failed [ 83.672538][ T6208] FAT-fs (loop0): Directory bread(block 67) failed [ 83.683351][ T6208] FAT-fs (loop0): Directory bread(block 68) failed [ 83.689923][ T6208] FAT-fs (loop0): Directory bread(block 69) failed [ 83.712173][ T6199] loop1: detected capacity change from 0 to 32768 [ 83.735917][ T6208] FAT-fs (loop0): Directory bread(block 70) failed [ 83.792499][ T6208] FAT-fs (loop0): Directory bread(block 71) failed [ 83.880907][ T6208] FAT-fs (loop0): Directory bread(block 72) failed [ 83.921763][ T6208] FAT-fs (loop0): Directory bread(block 73) failed [ 84.101877][ T5830] ocfs2: Unmounting device (7,3) on (node local) [ 84.494896][ T6194] loop4: detected capacity change from 0 to 32768 [ 84.565838][ T6194] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 84.757570][ T6194] XFS (loop4): Ending clean mount [ 84.888589][ T6233] loop0: detected capacity change from 0 to 4096 [ 85.363850][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.925225][ T5831] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 86.098202][ T6244] loop0: detected capacity change from 0 to 1024 [ 86.145180][ T6244] hfsplus: failed to load attributes file [ 86.513873][ T6255] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 86.521526][ T6255] IPv6: NLM_F_CREATE should be set when creating new route [ 86.528900][ T6255] IPv6: NLM_F_CREATE should be set when creating new route [ 86.536199][ T6255] IPv6: NLM_F_CREATE should be set when creating new route [ 86.568380][ T6242] loop1: detected capacity change from 0 to 32768 [ 86.573876][ T6238] loop3: detected capacity change from 0 to 32768 [ 86.607640][ T6256] loop4: detected capacity change from 0 to 2048 [ 86.947615][ T6260] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 88.330571][ T6270] loop0: detected capacity change from 0 to 32768 [ 88.372416][ T6270] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.98 (6270) [ 88.464643][ T6270] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 88.502342][ T6270] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 88.535930][ T6272] loop1: detected capacity change from 0 to 32768 [ 88.723243][ T6270] BTRFS info (device loop0): using free-space-tree [ 88.730499][ T6270] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048 [ 88.745608][ T6270] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048 [ 88.832512][ T29] audit: type=1804 audit(1731224519.894:2): pid=6272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.99" name="/newroot/15/file0/file1" dev="loop1" ino=4 res=1 errno=0 [ 88.889090][ T6270] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048 [ 88.939511][ T6302] netlink: 4 bytes leftover after parsing attributes in process `syz.3.105'. [ 88.987899][ T6270] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048 [ 89.086100][ T6270] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048 [ 89.113273][ T6270] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048 [ 89.149494][ T6270] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048 [ 89.211202][ T6281] loop2: detected capacity change from 0 to 32768 [ 89.261838][ T6281] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 89.368576][ T6281] XFS (loop2): Ending clean mount [ 89.523712][ T5843] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 89.595299][ T5833] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 89.599275][ T6328] loop1: detected capacity change from 0 to 512 [ 89.659480][ T6328] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 89.679209][ T6328] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 89.727041][ T6328] EXT4-fs error (device loop1): __ext4_fill_super:5499: inode #2: comm syz.1.110: casefold flag without casefold feature [ 89.872377][ T6328] EXT4-fs (loop1): get root inode failed [ 89.890846][ T6328] EXT4-fs (loop1): mount failed [ 90.094100][ T6338] loop2: detected capacity change from 0 to 64 [ 90.131661][ T6340] Zero length message leads to an empty skb [ 91.366582][ T6350] netlink: 40 bytes leftover after parsing attributes in process `syz.0.117'. [ 91.785934][ T6353] loop1: detected capacity change from 0 to 1024 [ 93.526733][ T6373] netlink: 'syz.2.121': attribute type 4 has an invalid length. [ 93.555542][ T6353] EXT4-fs: Conflicting test_dummy_encryption options [ 95.223520][ T6393] loop0: detected capacity change from 0 to 256 [ 96.039253][ T6395] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.130'. [ 96.253543][ T6404] loop4: detected capacity change from 0 to 512 [ 96.306040][ T6404] EXT4-fs (loop4): blocks per group (71) and clusters per group (20800) inconsistent [ 96.380961][ T6404] loop4: detected capacity change from 0 to 512 [ 96.458443][ T6404] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.529483][ T6404] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.615278][ T6404] netlink: 'syz.4.132': attribute type 4 has an invalid length. [ 96.753392][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.762716][ T6390] loop2: detected capacity change from 0 to 32768 [ 96.846877][ T6390] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.128 (6390) [ 96.920540][ T6390] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 96.922074][ T6415] loop4: detected capacity change from 0 to 256 [ 96.973282][ T6390] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 97.002512][ T6390] BTRFS info (device loop2): using free-space-tree [ 97.048574][ T6406] loop0: detected capacity change from 0 to 32768 [ 97.080044][ T6415] FAT-fs (loop4): Directory bread(block 64) failed [ 97.112484][ T6415] FAT-fs (loop4): Directory bread(block 65) failed [ 97.137348][ T6415] FAT-fs (loop4): Directory bread(block 66) failed [ 97.210061][ T6406] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.227968][ T6415] FAT-fs (loop4): Directory bread(block 67) failed [ 97.270722][ T6415] FAT-fs (loop4): Directory bread(block 68) failed [ 97.289453][ T6415] FAT-fs (loop4): Directory bread(block 69) failed [ 97.298129][ T6406] OCFS2: ERROR (device loop0): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 97.298837][ T6415] FAT-fs (loop4): Directory bread(block 70) failed [ 97.321569][ T6415] FAT-fs (loop4): Directory bread(block 71) failed [ 97.330295][ T6415] FAT-fs (loop4): Directory bread(block 72) failed [ 97.336908][ T6415] FAT-fs (loop4): Directory bread(block 73) failed [ 97.364075][ T6406] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 97.377210][ T6406] OCFS2: File system is now read-only. [ 97.382705][ T6406] (syz.0.133,6406,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 97.419260][ T6436] OCFS2: ERROR (device loop0): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has empty extent list at depth 312 [ 97.472510][ T6436] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 97.516725][ T6436] (syz.0.133,6436,0):ocfs2_find_leaf:1940 ERROR: status = -30 [ 97.539002][ T6413] loop1: detected capacity change from 0 to 32768 [ 97.606439][ T6436] (syz.0.133,6436,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 97.615484][ T6436] (syz.0.133,6436,1):ocfs2_fiemap:776 ERROR: status = -30 [ 97.643381][ T6413] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present! [ 97.726465][ T5843] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 97.756896][ T6413] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 97.791820][ T5833] ocfs2: Unmounting device (7,0) on (node local) [ 97.971387][ T1132] kworker/u8:5: attempt to access beyond end of device [ 97.971387][ T1132] loop4: rw=1, sector=1224, nr_sectors = 608 limit=256 [ 98.039727][ T5834] ocfs2: Unmounting device (7,1) on (node local) [ 98.075483][ T1132] kworker/u8:5: attempt to access beyond end of device [ 98.075483][ T1132] loop4: rw=1, sector=1864, nr_sectors = 6592 limit=256 [ 98.196165][ T1132] kworker/u8:5: attempt to access beyond end of device [ 98.196165][ T1132] loop4: rw=1, sector=8456, nr_sectors = 7536 limit=256 [ 99.891461][ T6466] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.145'. [ 99.940499][ T6472] loop3: detected capacity change from 0 to 2048 [ 100.161644][ T6472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.213618][ T6479] loop2: detected