last executing test programs: 1m19.01071013s ago: executing program 3 (id=1457): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10) socketpair(0x2, 0x2, 0x1, &(0x7f0000000000)) 1m18.302335322s ago: executing program 3 (id=1461): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000080)='%-010d \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000009c0)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1m18.094675576s ago: executing program 3 (id=1465): bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/191, 0xbf, 0x0, &(0x7f00000003c0)=""/218, 0xda}}, 0x10) syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd6000000000180000000000"], 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) r4 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r4, &(0x7f0000000000)={0x1d, r3}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x40044) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x1, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x9, 0x4, 0xffff0398}]}]}, {0x0, [0x5f, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000e00)=""/252, 0x37, 0xfc, 0x1, 0x7, 0x0, @void, @value}, 0x28) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r8 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r9, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000580)=ANY=[@ANYBLOB="680200000005010400000000000000000000000054020100"/40], 0x268}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f00, 0x7, 0x0, &(0x7f00000007c0)="9f449487219195", 0x0, 0x7ff, 0x0, 0xb1, 0xe, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x50) 49.317245978s ago: executing program 3 (id=1465): bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/191, 0xbf, 0x0, &(0x7f00000003c0)=""/218, 0xda}}, 0x10) syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd6000000000180000000000"], 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) r4 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r4, &(0x7f0000000000)={0x1d, r3}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x40044) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x1, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x9, 0x4, 0xffff0398}]}]}, {0x0, [0x5f, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000e00)=""/252, 0x37, 0xfc, 0x1, 0x7, 0x0, @void, @value}, 0x28) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r8 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r9, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000580)=ANY=[@ANYBLOB="680200000005010400000000000000000000000054020100"/40], 0x268}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f00, 0x7, 0x0, &(0x7f00000007c0)="9f449487219195", 0x0, 0x7ff, 0x0, 0xb1, 0xe, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x50) 25.54658628s ago: executing program 3 (id=1465): bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/191, 0xbf, 0x0, &(0x7f00000003c0)=""/218, 0xda}}, 0x10) syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd6000000000180000000000"], 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) r4 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r4, &(0x7f0000000000)={0x1d, r3}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x40044) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x1, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x9, 0x4, 0xffff0398}]}]}, {0x0, [0x5f, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000e00)=""/252, 0x37, 0xfc, 0x1, 0x7, 0x0, @void, @value}, 0x28) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r8 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r9, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000580)=ANY=[@ANYBLOB="680200000005010400000000000000000000000054020100"/40], 0x268}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f00, 0x7, 0x0, &(0x7f00000007c0)="9f449487219195", 0x0, 0x7ff, 0x0, 0xb1, 0xe, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x50) 7.311958039s ago: executing program 3 (id=1465): bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/191, 0xbf, 0x0, &(0x7f00000003c0)=""/218, 0xda}}, 0x10) syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd6000000000180000000000"], 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) r4 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r4, &(0x7f0000000000)={0x1d, r3}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x40044) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x1, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x9, 0x4, 0xffff0398}]}]}, {0x0, [0x5f, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000e00)=""/252, 0x37, 0xfc, 0x1, 0x7, 0x0, @void, @value}, 0x28) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r8 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r9, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000580)=ANY=[@ANYBLOB="680200000005010400000000000000000000000054020100"/40], 0x268}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f00, 0x7, 0x0, &(0x7f00000007c0)="9f449487219195", 0x0, 0x7ff, 0x0, 0xb1, 0xe, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x50) 5.023458227s ago: executing program 1 (id=1754): r0 = socket$inet_smc(0x2b, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) chdir(&(0x7f0000000480)='./cgroup\x00') syz_open_dev$usbfs(0x0, 0x77, 0x101301) accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x80000) r1 = socket$packet(0x11, 0x2, 0x300) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0}, 0x18) sendto$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10) close(r0) 4.248714719s ago: executing program 4 (id=1758): unshare(0x22020600) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000800)={0x408, 0x1, 0x1, 0x8624, 0x4}) 3.901028605s ago: executing program 4 (id=1760): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0xe) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 3.798708757s ago: executing program 1 (id=1762): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x884, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r2, {0x0, 0xfffc}, {}, {0x4, 0x3}}, [@filter_kind_options=@f_bpf={{0x8}, {0x858, 0x2, [@TCA_BPF_POLICE={0x848, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x1, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x4, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x3ff, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0x90, 0xee, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0x10001, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x6, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x2, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x3, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0x507, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x0, 0xe0ba, 0x4f, 0x3, 0x4, 0x27, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0xd, 0x9, 0x9, 0x200, 0x7, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x400002, 0x2, 0x6, 0x400, 0x5, 0x84, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed7, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x6, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x7, 0xdb2, 0x0, 0xe00, 0x4, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x3, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x9, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x6, 0x4, 0xffffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x0, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x768, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x7, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x7, 0x4, 0xffffff95, 0x5, 0x0, 0xc, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x0, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x9, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x3, 0x1, 0xfffffc1f, 0x6, 0x2, 0xc6d1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0xe000000, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0xc004884}, 0x0) 3.565901641s ago: executing program 4 (id=1765): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wg0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xd}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x8}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x51}, 0x8000) 3.366779184s ago: executing program 1 (id=1766): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xffffffff, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3800006, 0x4008031, 0xffffffffffffffff, 0xd6d4a000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000017, 0x4031, 0xffffffffffffffff, 0xb9654000) gettid() 3.244751697s ago: executing program 4 (id=1768): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r2], 0x44}}, 0x0) socket$packet(0x11, 0xa, 0x300) socket$kcm(0x10, 0x2, 0x0) syz_emit_ethernet(0x9a, &(0x7f0000000400)=ANY=[], 0x0) 3.243956246s ago: executing program 2 (id=1769): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x400, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in=@multicast1=0xe0000002, @in6=@remote, 0x4e21, 0x0, 0x0, 0x0, 0xa, 0x20}, {0x100000000000004, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x1000, 0x48}, {0x0, 0x0, 0xfffffffffbffffff, 0xfffffffffffffffe}}}, 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0) 2.925045372s ago: executing program 2 (id=1771): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_debug_messages', 0x1a1081, 0x18) pwritev(r0, &(0x7f0000000180), 0x0, 0x0, 0x6) 2.790017204s ago: executing program 2 (id=1772): ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000240)={{}, 0x0, 0x8, @unused=[0x7, 0x4, 0x9, 0x8], @subvolid=0x6}) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}, 0x1, 0x300}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00m'], 0x38}, 0x1, 0x300}, 0x0) 2.686942955s ago: executing program 2 (id=1773): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000007100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000002140)={0x50, 0x0, r1}, 0x50) read$FUSE(r0, &(0x7f0000002900)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 2.421841759s ago: executing program 1 (id=1774): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="c4010000130a010800000000000000000a00000983000800617955a5c61679a20e47f31b4b9e3357d20cb7bcfb8ce3a2b21240981877b3dd0d416dd30a8a3a2c97d70b2467d78851fcc7225452036874e06dff188780d3c1a66dd07df18015a27426a8550c6517e9dd7072a71eafac78a87a52b0c3a54d6675fe899d872e273f532ca75d8128486fbbbeea4a0a7f4a4619704c2b826212000900010073797a31000000000c00064000000000000000030800034000000002de000800a4f40b44916a2e5d0ed40005f34827af6a3a76e2dbe483cbb95f29d76c8567708288e107dfdc3356e2baf3cb8d4a383bf6844a6ef8649fa4ed0040350de8b5c47d41936e748a2bed9754e7b2991654de683b3ff478e1f5aca9e59bf4e77b06769e6c4e6d340dff1b02f4c5afbae95901358fdd32b9b248eefb4b18a8385463438f235359f2d658ccef5efbe268ab0057a7e18c2dfdbe9f0d0904349b5919e7b1bc32e6770aaa6154cab61b69be1f9ba196c1a21899f66d1df9d7229fdb3063a23fdca6b4e1d693b033e6d6c25d79212efe86220c372a87fd48ad0000080003"], 0x1c4}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 2.356447351s ago: executing program 1 (id=1775): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0xe) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 1.842257939s ago: executing program 0 (id=1778): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x6, 0x0) mq_timedreceive(r0, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0) 1.746339631s ago: executing program 2 (id=1779): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a800160020002140030000e2035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001bb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f87755c0d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc", 0xd8}], 0x1}, 0x0) 1.646146323s ago: executing program 0 (id=1780): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f00000002c0)={0xbe, 0x0, 0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000010c0)=ANY=[@ANYBLOB="0100000000000000074d564b"]) 1.634711963s ago: executing program 0 (id=1781): syz_emit_ethernet(0x9a, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd603000bb00642b00fc02007fbcec7a4d6ba6df4d91bdcd0200000000000000000000000000fe80"], 0x0) syz_emit_ethernet(0x52, &(0x7f0000000180)=ANY=[@ANYBLOB="faffffffffffffffaaaa"], 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0) r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.396449047s ago: executing program 0 (id=1782): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_debug_messages', 0x1a1081, 0x18) pwritev(r0, &(0x7f0000000180), 0x0, 0x0, 0x6) 1.284755718s ago: executing program 0 (id=1783): ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000240)={{}, 0x0, 0x8, @unused=[0x7, 0x4, 0x9, 0x8], @subvolid=0x6}) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}, 0x1, 0x300}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00m'], 0x38}, 0x1, 0x300}, 0x0) 1.18881505s ago: executing program 0 (id=1784): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) getpid() timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000380)={0x1, 0x0, 0x7}) 153.025577ms ago: executing program 4 (id=1785): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x64, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x20}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0xffffffffffffffff}]}}}]}], {0x14, 0x10}}, 0xac}, 0x1, 0x0, 0x0, 0x810}, 0xc4) 152.644547ms ago: executing program 2 (id=1786): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x14, 0x33, 0x601, 0x70bd2a, 0x25dfdbff, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x18800) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$key(0xffffffffffffffff, 0x0, 0x8080) bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x20000000206, 0x2) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x78, &(0x7f0000000100)=[@in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e20, @private=0xa010100}, @in6={0xa, 0xfffc, 0x2, @local, 0x7ac}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e22, 0x2, @loopback, 0x101}, @in={0x2, 0x4e20, @rand_addr=0x64010101}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000200)=ANY=[@ANYRES32=r3, @ANYBLOB="92000100090039b0f37bc445373d523e54f2aa92b0dfd001d2ab01df6f6c27a766b65dd152329d428e7d2c5c77493c651054c768a6d772a445b34dc39b3a3789ee65255f53ae47c7ce16b3bf5d1b6f84ae34447e69825500000000d19daa094c7ff6a60e32dd8c783712f07ccd516362a12857295606e92b21c44b46c6335508"], 0xa) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x3, 0x2, 0x0, "b427ececbbe6d400fd000002ffffffffff000000000000000000000000000002", 0x34363248}) syz_open_dev$video(&(0x7f0000000080), 0x0, 0x10800) keyctl$restrict_keyring(0x1d, 0x0, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x1ffc, 0x2000003}) syz_emit_ethernet(0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000080)=0x2000003) r4 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004ffff00ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/10, @ANYRES16=r4, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000020000000cfa203f0db9fb0c098178f29035dc32ee044dfe5e1610b90816614ef1cb0768144b49fb87bbbc1effa46d4d241784c6e40abbd892a68c086ec0aa8a347dbe4557b2e021a1b4369425fd0ab76afc3a8470e89103aa7ba2e5c742ebd229385f1edc95b3ad78c5da1f4a991bf6af2ed86bd53725de88e6bd39465b72c619142a945b63aa635e0dbdc843574da9a17c231f5cc18a689f459517447dc138ba4ccaa0e1424a185ec6a777a2c5b1330a7f931f89316ffc61672d2b19eba4fe76915df25e9d9a1d438c007511046c168bc5ce3d8b8c38fbb586026eda6327b8b8c10605365c65d9cad3abb310ebc2aa15430b45482760b61d7110493d6d3519b253f7324aee69ae338f6d0dc60f9514cada203c09fb480daa48ae38ee82b52e3ed7d4e6a466827eb81bf"], 