last executing test programs: 11.531620893s ago: executing program 2 (id=434): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100000020001019040100000000000001090224000100000000090400004103000700092100000001220b0009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, &(0x7f00000000c0)={0x40, 0x8, 0xb, {0xb, 0x1, "000d00000201000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 7.145288548s ago: executing program 2 (id=442): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(r0, 0x0, 0x8, &(0x7f00000003c0)) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/cgroup\x00') 7.114793314s ago: executing program 3 (id=445): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r1 = socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r3 = socket(0x80000000000000a, 0x5, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000600)={0x0, {{0xa, 0x0, 0x2c, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r5, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f00000000c0)=0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r6, 0xffffffffffffffff, 0x0) socket(0x400000000010, 0x3, 0x0) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r8, &(0x7f0000000340), 0x8) 6.968351241s ago: executing program 1 (id=446): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4}, 0x50) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000002000000", 0xfe60) 6.031106191s ago: executing program 4 (id=448): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000740)=""/185, 0xb9}, {&(0x7f00000002c0)=""/275, 0x113}, {&(0x7f0000000a40)=""/229, 0xe5}, {&(0x7f0000000d00)=""/252, 0xfc}, {&(0x7f00000033c0)=""/4059, 0xfdb}, {&(0x7f0000000c00)=""/204, 0xcc}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000001140)=""/4084, 0xff4}, {&(0x7f0000000800)=""/242, 0xf2}, {&(0x7f0000000940)=""/248, 0xf8}, {&(0x7f00000043c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/72, 0x48}], 0xc}, 0x14000) 5.976025777s ago: executing program 1 (id=449): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r1 = socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r3 = socket(0x80000000000000a, 0x5, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000600)={0x0, {{0xa, 0x0, 0x2c, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r5, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f00000000c0)=0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r6, 0xffffffffffffffff, 0x0) socket(0x400000000010, 0x3, 0x0) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r8, &(0x7f0000000340), 0x8) 5.822841176s ago: executing program 2 (id=450): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4401}) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="0bc3ff", 0x3}, {&(0x7f0000000240)='\x00\x00\x00\x00\x00\x00\x00', 0x7}, {&(0x7f0000000040)="2764ae4f", 0x4}], 0x3) 4.965143782s ago: executing program 4 (id=451): r0 = fsopen(&(0x7f0000000440)='gfs2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) readv(r0, &(0x7f0000000500)=[{&(0x7f0000000000)=""/245, 0xf5}, {0x0}], 0x2) 4.924998477s ago: executing program 3 (id=452): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r1 = socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r3 = socket(0x80000000000000a, 0x5, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000600)={0x0, {{0xa, 0x0, 0x2c, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r5, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f00000000c0)=0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r6, 0xffffffffffffffff, 0x0) socket(0x400000000010, 0x3, 0x0) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r8, &(0x7f0000000340), 0x8) 4.000881523s ago: executing program 0 (id=453): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x1, @broadcast, 'lo\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x1, @broadcast, 'lo\x00'}}) 3.924224485s ago: executing program 4 (id=454): writev(0xffffffffffffffff, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket(0x10, 0x80002, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x20440, 0x0) ioctl$RTC_PIE_ON(r8, 0x7005) ioctl$RTC_IRQP_SET(r8, 0x4008700c, 0xe24) syz_open_dev$sndpcmc(&(0x7f0000000240), 0x15e1, 0x101000) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd2a, 0xffffffff, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x3, 0x3, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2800}, 0x40084c0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) r9 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r9, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880) connect$pppoe(r9, &(0x7f00000016c0)={0x18, 0x0, {0x3, @random="3c38448f3736", 'macvlan1\x00'}}, 0x1e) r11 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) 3.701177332s ago: executing program 3 (id=455): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) syz_emit_ethernet(0x96, &(0x7f0000000700)={@local, @local, @val, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x58, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x10, 0x0, 0x0, 0x0, {[@mptcp=@remove_addr={0x1e, 0x41, 0x7, 0x0, "609a3b3882735866a157d84bb555d6415ee4a77282a2799088e3d55aa9d3309d16833c6b288049a29ab87d3207d51ca861d405d62449be5816587930c175"}]}}}}}}}}, 0x0) 3.620011124s ago: executing program 0 (id=456): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 2.984608456s ago: executing program 1 (id=457): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0xfffffffffffffd51, &(0x7f00000003c0)=[{&(0x7f0000000080), 0x803e}, {&(0x7f0000000140)="ec", 0x1}, {0x0}], 0x308}, 0x0) 2.981284161s ago: executing program 0 (id=458): r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x3ff, @empty, 0x1}, 0x1c) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) 2.97834963s ago: executing program 2 (id=459): r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000800)="2fae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dea658eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0", 0x2de}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b1574826727f5f62", 0x1e9}, {&(0x7f0000000240)="05437c98b91b1455046f57b5fc913814bde2bbeac2104eaea9c9d01a7838d859207067c10aa7352abbdf98e9bf033a3184a11e84639d3b9164d9c5d729f3dd409d39ff041e657c8df4050d43d58c863d5f323f6d5cf367cd939f790732e8d2310e876fcb299cd44b72bda697035b7b475bc35afbb483db39ac864dbee0c9760c22a1d32d83588afd7c994652413b22db76874ca052ef2013317eb7fcc567", 0x9e}, {&(0x7f0000000200)="f610e61fc81cc3edc86f0500194d27a5a42cf1880b0dfd", 0x17}], 0x4, 0x0, 0x0, 0x900}}], 0x1, 0x0) 2.845675479s ago: executing program 4 (id=460): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="010000f42ebf67c7f78d2c00000004000180"], 0x18}}, 0x0) 2.764281996s ago: executing program 3 (id=461): r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f0000000180)=""/48, &(0x7f00000001c0)=0x30) 2.685780467s ago: executing program 0 (id=462): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01022abd7001000000250f0000002a000e0068c3"], 0x40}, 0x1, 0x0, 0x0, 0x20000050}, 0x48000) 2.685424079s ago: executing program 1 (id=463): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00ed6a", 0xb, 0x2c, 0x0, @remote, @local, {[], {{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 2.669237754s ago: executing program 3 (id=464): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp(r1, r0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) 2.616233904s ago: executing program 2 (id=465): setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x1a, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 2.602257116s ago: executing program 4 (id=466): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r1 = socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r3 = socket(0x80000000000000a, 0x5, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000600)={0x0, {{0xa, 0x0, 0x2c, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r5, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f00000000c0)=0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r6, 0xffffffffffffffff, 0x0) socket(0x400000000010, 0x3, 0x0) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r8, &(0x7f0000000340), 0x8) 2.478084149s ago: executing program 2 (id=467): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@nombcache}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 2.437266644s ago: executing program 0 (id=468): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r1 = socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r3 = socket(0x80000000000000a, 0x5, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000600)={0x0, {{0xa, 0x0, 0x2c, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r5, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f00000000c0)=0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r6, 0xffffffffffffffff, 0x0) socket(0x400000000010, 0x3, 0x0) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r8, &(0x7f0000000340), 0x8) 1.569201865s ago: executing program 1 (id=469): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000009c0)}}], 0x3, 0xc0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="54010000180001002bbd7000000000001d010300150004000100008000010000a67494fcd3a42289070000001e010600f80100000071ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe16c93e15e556c2baed7f897fe841c155aab2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c035c8d586b2a88d81866930fca15c8a95d29e5b2ea0000080005"], 0x154}}, 0x0) 1.452214066s ago: executing program 3 (id=470): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x3c, r1, 0x431, 0x70bd2b, 0xfffffffd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) 875.151338ms ago: executing program 0 (id=471): writev(0xffffffffffffffff, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket(0x10, 0x80002, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x20440, 0x0) ioctl$RTC_PIE_ON(r8, 0x7005) ioctl$RTC_IRQP_SET(r8, 0x4008700c, 0xe24) syz_open_dev$sndpcmc(&(0x7f0000000240), 0x15e1, 0x101000) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd2a, 0xffffffff, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x3, 0x3, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2800}, 0x40084c0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) r9 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r9, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880) connect$pppoe(r9, &(0x7f00000016c0)={0x18, 0x0, {0x3, @random="3c38448f3736", 'macvlan1\x00'}}, 0x1e) r11 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) 87.733365ms ago: executing program 1 (id=472): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000003000000000000000000002095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 0s ago: executing program 4 (id=473): socket$kcm(0x10, 0x2, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x8, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.130' (ED25519) to the list of known hosts. [ 71.694842][ T5820] cgroup: Unknown subsys name 'net' [ 71.808902][ T5820] cgroup: Unknown subsys name 'cpuset' [ 71.817576][ T5820] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 73.250844][ T5820] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 75.771227][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.800702][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.808967][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.818976][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.826962][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.835245][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.843000][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.853323][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.864223][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.872098][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.880276][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.888518][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.896215][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.896298][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.911491][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.920680][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.928723][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.936205][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.942220][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.944420][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.952984][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.957812][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.965015][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.981540][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.009270][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.670929][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 76.749388][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 76.787687][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 76.868649][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 76.933760][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 76.997351][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.004588][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.012750][ T5830] bridge_slave_0: entered allmulticast mode [ 77.019885][ T5830] bridge_slave_0: entered promiscuous mode [ 77.066991][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.074154][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.081404][ T5830] bridge_slave_1: entered