capacity change from 0 to 2048 [ 100.333054][ T6484] loop4: detected capacity change from 0 to 4096 [ 100.357271][ T6479] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 100.373826][ T6479] UDF-fs: Scanning with blocksize 512 failed [ 100.413708][ T6484] NILFS (loop4): invalid segment: Checksum error in segment payload [ 100.414146][ T6487] loop0: detected capacity change from 0 to 16 [ 100.422073][ T6484] NILFS (loop4): trying rollback from an earlier position [ 100.455679][ T6479] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 100.456113][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.468584][ T6487] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 100.493872][ T6484] NILFS (loop4): recovery complete [ 100.673625][ T6489] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 103.246228][ T6499] loop1: detected capacity change from 0 to 32768 [ 103.431242][ T6518] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.161'. [ 103.573368][ T6499] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.157 (6499) [ 103.604395][ T6506] loop0: detected capacity change from 0 to 32768 [ 103.656872][ T6499] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 103.688284][ T6499] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 103.696082][ T6506] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 103.700075][ T6499] BTRFS info (device loop1): using free-space-tree [ 103.786919][ T6536] loop2: detected capacity change from 0 to 512 [ 103.980759][ T6506] XFS (loop0): Ending clean mount [ 103.998827][ T6536] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.163: casefold flag without casefold feature [ 104.016217][ T6536] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.163: couldn't read orphan inode 15 (err -117) [ 104.031204][ T6536] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.733973][ T5833] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 104.792782][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.878811][ T6564] loop3: detected capacity change from 0 to 2048 [ 104.926096][ T6564] nilfs2: Unknown parameter 'ord' [ 105.042035][ T5834] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 105.958196][ T6567] loop3: detected capacity change from 0 to 32768 [ 105.986217][ T6573] loop1: detected capacity change from 0 to 256 [ 105.993989][ T6573] exfat: Deprecated parameter 'utf8' [ 105.999341][ T6573] exfat: Deprecated parameter 'utf8' [ 106.004816][ T6573] exfat: Deprecated parameter 'utf8' [ 106.027778][ T6567] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.167 (6567) [ 106.051883][ T6567] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 106.069537][ T6567] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 106.087208][ T6567] BTRFS info (device loop3): using free-space-tree [ 106.097777][ T6573] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 106.447099][ T6589] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.172'. [ 106.652193][ T6569] loop4: detected capacity change from 0 to 40427 [ 106.679703][ T6569] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 106.687641][ T6569] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 106.718901][ T6594] loop0: detected capacity change from 0 to 512 [ 106.723002][ T6569] F2FS-fs (loop4): invalid crc value [ 106.823610][ T6594] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 106.831044][ T6594] UDF-fs: Scanning with blocksize 512 failed [ 106.859808][ T6569] F2FS-fs (loop4): Found nat_bits in checkpoint [ 106.867292][ T6594] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 106.884070][ T6594] UDF-fs: Scanning with blocksize 1024 failed [ 106.906783][ T6594] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 106.924876][ T6594] UDF-fs: Scanning with blocksize 2048 failed [ 106.985458][ T6594] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 107.089505][ T6594] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.135452][ T6569] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 107.136999][ T6610] IPVS: set_ctl: invalid protocol: 29285 114.115.61.99:28558 [ 107.142520][ T6569] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 107.516131][ T6597] loop2: detected capacity change from 0 to 40427 [ 107.554332][ T6597] F2FS-fs (loop2): Invalid log blocks per segment (4278190089) [ 107.561952][ T6597] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 107.614762][ T6597] F2FS-fs (loop2): invalid crc value [ 107.663583][ T5830] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 107.782440][ T6618] TCP: TCP_TX_DELAY enabled [ 108.200276][ T6597] F2FS-fs (loop2): Found nat_bits in checkpoint [ 108.541638][ T6597] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 108.593336][ T6597] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 108.713774][ T6626] netlink: 'syz.0.182': attribute type 21 has an invalid length. [ 108.739186][ T6626] IPv6: NLM_F_CREATE should be specified when creating new route [ 108.763568][ T6626] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 108.770819][ T6626] IPv6: NLM_F_CREATE should be set when creating new route [ 108.778196][ T6626] IPv6: NLM_F_CREATE should be set when creating new route [ 108.785477][ T6626] IPv6: NLM_F_CREATE should be set when creating new route [ 108.828758][ T5843] syz-executor: attempt to access beyond end of device [ 108.828758][ T5843] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 108.868273][ T5843] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 109.024563][ T6630] loop4: detected capacity change from 0 to 512 [ 109.089906][ T6624] loop1: detected capacity change from 0 to 32768 [ 109.111865][ T6624] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.181 (6624) [ 109.126762][ T6630] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.178: bad orphan inode 17 [ 109.144088][ T6624] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 109.168453][ T6624] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 109.177976][ T6624] BTRFS info (device loop1): disk space caching is enabled [ 109.186697][ T6624] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 109.244433][ T6630] ext4_test_bit(bit=16, block=4) = 1 [ 109.273472][ T6630] is_bad_inode(inode)=0 [ 109.277683][ T6630] NEXT_ORPHAN(inode)=0 [ 109.318897][ T6630] max_ino=32 [ 109.322145][ T6630] i_nlink=1 [ 109.374023][ T6630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.541342][ T6660] netlink: 'syz.2.183': attribute type 10 has an invalid length. [ 109.627078][ T6624] BTRFS info (device loop1): rebuilding free space tree [ 109.799685][ T6624] BTRFS info (device loop1): disabling free space tree [ 109.813444][ T6624] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 109.851144][ T6624] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 109.896046][ T6664] input: syz1 as /devices/virtual/input/input5 [ 110.016248][ T6664] EXT4-fs error (device loop4): __ext4_iget:4984: inode #12: block 2: comm syz.4.178: invalid block [ 110.027472][ T6660] macvlan0: entered promiscuous mode [ 110.027498][ T6660] macvlan0: entered allmulticast mode [ 110.033365][ T6660] veth1_vlan: entered allmulticast mode [ 110.048706][ T6660] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 110.062251][ T6662] warning: `syz.3.188' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 110.481469][ T5834] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 111.298138][ T6701] netlink: 'syz.1.207': attribute type 33 has an invalid length. [ 111.315552][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.324968][ T6701] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.207'. [ 112.680733][ T6724] netlink: 164 bytes leftover after parsing attributes in process `syz.1.217'. [ 112.798759][ T6727] netlink: 'syz.0.220': attribute type 29 has an invalid length. [ 112.835564][ T6727] netlink: 'syz.0.220': attribute type 29 has an invalid length. [ 112.885030][ T6732] netlink: 'syz.4.219': attribute type 10 has an invalid length. [ 112.907540][ T6732] team0: Device hsr_slave_0 failed to register rx_handler [ 112.960616][ T6727] netlink: 'syz.0.220': attribute type 29 has an invalid length. [ 113.098753][ T6736] netlink: 