0x48) syz_emit_ethernet(0x3a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x18, 0x0, @wg=@data={0x4, 0x80, 0x3}}}}}}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r6, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r6, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) splice(r6, 0x0, r5, 0x0, 0x406f413, 0x0) 152.375817ms ago: executing program 1 (id=1787): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xffe0, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 0s ago: executing program 4 (id=1788): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x2, @mcast1, 0x9}, 0x1c) connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1) kernel console output (not intermixed with test programs): =0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.590788][ T6566] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.623826][ T27] audit: type=1326 audit(1744964682.175:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.659140][ T6566] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.698719][ T6566] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.703574][ T27] audit: type=1326 audit(1744964682.175:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.740829][ T6566] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.760929][ T27] audit: type=1326 audit(1744964682.175:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.805316][ T27] audit: type=1326 audit(1744964682.175:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.871080][ T27] audit: type=1326 audit(1744964682.175:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.925690][ T6596] loop1: detected capacity change from 0 to 512 [ 182.936802][ T27] audit: type=1326 audit(1744964682.175:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6589 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 182.967755][ T6596] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 182.991256][ T6596] EXT4-fs (loop1): orphan cleanup on readonly fs [ 183.007488][ T6596] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:511: comm syz.1.906: Block bitmap for bg 0 marked uninitialized [ 183.039593][ T6596] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 183.103998][ T6596] EXT4-fs (loop1): 1 orphan inode deleted [ 183.120269][ T6596] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 183.147813][ T6596] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 183.211722][ T6596] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 183.224442][ T6606] netlink: 8 bytes leftover after parsing attributes in process `syz.2.909'. [ 183.316835][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 183.672376][ T6619] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.838573][ T6619] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.139519][ T6619] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.477217][ T6619] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.884312][ T6627] netlink: 'syz.3.919': attribute type 12 has an invalid length. [ 185.963073][ T6636] loop4: detected capacity change from 0 to 512 [ 186.022656][ T6636] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 186.063353][ T6636] EXT4-fs (loop4): orphan cleanup on readonly fs [ 186.098088][ T6636] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:511: comm syz.4.923: Block bitmap for bg 0 marked uninitialized [ 186.139301][ T6636] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 186.169109][ T6636] EXT4-fs (loop4): 1 orphan inode deleted [ 186.185179][ T6636] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 186.213197][ T6636] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 186.292719][ T6636] EXT4-fs (loop4): re-mounted. Quota mode: none. [ 186.398788][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 186.450832][ T6658] netlink: 24 bytes leftover after parsing attributes in process `+ƒ[@'. [ 186.513866][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 186.513884][ T27] audit: type=1326 audit(1744964686.095:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 186.590661][ T27] audit: type=1326 audit(1744964686.135:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 186.634528][ T6658] loop3: detected capacity change from 0 to 512 [ 186.639731][ T6665] loop2: detected capacity change from 0 to 512 [ 186.674689][ T27] audit: type=1326 audit(1744964686.135:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 186.707706][ T6658] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 186.721059][ T6658] System zones: 0-2, 18-18, 34-34 [ 186.787280][ T6658] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm +ƒ[@: bg 0: block 248: padding at end of block bitmap is not set [ 186.815775][ T6665] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 186.827177][ T27] audit: type=1326 audit(1744964686.135:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 186.893510][ T6665] EXT4-fs (loop2): 1 truncate cleaned up [ 186.899227][ T6665] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 186.909008][ T6658] Quota error (device loop3): write_blk: dquota write failed [ 186.913153][ T27] audit: type=1326 audit(1744964686.135:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 186.930265][ T6658] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 186.960226][ T6658] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm +ƒ[@: Failed to acquire dquot type 1 [ 186.966465][ T27] audit: type=1326 audit(1744964686.135:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 187.005151][ T27] audit: type=1326 audit(1744964686.135:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 187.029083][ T27] audit: type=1326 audit(1744964686.135:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 187.067315][ T6658] EXT4-fs (loop3): 1 truncate cleaned up [ 187.078062][ T6658] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 187.119610][ T6658] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 188.507287][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 190.482107][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 190.501641][ T6694] loop4: detected capacity change from 0 to 256 [ 190.656132][ T6696] loop3: detected capacity change from 0 to 512 [ 190.697706][ T6696] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 190.758173][ T6696] EXT4-fs (loop3): orphan cleanup on readonly fs [ 190.827462][ T6696] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:511: comm syz.3.944: Block bitmap for bg 0 marked uninitialized [ 190.945379][ T6696] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 190.972310][ T6619] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.995310][ T6696] EXT4-fs (loop3): 1 orphan inode deleted [ 191.023300][ T6696] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 191.054232][ T6619] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.085972][ T6619] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.110285][ T6696] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 191.122951][ T6619] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.140091][ T6696] EXT4-fs (loop3): re-mounted. Quota mode: none. [ 191.286025][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 193.923739][ T6726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.956'. [ 194.233739][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.329474][ T6741] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.405496][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 194.405513][ T27] audit: type=1326 audit(1744964693.985:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.455548][ T6741] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.472712][ T27] audit: type=1326 audit(1744964693.985:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.515888][ T27] audit: type=1326 audit(1744964693.985:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.553637][ T27] audit: type=1326 audit(1744964693.985:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.595107][ T6741] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.672585][ T27] audit: type=1326 audit(1744964693.985:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.727014][ T27] audit: type=1326 audit(1744964693.985:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.752687][ T6741] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.780302][ T27] audit: type=1326 audit(1744964693.985:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.835507][ T27] audit: type=1326 audit(1744964693.985:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.858813][ T27] audit: type=1326 audit(1744964693.985:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 194.881681][ T27] audit: type=1326 audit(1744964693.985:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 195.046982][ T6741] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.064848][ T6741] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.048611][ T6741] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.106669][ T6770] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 196.161778][ T6741] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.258217][ T6770] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 196.453749][ T6783] Unsupported ieee802154 address type: 0 [ 196.855982][ T6795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.980'. [ 196.926997][ T6798] netlink: 16 bytes leftover after parsing attributes in process `syz.3.982'. [ 197.345783][ T6808] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.501972][ T6822] xt_hashlimit: overflow, rate too high: 1125899906842624 [ 197.588099][ T6808] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.802180][ T6808] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.958948][ T6808] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.020292][ T6831] netlink: 148 bytes leftover after parsing attributes in process `syz.2.995'. [ 198.178506][ T6808] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.210373][ T6808] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.251527][ T6808] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.278091][ T6808] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.483571][ T6843] netlink: 24 bytes leftover after parsing attributes in process `syz.1.993'. [ 198.663480][ T6846] program syz.3.1003 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.217923][ T6860] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1007'. [ 200.328793][ T6858] ALSA: seq fatal error: cannot create timer (-19) [ 200.527769][ T6848] infiniband syz1: set active [ 200.669406][ T6848] infiniband syz1: added syz_tun [ 201.555306][ T6874] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.583003][ T6848] RDS/IB: syz1: added [ 201.598839][ T6848] smc: adding ib device syz1 with port count 1 [ 201.619361][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1011'. [ 201.654656][ T6848] smc: ib device syz1 port 1 has pnetid [ 201.695280][ T6874] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.852315][ T6874] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.975927][ T6874] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.027193][ T6887] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.150271][ T4268] Bluetooth: hci4: command 0x0406 tx timeout [ 202.156368][ T4268] Bluetooth: hci2: command 0x0406 tx timeout [ 202.163992][ T4259] Bluetooth: hci3: command 0x0406 tx timeout [ 202.174819][ T48] Bluetooth: hci0: command 0x0406 tx timeout [ 202.182372][ T4264] Bluetooth: hci1: command 0x0406 tx timeout [ 202.234854][ T6890] program syz.1.1016 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 202.489524][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 202.489541][ T27] audit: type=1326 audit(1744964702.065:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 202.557382][ T27] audit: type=1326 audit(1744964702.095:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 202.606679][ T27] audit: type=1326 audit(1744964702.095:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 202.674446][ T27] audit: type=1326 audit(1744964702.095:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 202.721414][ T6905] syz.1.1022[6905] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 202.721663][ T6905] syz.1.1022[6905] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 202.734326][ T27] audit: type=1326 audit(1744964702.095:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 202.777012][ T6902] loop1: detected capacity change from 0 to 512 [ 202.878174][ T6902] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 202.887444][ T6902] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.993380][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 203.137027][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'. [ 203.153896][ T6912] netlink: 596 bytes leftover after parsing attributes in process `syz.1.1024'. [ 203.702187][ T6926] program syz.2.1030 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.013782][ T6934] loop2: detected capacity change from 0 to 1024 [ 204.061380][ T6934] EXT4-fs: Ignoring removed bh option [ 204.121488][ T6941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1035'. [ 204.131049][ T6934] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 204.168834][ T6941] netlink: 596 bytes leftover after parsing attributes in process `syz.1.1035'. [ 204.313051][ T6924] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1029'. [ 204.329484][ T6943] netlink: 'syz.0.1036': attribute type 21 has an invalid length. [ 204.343557][ T6943] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1036'. [ 205.187947][ T6965] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1043'. [ 205.617134][ T6874] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.710572][ T6874] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.745890][ T6874] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.774970][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1048'. [ 205.808071][ T6874] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.833652][ T6981] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1048'. [ 205.940840][ T6985] syz.0.1050[6985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.940952][ T6985] syz.0.1050[6985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 206.797068][ T27] audit: type=1326 audit(1744964706.375:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.4.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 206.839719][ T7004] loop1: detected capacity change from 0 to 512 [ 206.877002][ T7004] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 206.922666][ T27] audit: type=1326 audit(1744964706.415:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.4.