allmulticast mode [ 77.088609][ T5830] bridge_slave_1: entered promiscuous mode [ 77.209854][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.217175][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.224435][ T5835] bridge_slave_0: entered allmulticast mode [ 77.232355][ T5835] bridge_slave_0: entered promiscuous mode [ 77.263035][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.270307][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.277632][ T5844] bridge_slave_0: entered allmulticast mode [ 77.284608][ T5844] bridge_slave_0: entered promiscuous mode [ 77.292488][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.300004][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.307541][ T5844] bridge_slave_1: entered allmulticast mode [ 77.314479][ T5844] bridge_slave_1: entered promiscuous mode [ 77.324312][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.333879][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.342066][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.349346][ T5835] bridge_slave_1: entered allmulticast mode [ 77.356996][ T5835] bridge_slave_1: entered promiscuous mode [ 77.363930][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.371207][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.378524][ T5838] bridge_slave_0: entered allmulticast mode [ 77.385433][ T5838] bridge_slave_0: entered promiscuous mode [ 77.392771][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.400265][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.407750][ T5840] bridge_slave_0: entered allmulticast mode [ 77.414672][ T5840] bridge_slave_0: entered promiscuous mode [ 77.437071][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.502021][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.509866][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.517637][ T5838] bridge_slave_1: entered allmulticast mode [ 77.524611][ T5838] bridge_slave_1: entered promiscuous mode [ 77.544335][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.551599][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.559400][ T5840] bridge_slave_1: entered allmulticast mode [ 77.567028][ T5840] bridge_slave_1: entered promiscuous mode [ 77.586819][ T5830] team0: Port device team_slave_0 added [ 77.595298][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.608767][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.645502][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.657921][ T5830] team0: Port device team_slave_1 added [ 77.666878][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.690493][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.704236][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.792027][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.816147][ T5844] team0: Port device team_slave_0 added [ 77.823716][ T5835] team0: Port device team_slave_0 added [ 77.833636][ T5835] team0: Port device team_slave_1 added [ 77.857283][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.881942][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.889872][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.916019][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.929472][ T5844] team0: Port device team_slave_1 added [ 77.949170][ T5838] team0: Port device team_slave_0 added [ 77.980834][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.988134][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.014747][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.025489][ T5834] Bluetooth: hci0: command tx timeout [ 78.046454][ T5838] team0: Port device team_slave_1 added [ 78.052871][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.060155][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.086122][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.097147][ T5834] Bluetooth: hci1: command tx timeout [ 78.099447][ T5843] Bluetooth: hci4: command tx timeout [ 78.105249][ T5840] team0: Port device team_slave_0 added [ 78.114823][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.122123][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.148359][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.166018][ T5843] Bluetooth: hci2: command tx timeout [ 78.166028][ T5834] Bluetooth: hci3: command tx timeout [ 78.198506][ T5840] team0: Port device team_slave_1 added [ 78.242238][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.249684][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.275862][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.288693][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.295934][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.321912][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.387348][ T5830] hsr_slave_0: entered promiscuous mode [ 78.393724][ T5830] hsr_slave_1: entered promiscuous mode [ 78.409420][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.416705][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.443810][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.472153][ T5835] hsr_slave_0: entered promiscuous mode [ 78.479861][ T5835] hsr_slave_1: entered promiscuous mode [ 78.486446][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.494201][ T5835] Cannot create hsr debugfs directory [ 78.522724][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.529752][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.556062][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.575027][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.582128][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.608443][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.620402][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.627400][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.653448][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.801057][ T5838] hsr_slave_0: entered promiscuous mode [ 78.807799][ T5838] hsr_slave_1: entered promiscuous mode [ 78.813822][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.822094][ T5838] Cannot create hsr debugfs directory [ 78.840215][ T5844] hsr_slave_0: entered promiscuous mode [ 78.846628][ T5844] hsr_slave_1: entered promiscuous mode [ 78.852625][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.860218][ T5844] Cannot create hsr debugfs directory [ 78.949868][ T5840] hsr_slave_0: entered promiscuous mode [ 78.958662][ T5840] hsr_slave_1: entered promiscuous mode [ 78.964893][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.973877][ T5840] Cannot create hsr debugfs directory [ 