'syz.0.220': attribute type 29 has an invalid length. [ 113.266527][ T6748] netlink: 'syz.1.229': attribute type 29 has an invalid length. [ 113.307657][ T6752] netlink: 168 bytes leftover after parsing attributes in process `syz.2.230'. [ 115.529308][ T6793] netlink: 'syz.2.248': attribute type 2 has an invalid length. [ 115.549848][ T6793] netlink: 144 bytes leftover after parsing attributes in process `syz.2.248'. [ 115.999317][ T6812] [ 116.001691][ T6812] ============================= [ 116.006552][ T6812] [ BUG: Invalid wait context ] [ 116.011401][ T6812] 6.12.0-rc6-next-20241108-syzkaller #0 Not tainted [ 116.017994][ T6812] ----------------------------- [ 116.022850][ T6812] syz.2.256/6812 is trying to lock: [ 116.028052][ T6812] ffffffff8e9bca38 (map_idr_lock){+...}-{3:3}, at: bpf_map_put+0x9a/0x380 [ 116.036598][ T6812] other info that might help us debug this: [ 116.042483][ T6812] context-{5:5} [ 116.045937][ T6812] 2 locks held by syz.2.256/6812: [ 116.050949][ T6812] #0: ffffffff8e93c560 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0x134/0x390 [ 116.061498][ T6812] #1: ffff888061af9458 (&htab->lockdep_key){....}-{2:2}, at: htab_lock_bucket+0x1a4/0x370 [ 116.071514][ T6812] stack backtrace: [ 116.075220][ T6812] CPU: 0 UID: 0 PID: 6812 Comm: syz.2.256 Not tainted 6.12.0-rc6-next-20241108-syzkaller #0 [ 116.085277][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 116.095410][ T6812] Call Trace: [ 116.098693][ T6812] [ 116.101616][ T6812] dump_stack_lvl+0x241/0x360 [ 116.106293][ T6812] ? __pfx_dump_stack_lvl+0x10/0x10 [ 116.111574][ T6812] ? __pfx__printk+0x10/0x10 [ 116.116162][ T6812] __lock_acquire+0x15a8/0x2100 [ 116.121011][ T6812] lock_acquire+0x1ed/0x550 [ 116.125504][ T6812] ? bpf_map_put+0x9a/0x380 [ 116.130027][ T6812] ? __pfx_lock_acquire+0x10/0x10 [ 116.135054][ T6812] ? __pfx_lock_acquire+0x10/0x10 [ 116.140072][ T6812] ? __lock_acquire+0x1397/0x2100 [ 116.145098][ T6812] ? do_raw_spin_lock+0x14f/0x370 [ 116.150129][ T6812] _raw_spin_lock_irqsave+0xd5/0x120 [ 116.155413][ T6812] ? bpf_map_put+0x9a/0x380 [ 116.159910][ T6812] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 116.165803][ T6812] bpf_map_put+0x9a/0x380 [ 116.170135][ T6812] ? __pfx_bpf_map_fd_put_ptr+0x10/0x10 [ 116.175677][ T6812] alloc_htab_elem+0x1f5/0xa80 [ 116.180440][ T6812] htab_map_update_elem+0x448/0xe00 [ 116.185636][ T6812] ? __pfx_htab_map_update_elem+0x10/0x10 [ 116.191344][ T6812] ? bpf_map_meta_equal+0x137/0x2a0 [ 116.196533][ T6812] ? fput+0x21b/0x290 [ 116.200514][ T6812] bpf_fd_htab_map_update_elem+0x1fb/0x390 [ 116.206312][ T6812] ? bpf_fd_htab_map_update_elem+0x134/0x390 [ 116.212288][ T6812] ? __pfx_bpf_fd_htab_map_update_elem+0x10/0x10 [ 116.218617][ T6812] bpf_map_update_value+0x2f2/0x5c0 [ 116.223824][ T6812] map_update_elem+0x51a/0x6f0 [ 116.228585][ T6812] __sys_bpf+0x76f/0x810 [ 116.232821][ T6812] ? __pfx___sys_bpf+0x10/0x10 [ 116.237581][ T6812] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 116.243559][ T6812] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 116.249879][ T6812] ? do_syscall_64+0x100/0x230 [ 116.254640][ T6812] __x64_sys_bpf+0x7c/0x90 [ 116.259086][ T6812] do_syscall_64+0xf3/0x230 [ 116.263592][ T6812] ? clear_bhb_loop+0x35/0x90 [ 116.268264][ T6812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.274150][ T6812] RIP: 0033:0x7f91b097e719 [ 116.278555][ T6812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.298149][ T6812] RSP: 002b:00007f91b172d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 116.306555][ T6812] RAX: ffffffffffffffda RBX: 00007f91b0b36058 RCX: 00007f91b097e719 [ 116.314517][ T6812] RDX: 0000000000000020 RSI: 0000000020000200 RDI: 0000000000000002 [ 116.322653][ T6812] RBP: 00007f91b09f139e R08: 0000000000000000 R09: 0000000000000000 [ 116.330629][ T6812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.338608][ T6812] R13: 0000000000000000 R14: 00007f91b0b36058 R15: 00007fff8d9c9e08 [ 116.346610][ T6812] [ 116.525830][ T6814] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.258'.