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 206.967000][ T7004] EXT4-fs (loop1): orphan cleanup on readonly fs [ 206.990276][ T7004] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:511: comm syz.1.1059: Block bitmap for bg 0 marked uninitialized [ 207.116583][ T7004] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 207.119079][ T27] audit: type=1326 audit(1744964706.415:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.4.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 207.156955][ T7004] EXT4-fs (loop1): 1 orphan inode deleted [ 207.165855][ T7004] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 207.192033][ T27] audit: type=1326 audit(1744964706.415:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.4.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 207.285635][ T27] audit: type=1326 audit(1744964706.415:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.4.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 207.369410][ T7004] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 207.428835][ T7004] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 207.460964][ T4297] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 207.582443][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 208.178060][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 208.346418][ T7019] xt_hashlimit: overflow, rate too high: 1125899906842624 [ 208.460084][ T4297] usb 4-1: Using ep0 maxpacket: 16 [ 208.468983][ T4297] usb 4-1: too many configurations: 183, using maximum allowed: 8 [ 208.511427][ T4297] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 208.532377][ T4297] usb 4-1: can't read configurations, error -61 [ 208.659200][ T7032] loop2: detected capacity change from 0 to 512 [ 208.680478][ T7032] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 208.700299][ T4297] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 208.713758][ T7032] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 208.723466][ T7032] System zones: 1-12 [ 208.729363][ T7032] EXT4-fs (loop2): orphan cleanup on readonly fs [ 208.756560][ T7037] syz.4.1072[7037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.756677][ T7037] syz.4.1072[7037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.806803][ T7032] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1070: bg 0: block 361: padding at end of block bitmap is not set [ 208.835963][ T7034] loop4: detected capacity change from 0 to 512 [ 208.843978][ T7032] EXT4-fs (loop2): Remounting filesystem read-only [ 208.879908][ T7032] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 208.900017][ T4297] usb 4-1: Using ep0 maxpacket: 16 [ 208.906062][ T4297] usb 4-1: too many configurations: 183, using maximum allowed: 8 [ 208.916947][ T7032] EXT4-fs (loop2): Remounting filesystem read-only [ 208.925089][ T7032] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1070: invalid indirect mapped block 12 (level 1) [ 208.930253][ T4297] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 208.959906][ T7034] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 208.963143][ T4297] usb 4-1: can't read configurations, error -61 [ 208.979768][ T7032] EXT4-fs (loop2): Remounting filesystem read-only [ 208.990786][ T4297] usb usb4-port1: attempt power cycle [ 209.009606][ T7032] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1070: invalid indirect mapped block 2 (level 2) [ 209.029246][ T7034] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.047176][ T7032] EXT4-fs (loop2): Remounting filesystem read-only [ 209.059788][ T7032] EXT4-fs (loop2): 1 truncate cleaned up [ 209.075077][ T7032] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 209.101071][ T7032] EXT4-fs (loop2): unmounting filesystem. [ 209.216012][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 209.407182][ T7054] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1080'. [ 209.430327][ T4297] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 209.438131][ T7054] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1080'. [ 209.468571][ T7054] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1080'. [ 209.490792][ T4297] usb 4-1: Using ep0 maxpacket: 16 [ 209.509155][ T4297] usb 4-1: too many configurations: 183, using maximum allowed: 8 [ 209.566415][ T4297] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 209.595170][ T4297] usb 4-1: can't read configurations, error -61 [ 209.606733][ C0] Dead loop on virtual device ipvlan1, fix it urgently! [ 209.663392][ T7061] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1083'. [ 209.783601][ T7071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1084'. [ 209.800256][ T4297] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 209.851714][ T4297] usb 4-1: Using ep0 maxpacket: 16 [ 209.857824][ T4297] usb 4-1: too many configurations: 183, using maximum allowed: 8 [ 209.882527][ T4297] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 209.909074][ T4297] usb 4-1: can't read configurations, error -61 [ 209.928237][ T4297] usb usb4-port1: unable to enumerate USB device [ 210.250239][ T7085] loop1: detected capacity change from 0 to 512 [ 210.276095][ T7085] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 210.317831][ T7085] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 210.339147][ T7085] System zones: 1-12 [ 210.353788][ T7085] EXT4-fs (loop1): orphan cleanup on readonly fs [ 210.364941][ T7085] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1090: bg 0: block 361: padding at end of block bitmap is not set [ 210.392218][ T7085] EXT4-fs (loop1): Remounting filesystem read-only [ 210.404371][ T7085] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 210.421800][ T7088] Falling back ldisc for ttyS3. [ 210.427230][ T7085] EXT4-fs (loop1): Remounting filesystem read-only [ 210.435929][ T7085] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1090: invalid indirect mapped block 12 (level 1) [ 210.495812][ T7085] EXT4-fs (loop1): Remounting filesystem read-only [ 210.502560][ T7085] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1090: invalid indirect mapped block 2 (level 2) [ 210.530647][ T7085] EXT4-fs (loop1): Remounting filesystem read-only [ 210.548815][ T7085] EXT4-fs (loop1): 1 truncate cleaned up [ 210.560710][ T7085] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 210.601241][ T7085] EXT4-fs (loop1): unmounting filesystem. [ 211.044452][ T7110] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1096'. [ 211.065728][ T7108] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1095'. [ 211.115925][ T7108] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1095'. [ 211.190498][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1095'. [ 211.336997][ T27] audit: type=1326 audit(1744964710.915:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.436651][ T27] audit: type=1326 audit(1744964710.955:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.527322][ T27] audit: type=1326 audit(1744964710.955:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.638078][ T27] audit: type=1326 audit(1744964710.955:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.763760][ T27] audit: type=1326 audit(1744964710.955:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.868315][ T7141] loop3: detected capacity change from 0 to 512 [ 211.889661][ T27] audit: type=1326 audit(1744964710.955:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 211.929798][ T7141] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 211.991772][ T7141] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 212.006930][ T27] audit: type=1326 audit(1744964710.955:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 212.014757][ T7141] System zones: 1-12 [ 212.059473][ T7145] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1107'. [ 212.068767][ T7145] netlink: 'syz.4.1107': attribute type 6 has an invalid length. [ 212.071013][ T7141] EXT4-fs (loop3): orphan cleanup on readonly fs [ 212.109636][ T27] audit: type=1326 audit(1744964710.955:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 212.132138][ T27] audit: type=1326 audit(1744964710.955:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 212.167029][ T27] audit: type=1326 audit(1744964710.955:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7119 comm="syz.4.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 212.228067][ T7141] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1105: bg 0: block 361: padding at end of block bitmap is not set [ 212.300572][ T7141] EXT4-fs (loop3): Remounting filesystem read-only [ 212.317652][ T7141] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 212.381418][ T7141] EXT4-fs (loop3): Remounting filesystem read-only [ 212.398226][ T7141] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1105: invalid indirect mapped block 12 (level 1) [ 212.488335][ T7141] EXT4-fs (loop3): Remounting filesystem read-only [ 212.520074][ T7141] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1105: invalid indirect mapped block 2 (level 2) [ 212.570553][ T7141] EXT4-fs (loop3): Remounting filesystem read-only [ 212.577565][ T7141] EXT4-fs (loop3): 1 truncate cleaned up [ 212.644475][ T7141] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 212.664971][ T7141] EXT4-fs (loop3): unmounting filesystem. [ 212.719253][ T7167] loop2: detected capacity change from 0 to 512 [ 212.854737][ T7167] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 212.870198][ T7167] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.297599][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 214.654674][ T7201] __nla_validate_parse: 6 callbacks suppressed [ 214.654695][ T7201] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1123'. [ 215.116415][ T7209] loop1: detected capacity change from 0 to 512 [ 215.231823][ T7209] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 215.477571][ T7209] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 215.634417][ T7209] System zones: 1-12 [ 215.828267][ T7209] EXT4-fs (loop1): orphan cleanup on readonly fs [ 215.901798][ T7209] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1126: bg 0: block 361: padding at end of block bitmap is not set [ 215.924074][ T7209] EXT4-fs (loop1): Remounting filesystem read-only [ 215.953386][ T7209] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 215.994554][ T7209] EXT4-fs (loop1): Remounting filesystem read-only [ 216.022901][ T7209] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1126: invalid indirect mapped block 12 (level 1) [ 216.122973][ T7209] EXT4-fs (loop1): Remounting filesystem read-only [ 216.129594][ T7209] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1126: invalid indirect mapped block 2 (level 2) [ 216.185995][ T7209] EXT4-fs (loop1): Remounting filesystem read-only [ 216.205265][ T7209] EXT4-fs (loop1): 1 truncate cleaned up [ 216.220094][ T7209] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 216.229686][ T7209] EXT4-fs (loop1): unmounting filesystem. [ 216.698268][ T7234] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1136'. [ 217.837277][ T7246] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1139'. [ 218.645830][ T7268] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1148'. [ 218.681862][ T7270] loop4: detected capacity change from 0 to 128 [ 218.779805][ T27] audit: type=1800 audit(1744964718.355:613): pid=7270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1149" name="file1" dev="loop4" ino=1048602 res=0 errno=0 [ 219.692795][ T7282] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1154'. [ 219.820531][ T7288] xt_hashlimit: max too large, truncated to 1048576 [ 220.070940][ T7295] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1160'. [ 221.186164][ T7326] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1170'. [ 222.299141][ T7347] loop2: detected capacity change from 0 to 2048 [ 222.397578][ T7347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 222.418559][ T7347] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz.2.1179: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 222.456619][ T7347] EXT4-fs (loop2): Remounting filesystem read-only [ 222.535175][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 223.265895][ T7394] loop3: detected capacity change from 0 to 512 [ 223.391550][ T7394] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 223.401038][ T7394] ext4 filesystem being mounted at /229/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 223.434773][ T27] audit: type=1800 audit(1744964723.015:614): pid=7394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1197" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 223.487270][ T27] audit: type=1800 audit(1744964723.045:615): pid=7394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1197" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 223.553744][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1200'. [ 223.565765][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 223.900955][ T7403] bond0: (slave bond_slave_0): Releasing backup interface [ 223.964733][ T7400] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.081893][ T7400] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.086320][ T27] audit: type=1326 audit(1744964723.665:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.171884][ T27] audit: type=1326 audit(1744964723.695:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.237135][ T7400] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.237807][ T27] audit: type=1326 audit(1744964723.695:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.282174][ T27] audit: type=1326 audit(1744964723.695:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.327263][ T7426] loop2: detected capacity change from 0 to 512 [ 224.339912][ T27] audit: type=1326 audit(1744964723.695:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.390394][ T7400] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.397321][ T27] audit: type=1326 audit(1744964723.695:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.432532][ T27] audit: type=1326 audit(1744964723.695:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.456607][ T7426] EXT4-fs (loop2): orphan cleanup on readonly fs [ 224.463860][ T27] audit: type=1326 audit(1744964723.695:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7420 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 224.471720][ T7426] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1211: bg 0: block 248: padding at end of block bitmap is not set [ 224.486869][ T27] audit: type=1326 audit(1744964723.805:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 224.523250][ T27] audit: type=1326 audit(1744964723.805:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 224.580250][ T7426] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.1211: Failed to acquire dquot type 1 [ 224.604197][ T7400] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.614283][ T7426] EXT4-fs (loop2): 1 truncate cleaned up [ 224.626123][ T7426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 224.635744][ T7400] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.675492][ T7426] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 224.694463][ T7400] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.732385][ T7426] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.1211: Failed to acquire dquot type 1 [ 224.752590][ T7400] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.795533][ T7426] EXT4-fs warning (device loop2): ext4_enable_quotas:7037: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 224.946937][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 225.170745][ T7443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1216'. [ 225.219911][ T7443] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1216'. [ 225.663713][ T7461] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1224'. [ 225.700350][ T7461] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1224'. [ 225.722892][ T7461] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1224'. [ 225.761034][ T7461] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1224'. [ 225.841649][ T7467] loop4: detected capacity change from 0 to 512 [ 225.930275][ T7467] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 225.944064][ T7467] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 226.146043][ T7482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1231'. [ 226.151799][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 226.757177][ T7495] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1230'. [ 226.785745][ T7494] loop4: detected capacity change from 0 to 512 [ 226.856050][ T7494] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 227.026105][ T7494] EXT4-fs (loop4): 1 truncate cleaned up [ 227.070169][ T7494] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 227.417507][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 227.675335][ T7522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1244'. [ 227.893408][ T7527] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 228.354165][ T7539] loop1: detected capacity change from 0 to 1024 [ 228.576477][ T7539] EXT4-fs error (device loop1): ext4_map_blocks:744: inode #3: block 1: comm syz.1.1242: lblock 1 mapped to illegal pblock 1 (length 1) [ 228.660391][ T7539] EXT4-fs error (device loop1): ext4_acquire_dquot:6802: comm syz.1.1242: Failed to acquire dquot type 0 [ 228.712022][ T7539] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.1242: Freeing blocks not in datazone - block = 0, count = 4096 [ 228.791939][ T7539] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.1242: Invalid inode bitmap blk 0 in block_group 0 [ 228.821388][ T56] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 228.868693][ T56] EXT4-fs error (device loop1): ext4_release_dquot:6825: comm kworker/u4:4: Failed to release dquot type 0 [ 228.891003][ T7539] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 228.901029][ T7539] EXT4-fs (loop1): 1 orphan inode deleted [ 228.906813][ T7539] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 228.995480][ T7557] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1252'. [ 230.896769][ T27] kauditd_printk_skb: 53 callbacks suppressed [ 230.896787][ T27] audit: type=1326 audit(1744964730.475:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7581 comm="syz.4.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 230.951589][ T7582] loop4: detected capacity change from 0 to 512 [ 230.987937][ T7582] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 230.997030][ T27] audit: type=1326 audit(1744964730.475:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.060835][ T27] audit: type=1326 audit(1744964730.475:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.084325][ T7582] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 231.093400][ T7582] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 231.120129][ T7582] System zones: 0-1, 15-15, 18-18, 34-34 [ 231.127058][ T7582] EXT4-fs (loop4): orphan cleanup on readonly fs [ 231.174303][ T7582] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 231.185042][ T27] audit: type=1326 audit(1744964730.505:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.234304][ T7582] EXT4-fs warning (device loop4): ext4_enable_quotas:7037: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 231.284022][ T27] audit: type=1326 audit(1744964730.505:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.307628][ T7582] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 231.323911][ T7582] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1270: bg 0: block 40: padding at end of block bitmap is not set [ 231.367526][ T27] audit: type=1326 audit(1744964730.505:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.401401][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 231.408146][ T7582] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 231.423640][ T27] audit: type=1326 audit(1744964730.505:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.458955][ T7582] EXT4-fs (loop4): 1 truncate cleaned up [ 231.466063][ T7582] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 231.479772][ T27] audit: type=1326 audit(1744964730.505:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.550719][ T7582] EXT4-fs error (device loop4): ext4_encrypted_get_link:46: inode #16: comm syz.4.1270: bad symlink. [ 231.599568][ T27] audit: type=1326 audit(1744964730.505:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 231.724821][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 232.014581][ T7612] loop1: detected capacity change from 0 to 512 [ 232.364377][ T7612] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1282: inode #1: comm syz.1.1282: iget: illegal inode # [ 232.699617][ T7612] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1282: error while reading EA inode 1 err=-117 [ 232.850620][ T7612] EXT4-fs (loop1): 1 orphan inode deleted [ 232.866856][ T7619] loop3: detected capacity change from 0 to 512 [ 232.900233][ T7612] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 232.927014][ T7619] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 232.986968][ T7623] loop2: detected capacity change from 0 to 512 [ 233.000160][ T7623] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 233.010190][ T7619] EXT4-fs (loop3): orphan cleanup on readonly fs [ 233.017325][ T7619] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:511: comm syz.3.1284: Block bitmap for bg 0 marked uninitialized [ 233.038844][ T7623] EXT4-fs (loop2): invalid journal inode [ 233.044777][ T7623] EXT4-fs (loop2): can't get journal size [ 233.059890][ T7619] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 233.071224][ T7619] EXT4-fs (loop3): 1 orphan inode deleted [ 233.076175][ T7623] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002] [ 233.077084][ T7619] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 233.095827][ T7623] System zones: 1-12, 13-13 [ 233.143340][ T7623] EXT4-fs (loop2): 1 truncate cleaned up [ 233.159252][ T7619] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 233.168967][ T7623] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 233.178815][ T7627] __nla_validate_parse: 1 callbacks suppressed [ 233.178833][ T7627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1286'. [ 233.220110][ T7619] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 233.228088][ T7623] EXT4-fs (loop2): unmounting filesystem. [ 233.277222][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 233.456636][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 233.641375][ T7638] random: crng reseeded on system resumption [ 233.904690][ T7646] Unsupported ieee802154 address type: 0 [ 234.126774][ T7640] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.210163][ T7640] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.316092][ T7640] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.406309][ T7640] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.550761][ T7640] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.603597][ T7640] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.646740][ T7640] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.663911][ T7640] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.790488][ T7658] loop2: detected capacity change from 0 to 512 [ 234.856786][ T7658] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 234.881006][ T7658] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.059447][ T7670] loop3: detected capacity change from 0 to 512 [ 235.096935][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 235.126673][ T7672] loop4: detected capacity change from 0 to 512 [ 235.158572][ T7670] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 235.169378][ T7672] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 235.251423][ T7670] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 235.330954][ T7672] EXT4-fs (loop4): orphan cleanup on readonly fs [ 235.337605][ T7672] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:511: comm syz.4.1300: Block bitmap for bg 0 marked uninitialized [ 235.451287][ T7672] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 235.511059][ T7672] EXT4-fs (loop4): 1 orphan inode deleted [ 235.517047][ T7672] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 235.527010][ T7692] loop1: detected capacity change from 0 to 512 [ 235.555604][ T7692] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 235.578453][ T7672] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 235.674087][ T7692] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 235.702093][ T7672] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 235.711226][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 235.752856][ T7692] System zones: 1-12 [ 235.827363][ T7692] EXT4-fs (loop1): orphan cleanup on readonly fs [ 235.854665][ T7692] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1307: bg 0: block 361: padding at end of block bitmap is not set [ 235.876853][ T7692] EXT4-fs (loop1): Remounting filesystem read-only [ 235.892022][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 235.898352][ T7692] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 235.929699][ T7692] EXT4-fs (loop1): Remounting filesystem read-only [ 235.955518][ T7692] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1307: invalid indirect mapped block 12 (level 1) [ 236.012307][ T7703] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1305'. [ 236.054225][ T7692] EXT4-fs (loop1): Remounting filesystem read-only [ 236.080106][ T7692] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1307: invalid indirect mapped block 2 (level 2) [ 236.128962][ T7692] EXT4-fs (loop1): Remounting filesystem read-only [ 236.146882][ T7692] EXT4-fs (loop1): 1 truncate cleaned up [ 236.155538][ T7692] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 236.172028][ T7692] EXT4-fs (loop1): unmounting filesystem. [ 236.806863][ T7726] loop2: detected capacity change from 0 to 512 [ 236.859504][ T7726] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 236.896210][ T7728] loop4: detected capacity change from 0 to 1024 [ 236.938649][ T7726] EXT4-fs (loop2): orphan cleanup on readonly fs [ 236.976779][ T7726] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.1322: Block bitmap for bg 0 marked uninitialized [ 237.001637][ T7726] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 237.016140][ T7726] EXT4-fs (loop2): 1 orphan inode deleted [ 237.022357][ T7726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 237.048474][ T7728] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 237.056611][ T7726] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 237.113294][ T7728] tipc: Enabling of bearer rejected, failed to enable media [ 237.171337][ T7726] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 237.189754][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 237.320516][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 237.351299][ T7737] loop4: detected capacity change from 0 to 512 [ 237.443482][ T7737] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 237.476457][ T7737] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.652220][ T7744] loop2: detected capacity change from 0 to 512 [ 237.663979][ T7744] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 237.689694][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 237.726710][ T7744] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 237.744629][ T7744] System zones: 1-12 [ 237.761320][ T7744] EXT4-fs (loop2): orphan cleanup on readonly fs [ 237.783210][ T27] kauditd_printk_skb: 76 callbacks suppressed [ 237.783228][ T27] audit: type=1326 audit(1744964737.365:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 237.890217][ T7744] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1328: bg 0: block 361: padding at end of block bitmap is not set [ 237.960032][ T27] audit: type=1326 audit(1744964737.405:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 237.982347][ C0] vkms_vblank_simulate: vblank timer overrun [ 237.988128][ T7744] EXT4-fs (loop2): Remounting filesystem read-only [ 238.010007][ T7744] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 238.029133][ T27] audit: type=1326 audit(1744964737.405:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.049556][ T7744] EXT4-fs (loop2): Remounting filesystem read-only [ 238.051443][ C0] vkms_vblank_simulate: vblank timer overrun [ 238.096186][ T7744] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1328: invalid indirect mapped block 12 (level 1) [ 238.127983][ T7744] EXT4-fs (loop2): Remounting filesystem read-only [ 238.139807][ T27] audit: type=1326 audit(1744964737.405:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.162976][ T7744] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1328: invalid indirect mapped block 2 (level 2) [ 238.176792][ T27] audit: type=1326 audit(1744964737.405:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.205148][ T7744] EXT4-fs (loop2): Remounting filesystem read-only [ 238.212163][ T7744] EXT4-fs (loop2): 1 truncate cleaned up [ 238.217866][ T7744] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 238.261513][ T7744] EXT4-fs (loop2): unmounting filesystem. [ 238.278161][ T27] audit: type=1326 audit(1744964737.405:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.300487][ C0] vkms_vblank_simulate: vblank timer overrun [ 238.414128][ T27] audit: type=1326 audit(1744964737.405:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.459057][ T27] audit: type=1326 audit(1744964737.405:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.0.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 238.481317][ C0] vkms_vblank_simulate: vblank timer overrun [ 238.544903][ T27] audit: type=1326 audit(1744964737.515:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.4.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 238.567188][ C0] vkms_vblank_simulate: vblank timer overrun [ 238.638315][ T27] audit: type=1326 audit(1744964737.525:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.4.