79.376219][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.405746][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.431146][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.460301][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.519350][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.552234][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.563747][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 79.573627][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 79.666199][ T5835] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 79.692919][ T5835] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 79.705028][ T5835] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 79.716280][ T5835] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 79.759303][ T5844] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 79.787932][ T5844] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 79.816429][ T5844] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 79.849946][ T5844] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 79.933068][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 79.962512][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 79.972899][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.001589][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.021542][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.082126][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.088877][ T5843] Bluetooth: hci0: command tx timeout [ 80.103359][ T2138] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.110657][ T2138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.142028][ T2138] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.149217][ T2138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.168641][ T5843] Bluetooth: hci1: command tx timeout [ 80.168710][ T5834] Bluetooth: hci4: command tx timeout [ 80.221954][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.246845][ T5834] Bluetooth: hci3: command tx timeout [ 80.247681][ T5843] Bluetooth: hci2: command tx timeout [ 80.259666][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.287289][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.343905][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.351044][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.375041][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.382273][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.401098][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.416597][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.431243][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.495627][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.502790][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.520428][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.533623][ T2138] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.540810][ T2138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.607703][ T2138] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.614824][ T2138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.636161][ T2138] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.643307][ T2138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.670650][ T5835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 80.681950][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.781403][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.853349][ T5844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.890112][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.941444][ T1165] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.948643][ T1165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.960159][ T1165] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.967389][ T1165] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.050200][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.334872][ T5830] veth0_vlan: entered promiscuous mode [ 81.371576][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.385396][ T5830] veth1_vlan: entered promiscuous mode [ 81.449825][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.482001][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.552990][ T5830] veth0_macvtap: entered promiscuous mode [ 81.589843][ T5830] veth1_macvtap: entered promiscuous mode [ 81.690559][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.722831][ T5840] veth0_vlan: entered promiscuous mode [ 81.743578][ T5844] veth0_vlan: entered promiscuous mode [ 81.757236][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.780037][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.794439][ T5840] veth1_vlan: entered promiscuous mode [ 81.815724][ T59] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.825292][ T2138] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.882527][ T2138] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.907440][ T2138] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.967221][ T5844] veth1_vlan: entered promiscuous mode [ 82.134892][ T5840] veth0_macvtap: entered promiscuous mode [ 82.165764][ T5843] Bluetooth: hci0: command tx timeout [ 82.190608][ T5840] veth1_macvtap: entered promiscuous mode [ 82.221904][ T5835] veth0_vlan: entered promiscuous mode [ 82.237390][ T2138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.245331][ T2138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.253051][ T5843] Bluetooth: hci4: command tx timeout [ 82.255835][ T5843] Bluetooth: hci1: command tx timeout [ 82.282365][ T5838] veth0_vlan: entered promiscuous mode [ 82.311844][ T5844] veth0_macvtap: entered promiscuous mode [ 82.322339][ T5844] veth1_macvtap: entered promiscuous mode [ 82.329058][ T5843] Bluetooth: hci3: command tx timeout [ 82.329069][ T5834] Bluetooth: hci2: command tx timeout [ 82.352545][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.360534][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.361014][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.378835][ T5835] veth1_vlan: entered promiscuous mode [ 82.414078][ T5838] veth1_vlan: entered promiscuous mode [ 82.434526][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.451546][ T2138] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.479083][ T5835] veth0_macvtap: entered promiscuous mode [ 82.498453][ T2138] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.499415][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 82.523104][ T2138] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.537691][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.560165][ T2138] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.573870][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.614971][ T5835] veth1_macvtap: entered promiscuous mode [ 82.669405][ T5838] veth0_macvtap: entered promiscuous mode [ 82.692281][ T1165] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.733948][ T1165] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.757766][ T5955] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.967479][ T5838] veth1_macvtap: entered promiscuous mode [ 82.974946][ T1165] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.985664][ T1165] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.102041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 83.194999][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.241080][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.264483][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.296341][ T59] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.314904][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.331891][ T59] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.340732][ T59] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.351686][ T5954] warning: `syz.0.