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 238.940146][ T7766] Unsupported ieee802154 address type: 0 [ 239.209097][ T7729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1318'. [ 239.411147][ T7775] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1338'. [ 240.113786][ T7797] loop3: detected capacity change from 0 to 512 [ 240.161546][ T7797] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 240.236998][ T7797] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 240.251148][ T7797] System zones: 1-12 [ 240.276630][ T7797] EXT4-fs (loop3): orphan cleanup on readonly fs [ 240.288278][ T7797] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1344: bg 0: block 361: padding at end of block bitmap is not set [ 240.310536][ T7797] EXT4-fs (loop3): Remounting filesystem read-only [ 240.317117][ T7797] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 240.373812][ T7797] EXT4-fs (loop3): Remounting filesystem read-only [ 240.410150][ T7797] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1344: invalid indirect mapped block 12 (level 1) [ 240.467993][ T7797] EXT4-fs (loop3): Remounting filesystem read-only [ 240.497989][ T7797] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1344: invalid indirect mapped block 2 (level 2) [ 240.560166][ T7797] EXT4-fs (loop3): Remounting filesystem read-only [ 240.566939][ T7797] EXT4-fs (loop3): 1 truncate cleaned up [ 240.595990][ T7797] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 240.629717][ T7797] EXT4-fs (loop3): unmounting filesystem. [ 240.936089][ T7807] 9pnet: Could not find request transport: f [ 241.042414][ T7810] loop3: detected capacity change from 0 to 128 [ 241.105508][ T7810] FAT-fs (loop3): Directory bread(block 32) failed [ 241.113583][ T7810] FAT-fs (loop3): Directory bread(block 33) failed [ 241.130677][ T7810] FAT-fs (loop3): Directory bread(block 34) failed [ 241.150520][ T7810] FAT-fs (loop3): Directory bread(block 35) failed [ 241.157294][ T7810] FAT-fs (loop3): Directory bread(block 36) failed [ 241.260099][ T7810] FAT-fs (loop3): Directory bread(block 37) failed [ 241.274483][ T7810] FAT-fs (loop3): Directory bread(block 38) failed [ 241.310722][ T7810] FAT-fs (loop3): Directory bread(block 39) failed [ 241.349076][ T7810] FAT-fs (loop3): Directory bread(block 40) failed [ 241.393284][ T7810] FAT-fs (loop3): Directory bread(block 41) failed [ 241.625153][ T7810] syz.3.1349: attempt to access beyond end of device [ 241.625153][ T7810] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 241.701495][ T7810] FAT-fs (loop3): Filesystem has been set read-only [ 241.708300][ T7810] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 241.739057][ T7825] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 242.879368][ T7845] loop2: detected capacity change from 0 to 512 [ 243.314438][ T7845] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 243.426687][ T7845] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 243.435810][ T7845] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 243.523383][ T27] kauditd_printk_skb: 26 callbacks suppressed [ 243.523401][ T27] audit: type=1326 audit(1744964743.105:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.603811][ T7854] loop3: detected capacity change from 0 to 1024 [ 243.620767][ T7855] loop1: detected capacity change from 0 to 256 [ 243.627530][ T27] audit: type=1326 audit(1744964743.205:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.656909][ T27] audit: type=1326 audit(1744964743.205:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.670957][ T7854] EXT4-fs: Ignoring removed nobh option [ 243.679273][ C1] vkms_vblank_simulate: vblank timer overrun [ 243.686833][ T7855] FAT-fs (loop1): Unrecognized mount option "iocha×" or missing value [ 243.763438][ T7854] EXT4-fs: Ignoring removed nobh option [ 243.812597][ T7854] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 243.833306][ T7854] EXT4-fs error (device loop3): ext4_get_journal_inode:5723: comm syz.3.1361: inode #4294967295: comm syz.3.1361: iget: illegal inode # [ 243.857609][ T7854] EXT4-fs (loop3): no journal found [ 243.862924][ T7854] EXT4-fs (loop3): can't get journal size [ 243.868382][ T27] audit: type=1326 audit(1744964743.445:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.900673][ T27] audit: type=1326 audit(1744964743.445:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.902369][ T7854] EXT4-fs (loop3): failed to initialize system zone (-22) [ 243.923380][ T27] audit: type=1326 audit(1744964743.445:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 243.957536][ T7855] loop1: detected capacity change from 0 to 512 [ 243.974376][ T27] audit: type=1326 audit(1744964743.445:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 244.000400][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 244.099868][ T7855] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 244.124605][ T27] audit: type=1326 audit(1744964743.475:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 244.147746][ T7854] EXT4-fs (loop3): mount failed [ 244.163333][ T7855] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.216029][ T27] audit: type=1326 audit(1744964743.475:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 244.239033][ T27] audit: type=1326 audit(1744964743.475:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8657d8e169 code=0x7ffc0000 [ 244.261323][ C1] vkms_vblank_simulate: vblank timer overrun [ 244.281524][ T7862] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.420602][ T7862] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.517649][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 244.529371][ T7862] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.596133][ T7873] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1367'. [ 244.629381][ T7862] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.007226][ T7879] loop3: detected capacity change from 0 to 512 [ 245.016949][ T7862] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.091041][ T7862] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.098724][ T7879] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 245.106385][ T7862] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.123846][ T7879] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 245.167176][ T7862] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.192450][ T7879] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.1370: corrupted xattr block 33 [ 245.336786][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 246.779265][ T7914] mmap: syz.1.1384 (7914) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 247.115716][ T7920] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1387'. [ 247.802675][ T7940] Unsupported ieee802154 address type: 0 [ 248.924003][ T7955] loop1: detected capacity change from 0 to 512 [ 248.932569][ T27] kauditd_printk_skb: 35 callbacks suppressed [ 248.932586][ T27] audit: type=1326 audit(1744964748.515:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7952 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 248.997087][ T7955] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 249.010438][ T27] audit: type=1326 audit(1744964748.515:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7952 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 249.077642][ T7955] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 249.134720][ T27] audit: type=1326 audit(1744964748.525:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7952 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 249.180251][ T7955] System zones: 1-12 [ 249.191253][ T7955] EXT4-fs (loop1): orphan cleanup on readonly fs [ 249.198422][ T7955] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1397: bg 0: block 361: padding at end of block bitmap is not set [ 249.265452][ T27] audit: type=1326 audit(1744964748.525:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7952 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 249.284539][ T7966] loop4: detected capacity change from 0 to 512 [ 249.299085][ T7955] EXT4-fs (loop1): Remounting filesystem read-only [ 249.299170][ T27] audit: type=1326 audit(1744964748.525:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7952 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8b78e169 code=0x7ffc0000 [ 249.309745][ T7955] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 249.365254][ T7966] EXT4-fs: Ignoring removed mblk_io_submit option [ 249.373093][ T7966] ext4: Unknown parameter 'seclabel' [ 249.408980][ T7955] EXT4-fs (loop1): Remounting filesystem read-only [ 249.409007][ T7955] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1397: invalid indirect mapped block 12 (level 1) [ 249.409365][ T7955] EXT4-fs (loop1): Remounting filesystem read-only [ 249.409387][ T7955] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1397: invalid indirect mapped block 2 (level 2) [ 249.409731][ T7955] EXT4-fs (loop1): Remounting filesystem read-only [ 249.410004][ T7955] EXT4-fs (loop1): 1 truncate cleaned up [ 249.410046][ T7955] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 249.411116][ T7955] EXT4-fs (loop1): unmounting filesystem. [ 249.585828][ T27] audit: type=1326 audit(1744964749.165:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7976 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 249.586162][ T27] audit: type=1326 audit(1744964749.165:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7976 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 249.586381][ T27] audit: type=1326 audit(1744964749.165:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7976 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 249.586649][ T27] audit: type=1326 audit(1744964749.165:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7976 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 249.586837][ T27] audit: type=1326 audit(1744964749.165:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7976 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc82438e169 code=0x7ffc0000 [ 249.769594][ C1] vkms_vblank_simulate: vblank timer overrun [ 249.815762][ C1] vkms_vblank_simulate: vblank timer overrun [ 251.206900][ T8003] atomic_op ffff88804f236998 conn xmit_atomic 0000000000000000 [ 251.397296][ T8013] loop3: detected capacity change from 0 to 512 [ 251.482348][ T8013] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 251.569426][ T8013] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.658461][ T8028] capability: warning: `syz.2.1420' uses 32-bit capabilities (legacy support in use) [ 251.702020][ T8028] program syz.2.1420 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 251.934332][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 252.114491][ T8039] loop3: detected capacity change from 0 to 512 [ 252.145838][ T8039] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 252.177532][ T8039] EXT4-fs (loop3): orphan cleanup on readonly fs [ 252.187002][ T8039] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:511: comm syz.3.1425: Block bitmap for bg 0 marked uninitialized [ 252.208319][ T8039] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 252.227658][ T8039] EXT4-fs (loop3): 1 orphan inode deleted [ 252.233678][ T8039] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 252.285590][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 253.566452][ T8059] loop3: detected capacity change from 0 to 512 [ 253.653629][ T8059] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 253.719170][ T8059] ext4 filesystem being mounted at /274/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 253.930595][ T4265] EXT4-fs (loop3): unmounting filesystem. [ 253.970431][ T8073] syz.2.1433[8073] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 253.970540][ T8073] syz.2.1433[8073] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 254.051741][ T27] kauditd_printk_skb: 33 callbacks suppressed [ 254.051756][ T27] audit: type=1326 audit(1744964753.635:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8072 comm="syz.2.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 254.180064][ T27] audit: type=1326 audit(1744964753.675:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8072 comm="syz.2.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 254.202385][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.351148][ T27] audit: type=1326 audit(1744964753.675:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8072 comm="syz.2.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 254.378939][ T27] audit: type=1326 audit(1744964753.675:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8072 comm="syz.2.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 254.453962][ T8088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1438'. [ 254.468961][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1440'. [ 255.730656][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.164378][ T8126] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1448'. [ 258.437611][ T8162] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1467'. [ 259.618315][ T4254] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 259.627689][ T4254] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 259.655800][ T8181] loop2: detected capacity change from 0 to 256 [ 259.660683][ T4254] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 259.670347][ T4254] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 259.679471][ T4254] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 259.686950][ T4254] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 259.859996][ T8181] syz.2.1473[8181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.860106][ T8181] syz.2.1473[8181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.925998][ T8183] device syzkaller0 entered promiscuous mode [ 260.192897][ T8181] 9pnet_fd: Insufficient options for proto=fd [ 261.750258][ T4268] Bluetooth: hci4: command 0x0409 tx timeout [ 263.668588][ T8228] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1492'. [ 263.830251][ T4268] Bluetooth: hci4: command 0x041b tx timeout [ 265.560998][ T8242] infiniband syz1: set active [ 265.593286][ T8242] batman_adv: batadv0: Interface deactivated: dummy0 [ 265.657674][ T8242] batman_adv: batadv0: Removing interface: dummy0 [ 265.684928][ T8242] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 265.704014][ T8242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 265.714140][ T8242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 265.729425][ T8242] device bridge_slave_0 left promiscuous mode [ 265.740525][ T8242] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.911404][ T4268] Bluetooth: hci4: command 0x040f tx timeout [ 266.461330][ T8242] device bridge_slave_1 left promiscuous mode [ 266.547561][ T8242] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.569155][ T8242] bond0: (slave bond_slave_0): Releasing backup interface [ 266.735601][ T8242] team0: Port device team_slave_0 removed [ 266.790514][ T8242] team0: Port device team_slave_1 removed [ 266.797243][ T8242] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 266.820534][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.856215][ T8242] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.870219][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.444488][ T8178] chnl_net:caif_netlink_parms(): no params data found [ 267.486617][ T8273] batman_adv: batadv0: Adding interface: dummy0 [ 267.500142][ T8273] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.557765][ T8273] batman_adv: batadv0: Interface activated: dummy0 [ 267.606593][ T8276] batadv0: mtu less than device minimum [ 267.628690][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.641314][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.653805][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.666199][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.678692][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.691130][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.703637][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.716111][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.727850][ T8276] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 267.990119][ T4268] Bluetooth: hci4: command 0x0419 tx timeout [ 269.355543][ T8297] 9pnet_fd: Insufficient options for proto=fd [ 269.557091][ T8178] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.593224][ T8178] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.640268][ T8178] device bridge_slave_0 entered promiscuous mode [ 269.673858][ T8302] netlink: 'syz.2.1516': attribute type 16 has an invalid length. [ 269.698249][ T8302] netlink: 'syz.2.1516': attribute type 17 has an invalid length. [ 269.790858][ T8304] futex_wake_op: syz.2.1516 tries to shift op by 36; fix this program [ 271.277058][ T27] audit: type=1326 audit(1744964770.855:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.4.1519" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x0 [ 271.312108][ T8302] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.319691][ T8302] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.358704][ T8302] infiniband syz0: set down [ 271.398084][ T8302] batman_adv: batadv0: Interface deactivated: dummy0 [ 271.654156][ T8320] netlink: 'syz.0.1522': attribute type 11 has an invalid length. [ 271.664759][ T8320] netlink: 448 bytes leftover after parsing attributes in process `syz.0.1522'. [ 271.800133][ T4295] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 271.939206][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 272.002630][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 272.012229][ T4295] usb 5-1: config 0 has no interfaces? [ 272.020605][ T4295] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 272.029704][ T4295] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.044317][ T4295] usb 5-1: Product: syz [ 272.049064][ T4295] usb 5-1: Manufacturer: syz [ 272.053803][ T4295] usb 5-1: SerialNumber: syz [ 272.089759][ T4295] usb 5-1: config 0 descriptor?? [ 273.556775][ T8332] 9pnet_fd: Insufficient options for proto=fd [ 273.954347][ T8302] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.963084][ T8302] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.972292][ T8302] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.981132][ T8302] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.094738][ T8178] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.111687][ T8178] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.129615][ T8178] device bridge_slave_1 entered promiscuous mode [ 274.147107][ T8307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 274.160284][ T8307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 274.178032][ T8307] device bridge_slave_0 left promiscuous mode [ 274.197387][ T8307] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.212514][ T8307] device bridge_slave_1 left promiscuous mode [ 274.219045][ T8307] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.233089][ T8307] bond0: (slave bond_slave_0): Releasing backup interface [ 274.268912][ T8307] bond0: (slave bond_slave_1): Releasing backup interface [ 274.277197][ T8340] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 274.361829][ T8307] team0: Port device team_slave_0 removed [ 274.395538][ T8307] team0: Port device team_slave_1 removed [ 274.410560][ T8307] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 274.418418][ T8307] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 274.427934][ T8307] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 274.436594][ T8307] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 274.500414][ T4241] bond0 speed is unknown, defaulting to 1000 [ 274.509386][ T4331] bond0 speed is unknown, defaulting to 1000 [ 274.652521][ T128] bond0 speed is unknown, defaulting to 1000 [ 274.659846][ T128] bond0 speed is unknown, defaulting to 1000 [ 274.782154][ T8178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.834275][ T8178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.037665][ T8178] team0: Port device team_slave_0 added [ 275.099839][ T8178] team0: Port device team_slave_1 added [ 275.203373][ T4295] usb 5-1: USB disconnect, device number 2 [ 275.296706][ T8178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.348364][ T8178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.415968][ T8178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.614686][ T8178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.651285][ T8178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.698192][ T8369] 9pnet_fd: Insufficient options for proto=fd [ 276.100917][ T8178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.618794][ T8178] device hsr_slave_0 entered promiscuous mode [ 276.650212][ T7] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 276.678135][ T8178] device hsr_slave_1 entered promiscuous mode [ 276.697812][ T8178] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 276.716890][ T8178] Cannot create hsr debugfs directory [ 276.880319][ T7] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 276.900765][ T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.908854][ T7] usb 3-1: Product: syz [ 276.919967][ T7] usb 3-1: Manufacturer: syz [ 276.950076][ T7] usb 3-1: SerialNumber: syz [ 276.961695][ T7] usb 3-1: config 0 descriptor?? [ 277.179126][ T7] usb-storage 3-1:0.0: USB Mass Storage device detected [ 277.228700][ T8178] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.324375][ T7] usb 3-1: USB disconnect, device number 2 [ 277.402897][ T8178] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.477836][ T8178] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.548240][ T8178] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.645839][ T4295] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 277.840279][ T4295] usb 5-1: Using ep0 maxpacket: 8 [ 277.850699][ T4295] usb 5-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 277.863871][ T8178] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 277.871981][ T4295] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.881087][ T4295] usb 5-1: Product: syz [ 277.894837][ T4295] usb 5-1: Manufacturer: syz [ 277.899498][ T4295] usb 5-1: SerialNumber: syz [ 277.920214][ T4295] usb 5-1: config 0 descriptor?? [ 277.920868][ T8178] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 277.957290][ T4295] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 277.958712][ T8178] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 277.983730][ T8178] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 278.324479][ T4295] gspca_sonixj: reg_w1 err -71 [ 278.330005][ T4295] sonixj: probe of 5-1:0.0 failed with error -71 [ 278.338313][ T4295] usb 5-1: USB disconnect, device number 3 [ 278.362682][ T8178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.643590][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 278.694887][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 279.080196][ T8178] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.121512][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 279.159043][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 279.220816][ T4760] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.227989][ T4760] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.303738][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 279.335704][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 279.365449][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 279.558833][ T4305] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.566001][ T4305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.640354][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 279.688848][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 279.718056][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 279.811301][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 279.903161][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 279.947680][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 279.994279][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 280.045548][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 280.098494][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 280.108247][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 280.119179][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 280.211601][ T8178] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 280.863200][ T8178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.935930][ T8178] device veth0_vlan entered promiscuous mode [ 280.958769][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 280.977063][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 280.997839][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 281.041620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 281.050840][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 281.059813][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 281.068740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 281.096697][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 281.360761][ T8178] device veth1_vlan entered promiscuous mode [ 281.811271][ T8445] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1560'. [ 281.923057][ T8178] device veth0_macvtap entered promiscuous mode [ 282.003026][ T8178] device veth1_macvtap entered promiscuous mode [ 282.023689][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 282.042118][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 282.051169][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 282.067197][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 282.095167][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 282.116663][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 282.180722][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.353996][ T14] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 282.395752][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.406203][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.416819][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.434493][ T8178] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.470180][ T14] usb 1-1: Using ep0 maxpacket: 8 [ 283.490196][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 283.531222][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 283.641379][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.660419][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.670483][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.681167][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.728010][ T8178] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 283.784466][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 283.798689][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 283.838748][ T8453] netlink: 'syz.0.1563': attribute type 3 has an invalid length. [ 283.872416][ T8178] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.916518][ T8178] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.975016][ T8178] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.020327][ T8178] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.318176][ T4769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.387264][ T4769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.427907][ T4305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.444284][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 284.461946][ T4305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.492142][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 285.179485][ T8483] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1574'. [ 286.371830][ T8492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1577'. [ 287.371946][ T4769] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.391632][ T14] usb 1-1: unable to get BOS descriptor or descriptor too short [ 287.420048][ T14] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 287.445734][ T14] usb 1-1: can't read configurations, error -71 [ 287.572327][ T4769] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.878021][ T4769] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.140050][ T4769] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.232560][ T8512] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1582'. [ 288.489069][ T8517] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan0, syncid = 1, id = 0 [ 288.850971][ T4254] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 288.862262][ T4254] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 288.872461][ T4254] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 288.892397][ T4254] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 288.901210][ T4254] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 288.908624][ T4254] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 289.395030][ T8521] bond0 speed is unknown, defaulting to 1000 [ 289.901555][ T8521] bond0 speed is unknown, defaulting to 1000 [ 290.950282][ T4254] Bluetooth: hci4: command 0x0409 tx timeout [ 291.289745][ T8559] syz.2.1591 sent an empty control message without MSG_MORE. [ 292.166348][ T8521] chnl_net:caif_netlink_parms(): no params data found [ 292.423884][ T4769] device hsr_slave_0 left promiscuous mode [ 292.479719][ T4769] device hsr_slave_1 left promiscuous mode [ 292.537287][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.569036][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.605334][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.625095][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.697576][ T4769] device bridge_slave_1 left promiscuous mode [ 292.721244][ T4769] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.764543][ T4769] device bridge_slave_0 left promiscuous mode [ 292.798489][ T4769] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.935043][ T4769] device veth1_macvtap left promiscuous mode [ 292.957455][ T4769] device veth0_macvtap left promiscuous mode [ 292.981315][ T4769] device veth1_vlan left promiscuous mode [ 293.007767][ T4769] device veth0_vlan left promiscuous mode [ 293.031191][ T4254] Bluetooth: hci4: command 0x041b tx timeout [ 293.110177][ T125] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 293.300185][ T125] usb 1-1: Using ep0 maxpacket: 16 [ 293.309536][ T125] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 293.354714][ T125] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 293.417393][ T125] usb 1-1: config 0 has no interface number 0 [ 293.451282][ T125] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 293.491686][ T125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.553965][ T125] usb 1-1: config 0 descriptor?? [ 293.582556][ T125] usb 1-1: Found UVC 0.00 device (0bd3:0555) [ 293.596622][ T125] usb 1-1: No valid video chain found. [ 294.693893][ T4769] team0 (unregistering): Port device team_slave_1 removed [ 294.931719][ T4769] team0 (unregistering): Port device team_slave_0 removed [ 295.111444][ T4254] Bluetooth: hci4: command 0x040f tx timeout [ 295.167380][ T4769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 295.249846][ T4769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 296.304753][ T4769] bond0 (unregistering): Released all slaves [ 296.449587][ T8521] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.528344][ T8521] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.568166][ T8521] device bridge_slave_0 entered promiscuous mode [ 296.568381][ T7] usb 1-1: USB disconnect, device number 4 [ 296.617542][ T8521] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.650313][ T8521] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.676798][ T8521] device bridge_slave_1 entered promiscuous mode [ 296.824741][ T8521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.881226][ T8521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 297.028109][ T8521] team0: Port device team_slave_0 added [ 297.099330][ T8521] team0: Port device team_slave_1 added [ 297.198793][ T8521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 297.200105][ T4254] Bluetooth: hci4: command 0x0419 tx timeout [ 297.283537][ T8521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.370028][ T8521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 297.480777][ T8642] net_ratelimit: 10 callbacks suppressed [ 297.480796][ T8642] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 297.519992][ T22] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 297.563245][ T8521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 297.577026][ T8521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.730177][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 297.855646][ T8521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.870255][ T8637] netlink: 'syz.2.1611': attribute type 3 has an invalid length. [ 298.102840][ T8521] device hsr_slave_0 entered promiscuous mode [ 298.183118][ T8521] device hsr_slave_1 entered promiscuous mode [ 298.245308][ T8521] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 298.276203][ T8521] Cannot create hsr debugfs directory [ 299.661833][ T8664] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1616'. [ 300.879577][ T8678] 9pnet: p9_errstr2errno: server reported unknown error [ 301.441888][ T8521] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 301.505170][ T8521] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 301.562553][ T8521] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 301.606093][ T8521] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 301.864641][ T22] usb 3-1: unable to get BOS descriptor or descriptor too short [ 301.892169][ T22] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 301.925156][ T22] usb 3-1: can't read configurations, error -71 [ 301.980166][ T8521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 302.067411][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 302.085466][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 302.127411][ T8521] 8021q: adding VLAN 0 to HW filter on device team0 [ 302.147127][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 302.158053][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 302.325145][ T4305] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.332328][ T4305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 303.091388][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 303.099851][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 303.111631][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 303.125761][ T4305] bridge0: port 2(bridge_slave_1) entered blocking state [ 303.132958][ T4305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 303.146321][ T8711] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1628'. [ 303.260985][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 303.297938][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 303.333987][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 303.369164][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 303.388426][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 303.419597][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 303.447348][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 303.469044][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 303.498792][ T8521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 303.521762][ T8521] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 303.543745][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 303.554426][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 303.589604][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 303.743059][ T8726] tipc: Can't bind to reserved service type 2 [ 304.218753][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 304.251876][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 304.273508][ T8521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 304.313955][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 304.330348][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 304.378146][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 304.398367][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 304.443886][ T8521] device veth0_vlan entered promiscuous mode [ 304.458634][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 304.478681][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 304.503285][ T8521] device veth1_vlan entered promiscuous mode [ 304.622871][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 304.646982][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 304.686810][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 304.703261][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 304.732736][ T8521] device veth0_macvtap entered promiscuous mode [ 304.788280][ T8521] device veth1_macvtap entered promiscuous mode [ 304.888759][ T8521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 304.930253][ T8521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.987283][ T8521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 305.074051][ T8521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.101639][ T8521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 305.138573][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 305.150610][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 305.181668][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 305.214322][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 305.280634][ T8521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 305.331499][ T8521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.360121][ T4297] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 305.387993][ T8521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 305.465879][ T8521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.527208][ T8521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 305.570146][ T4297] usb 1-1: Using ep0 maxpacket: 16 [ 305.594744][ T4769] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 305.633270][ T4769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 305.662792][ T4297] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 305.694586][ T8521] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.703590][ T4297] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.723610][ T8521] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.754232][ T4297] usb 1-1: Product: syz [ 305.761803][ T8521] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.778637][ T4297] usb 1-1: Manufacturer: syz [ 305.794917][ T4297] usb 1-1: SerialNumber: syz [ 305.800879][ T8521] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.820710][ T4297] r8152-cfgselector 1-1: config 0 descriptor?? [ 306.092018][ T4297] r8152-cfgselector 1-1: Unknown version 0x0000 [ 306.321997][ T4769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 306.379807][ T4769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 306.411473][ T8760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 306.504232][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 306.505157][ T4769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 306.568156][ T4769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 306.587653][ T8760] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 306.661505][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 307.900045][ T8788] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1644'. [ 308.628926][ T8807] bond0 speed is unknown, defaulting to 1000 [ 308.834443][ T8808] loop1: detected capacity change from 0 to 512 [ 308.852527][ T8807] bond0 speed is unknown, defaulting to 1000 [ 310.316550][ T8808] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 310.423791][ T8808] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 310.432915][ T8808] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.769755][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 310.830314][ T4297] r8152-cfgselector 1-1: Unknown version 0x0000 [ 310.865468][ T4297] r8152-cfgselector 1-1: bad CDC descriptors [ 310.913586][ T4297] r8152-cfgselector 1-1: Unknown version 0x0000 [ 310.956911][ T4297] r8152-cfgselector 1-1: USB disconnect, device number 5 [ 311.092374][ T4760] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.265972][ T4760] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.643226][ T4760] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.767744][ T8848] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1656'. [ 312.355124][ T27] audit: type=1326 audit(1744964811.935:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 312.409812][ T4760] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.545943][ T27] audit: type=1326 audit(1744964812.015:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 312.659232][ T27] audit: type=1326 audit(1744964812.235:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 312.752574][ T27] audit: type=1326 audit(1744964812.235:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 312.774856][ C1] vkms_vblank_simulate: vblank timer overrun [ 312.831649][ T27] audit: type=1326 audit(1744964812.235:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 312.982122][ T27] audit: type=1326 audit(1744964812.235:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 313.053399][ T27] audit: type=1326 audit(1744964812.635:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 313.223962][ T8870] bond0 speed is unknown, defaulting to 1000 [ 313.586191][ T8871] loop4: detected capacity change from 0 to 512 [ 313.803303][ T8870] bond0 speed is unknown, defaulting to 1000 [ 313.990694][ T27] audit: type=1326 audit(1744964813.555:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.2.1660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac02f8e169 code=0x7ffc0000 [ 314.020794][ T8871] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 314.147505][ T8871] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 314.157034][ T8871] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.491503][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 314.512884][ T4268] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 314.524268][ T4268] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 314.533446][ T4268] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 314.554424][ T4268] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 314.583581][ T4268] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 314.591371][ T4268] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 314.848493][ T8878] bond0 speed is unknown, defaulting to 1000 [ 315.228901][ T8878] bond0 speed is unknown, defaulting to 1000 [ 316.119569][ T8921] netlink: 'syz.4.1676': attribute type 5 has an invalid length. [ 316.630200][ T4254] Bluetooth: hci4: command 0x0409 tx timeout [ 316.820887][ T8878] chnl_net:caif_netlink_parms(): no params data found [ 317.113271][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.315050][ T8878] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.335847][ T8878] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.373088][ T8878] device bridge_slave_0 entered promiscuous mode [ 317.401730][ T8878] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.432618][ T8878] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.477728][ T8878] device bridge_slave_1 entered promiscuous mode [ 317.736392][ T8878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.801919][ T8878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 317.965827][ T8878] team0: Port device team_slave_0 added [ 318.023874][ T8878] team0: Port device team_slave_1 added [ 318.030121][ T8961] Unsupported ieee802154 address type: 0 [ 318.175247][ T8878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.199160][ T8878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.225505][ T8878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 318.262125][ T4760] device hsr_slave_0 left promiscuous mode [ 318.320282][ T4760] device hsr_slave_1 left promiscuous mode [ 318.340013][ T128] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 318.349754][ T4760] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 318.359624][ T4760] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 318.419426][ T4760] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 318.430034][ T4760] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 318.500541][ T4760] device bridge_slave_1 left promiscuous mode [ 318.506849][ T4760] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.540060][ T128] usb 3-1: Using ep0 maxpacket: 8 [ 318.548248][ T128] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.582182][ T4760] device bridge_slave_0 left promiscuous mode [ 318.588478][ T4760] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.591257][ T128] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 318.641888][ T128] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 318.680066][ T128] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64 [ 318.704004][ T128] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 318.726808][ T128] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.735951][ T4760] device veth1_macvtap left promiscuous mode [ 318.751607][ T4760] device veth0_macvtap left promiscuous mode [ 318.764745][ T4760] device veth1_vlan left promiscuous mode [ 318.767419][ T128] usb 3-1: Product: syz [ 318.777530][ T128] usb 3-1: Manufacturer: syz [ 318.786422][ T4760] device veth0_vlan left promiscuous mode [ 318.797790][ T128] usb 3-1: SerialNumber: syz [ 319.046451][ T8960] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 319.046713][ T8960] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 319.838414][ T4760] team0 (unregistering): Port device team_slave_1 removed [ 319.905232][ T4760] team0 (unregistering): Port device team_slave_0 removed [ 319.959732][ T4760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 320.015371][ T4760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 320.670392][ T4760] bond0 (unregistering): Released all slaves [ 320.769613][ T8878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 320.777183][ T8878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.803086][ C0] vkms_vblank_simulate: vblank timer overrun [ 320.809760][ T8878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 320.994781][ T128] cdc_ncm 3-1:1.0: bind() failure [ 321.025244][ T27] audit: type=1326 audit(1744964820.605:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9002 comm="syz.4.1694" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8657d8e169 code=0x0 [ 321.055647][ T128] cdc_ncm: probe of 3-1:1.1 failed with error -71 [ 321.063318][ T128] cdc_mbim: probe of 3-1:1.1 failed with error -71 [ 321.079341][ T128] usbtest: probe of 3-1:1.1 failed with error -71 [ 321.090927][ T128] usb 3-1: USB disconnect, device number 5 [ 321.104127][ T8878] device hsr_slave_0 entered promiscuous mode [ 321.140176][ T8878] device hsr_slave_1 entered promiscuous mode [ 321.193270][ T8878] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 321.237655][ T8878] Cannot create hsr debugfs directory [ 322.079152][ T9024] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1700'. [ 323.113470][ T8878] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 323.146186][ T8878] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 323.196424][ T8878] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 323.215268][ T8878] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 323.431578][ T8878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 323.478385][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 323.566698][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 323.659500][ T8878] 8021q: adding VLAN 0 to HW filter on device team0 [ 323.684757][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 323.694462][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 323.717790][ T8212] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.725053][ T8212] bridge0: port 1(bridge_slave_0) entered forwarding state [ 323.928105][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 323.972524][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 324.058085][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 324.138003][ T8212] bridge0: port 2(bridge_slave_1) entered blocking state [ 324.145253][ T8212] bridge0: port 2(bridge_slave_1) entered forwarding state [ 324.220901][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 324.236391][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 324.286746][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 324.337079][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 324.366050][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 324.435210][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 324.486696][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 324.526507][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 324.556945][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 324.693108][ T8878] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 324.751076][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 324.834247][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 324.842434][ T9080] bond0 speed is unknown, defaulting to 1000 [ 324.851648][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 325.029057][ T9100] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1723'. [ 325.490851][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 325.518589][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 325.541659][ T8878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 325.605521][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 325.615037][ T9080] bond0 speed is unknown, defaulting to 1000 [ 325.625578][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 325.674768][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 325.693449][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 325.716711][ T8878] device veth0_vlan entered promiscuous mode [ 325.729420][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 325.746778][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 325.782233][ T8878] device veth1_vlan entered promiscuous mode [ 325.863607][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 325.882758][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 325.908851][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 325.935550][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 325.968564][ T8878] device veth0_macvtap entered promiscuous mode [ 326.000887][ T8878] device veth1_macvtap entered promiscuous mode [ 326.098642][ T8878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.135460][ T8878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.174041][ T8878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.203392][ T8878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.216578][ T8878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 326.231778][ T8878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.280378][ T8878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.359152][ T8878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.451082][ T8878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.531141][ T8878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 326.601475][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 326.625114][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 326.660561][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 326.729276][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 326.804802][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 326.903138][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 326.972854][ T8878] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.011473][ T8878] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.045343][ T8878] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.078346][ T8878] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.443070][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.519291][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.598105][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 327.713598][ T4342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.766744][ T4342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.821893][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 328.810472][ T9159] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1735'. [ 329.248405][ T8212] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.423335][ T8212] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.509235][ T8212] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.608360][ T8212] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.570576][ T9210] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1747'. [ 330.935900][ T4268] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 330.946440][ T4268] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 330.967703][ T4268] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 330.978968][ T4268] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 330.988604][ T4268] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 330.996216][ T4268] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 331.327464][ T9225] bond0 speed is unknown, defaulting to 1000 [ 331.825254][ T9225] bond0 speed is unknown, defaulting to 1000 [ 332.482668][ T9262] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1761'. [ 332.921223][ T8212] device hsr_slave_0 left promiscuous mode [ 332.970206][ T8212] device hsr_slave_1 left promiscuous mode [ 333.030063][ T4268] Bluetooth: hci4: command 0x0409 tx timeout [ 333.050160][ T8212] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 333.057644][ T8212] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 333.091145][ T8212] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 333.098624][ T8212] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 333.132006][ T8212] device bridge_slave_1 left promiscuous mode [ 333.144011][ T9286] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1769'. [ 333.148675][ T8212] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.200569][ T8212] device bridge_slave_0 left promiscuous mode [ 333.217120][ T8212] bridge0: port 1(bridge_slave_0) entered disabled state [ 333.355952][ T8212] device veth1_macvtap left promiscuous mode [ 333.371278][ T8212] device veth0_macvtap left promiscuous mode [ 333.377480][ T8212] device veth1_vlan left promiscuous mode [ 333.406108][ T8212] device veth0_vlan left promiscuous mode [ 333.810157][ T9304] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1774'. [ 334.306699][ T8212] team0 (unregistering): Port device team_slave_1 removed [ 334.375559][ T8212] team0 (unregistering): Port device team_slave_0 removed [ 334.459516][ T8212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 334.559563][ T8212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.120240][ T4268] Bluetooth: hci4: command 0x041b tx timeout [ 335.384068][ T8212] bond0 (unregistering): Released all slaves [ 335.532953][ T9225] chnl_net:caif_netlink_parms(): no params data found [ 335.720505][ T9289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1768'. [ 335.795597][ T9316] netlink: 'syz.2.1779': attribute type 21 has an invalid length. [ 335.808224][ T9316] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1779'. [ 336.242517][ T9225] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.249785][ T9225] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.342684][ T9225] device bridge_slave_0 entered promiscuous mode [ 337.190062][ T4268] Bluetooth: hci4: command 0x040f tx timeout [ 339.270027][ T4254] Bluetooth: hci4: command 0x0419 tx timeout [ 378.552440][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.991683][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 443.469870][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 443.476870][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P4305/1:b..l [ 443.485231][ C0] (detected by 0, t=10502 jiffies, g=46177, q=125 ncpus=2) [ 443.492511][ C0] task:kworker/u4:5 state:R running task stack:23672 pid:4305 ppid:2 flags:0x00004000 [ 443.504235][ C0] Workqueue: bat_events batadv_nc_worker [ 443.509903][ C0] Call Trace: [ 443.513191][ C0] [ 443.516123][ C0] __schedule+0x143f/0x4570 [ 443.520675][ C0] ? release_firmware_map_entry+0x18b/0x18b [ 443.526592][ C0] ? print_irqtrace_events+0x210/0x210 [ 443.532063][ C0] ? preempt_schedule_irq+0xec/0x1c0 [ 443.537353][ C0] preempt_schedule_irq+0xf7/0x1c0 [ 443.542461][ C0] ? preempt_schedule_notrace+0x140/0x140 [ 443.548187][ C0] irqentry_exit+0x53/0x80 [ 443.552619][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 443.558673][ C0] RIP: 0010:lock_acquire+0x26f/0x5a0 [ 443.563974][ C0] Code: 2b 00 74 08 4c 89 f7 e8 2f 44 77 00 f6 44 24 61 02 0f 85 84 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 443.583627][ C0] RSP: 0018:ffffc90003f77a80 EFLAGS: 00000206 [ 443.589697][ C0] RAX: 0000000000000001 RBX: 1ffff920007eef5c RCX: 1ffff920007eeefc [ 443.597668][ C0] RDX: dffffc0000000000 RSI: ffffffff8b0c1dc0 RDI: ffffffff8b5f5fe0 [ 443.605640][ C0] RBP: ffffc90003f77be0 R08: dffffc0000000000 R09: fffffbfff225704d [ 443.613787][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff920007eef58 [ 443.621756][ C0] R13: dffffc0000000000 R14: ffffc90003f77ae0 R15: 0000000000000246 [ 443.629772][ C0] ? read_lock_is_recursive+0x10/0x10 [ 443.635155][ C0] ? batadv_nc_worker+0xc7/0x610 [ 443.640116][ C0] ? __lock_acquire+0x1f80/0x1f80 [ 443.645177][ C0] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 443.651167][ C0] batadv_nc_worker+0xe8/0x610 [ 443.655930][ C0] ? batadv_nc_worker+0xc7/0x610 [ 443.660883][ C0] ? batadv_nc_worker+0xc7/0x610 [ 443.665862][ C0] ? process_one_work+0x806/0x1260 [ 443.671150][ C0] process_one_work+0x917/0x1260 [ 443.676098][ C0] ? worker_detach_from_pool+0x260/0x260 [ 443.681738][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 443.687290][ C0] ? kthread_data+0x4e/0xc0 [ 443.691889][ C0] ? wq_worker_running+0x97/0x190 [ 443.696928][ C0] worker_thread+0xa47/0x1200 [ 443.701620][ C0] kthread+0x28d/0x320 [ 443.705707][ C0] ? worker_clr_flags+0x190/0x190 [ 443.710740][ C0] ? kthread_blkcg+0xd0/0xd0 [ 443.715338][ C0] ret_from_fork+0x1f/0x30 [ 443.719782][ C0] [ 443.722798][ C0] rcu: rcu_preempt kthread starved for 9757 jiffies! g46177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 443.733985][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 443.744050][ C0] rcu: RCU grace-period kthread stack dump: [ 443.749952][ C0] task:rcu_preempt state:R running task stack:26200 pid:16 ppid:2 flags:0x00004000 [ 443.760748][ C0] Call Trace: [ 443.764045][ C0] [ 443.766975][ C0] __schedule+0x143f/0x4570 [ 443.771498][ C0] ? _raw_spin_unlock+0x40/0x40 [ 443.776363][ C0] ? release_firmware_map_entry+0x18b/0x18b [ 443.782259][ C0] ? lockdep_softirqs_off+0x420/0x420 [ 443.787638][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 443.793551][ C0] ? _raw_spin_unlock+0x40/0x40 [ 443.798408][ C0] schedule+0xbf/0x180 [ 443.802474][ C0] schedule_timeout+0x1b9/0x300 [ 443.807324][ C0] ? console_conditional_schedule+0x40/0x40 [ 443.813223][ C0] ? update_process_times+0x1b0/0x1b0 [ 443.818598][ C0] ? prepare_to_swait_event+0x329/0x350 [ 443.824164][ C0] rcu_gp_fqs_loop+0x2d2/0x1150 [ 443.829020][ C0] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 443.835265][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 443.840467][ C0] ? rcu_gp_init+0x15f0/0x15f0 [ 443.845231][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 443.851129][ C0] ? finish_swait+0xcf/0x1e0 [ 443.855729][ C0] rcu_gp_kthread+0xa3/0x3b0 [ 443.860340][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 443.865447][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 443.871349][ C0] ? __kthread_parkme+0x168/0x1c0 [ 443.876382][ C0] kthread+0x28d/0x320 [ 443.880476][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 443.885617][ C0] ? kthread_blkcg+0xd0/0xd0 [ 443.890232][ C0] ret_from_fork+0x1f/0x30 [ 443.894660][ C0] [ 443.897676][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 443.903991][ C0] Sending NMI from CPU 0 to CPUs 1: [ 443.909211][ C1] NMI backtrace for cpu 1 skipped: idling at default_idle+0xb/0x10