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 83.411680][ T59] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.453536][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.474652][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.501274][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.536321][ T3557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.536727][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.544492][ T3557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.560053][ T5959] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.592514][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.636744][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.692958][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.710249][ T5960] Bluetooth: MGMT ver 1.23 [ 83.718513][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.727872][ T5959] Bluetooth: hci0: Opcode 0x0401 failed: -112 [ 83.784713][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.807407][ T5960] loop6: detected capacity change from 0 to 7 [ 83.844986][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.868273][ T5960] Dev loop6: unable to read RDB block 7 [ 83.885450][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.899954][ T5960] loop6: AHDI p2 p3 p4 [ 83.902553][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.904206][ T5960] loop6: partition table partially beyond EOD, truncated [ 83.973232][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.991905][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.001183][ T5960] loop6: p2 start 2693342895 is beyond EOD, truncated [ 84.022659][ T5960] loop6: p3 start 1886353253 is beyond EOD, truncated [ 84.255673][ T5834] Bluetooth: hci0: command tx timeout [ 84.325999][ T5834] Bluetooth: hci1: command tx timeout [ 84.331998][ T5847] Bluetooth: hci4: command tx timeout [ 84.370346][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.386846][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.394721][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.403095][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.410665][ T5834] Bluetooth: hci2: command tx timeout [ 84.416030][ T5834] Bluetooth: hci3: command tx timeout [ 84.434304][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 85.266710][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 85.472193][ T5969] loop1: detected capacity change from 0 to 2048 [ 85.526298][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 85.612694][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 85.666117][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 85.686519][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 85.792635][ T5843] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 86.086819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 86.176028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 86.187536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 86.335717][ T5843] Bluetooth: hci0: command 0x0401 tx timeout [ 88.406903][ T5843] Bluetooth: hci0: command 0x0401 tx timeout [ 88.857127][ T977] cfg80211: failed to load regulatory.db [ 89.039907][ T5851] Alternate GPT is invalid, using primary GPT. [ 89.047686][ T5851] loop1: p1 p2 p3 [ 90.319693][ T5852] udevd[5852]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 90.323227][ T5833] udevd[5833]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 90.349536][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 90.633080][ T5993] loop0: detected capacity change from 0 to 1024 [ 91.289972][ T5997] tmpfs: Unknown parameter 'quot”–l [ 91.289972][ T5997] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 91.289972][ T5997] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 91.469506][ T5999] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 91.478577][ T5999] overlayfs: missing 'lowerdir' [ 91.918939][ T5987] loop2: detected capacity change from 0 to 4096 [ 92.533347][ T6004] Zero length message leads to an empty skb [ 92.652212][ T6006] netlink: 92 bytes leftover after parsing attributes in process `syz.3.11'. [ 93.330199][ T5987] ntfs3(loop2): Failed to read $UpCase (-4). [ 93.367280][ T6008] openvswitch: netlink: Message has 8 unknown bytes. [ 94.155050][ T6016] vcan0: tx drop: invalid da for name 0xfffffffffffffffc [ 94.869906][ T6023] loop3: detected capacity change from 0 to 1024 [ 94.963416][ T6023] ======================================================= [ 94.963416][ T6023] WARNING: The mand mount option has been deprecated and [ 94.963416][ T6023] and is ignored by this kernel. Remove the mand [ 94.963416][ T6023] option from the mount to silence this warning. [ 94.963416][ T6023] ======================================================= [ 95.778896][ T6022] loop0: detected capacity change from 0 to 4096 [ 95.886323][ T6023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.015725][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13'. [ 96.028137][ T6031] netlink: 128 bytes leftover after parsing attributes in process `syz.4.13'. [ 96.230188][ T6035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17'. [ 96.256860][ T6035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17'. [ 96.348322][ T6037] process 'syz.0.15' launched '/dev/fd/6' with NULL argv: empty string added [ 97.095366][ T13] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.181548][ T13] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.231003][ T6035] sd 0:0:1:0: device reset [ 97.617719][ T30] audit: type=1326 audit(1750940417.099:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 97.640360][ T13] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.665100][ T13] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.679212][ T6033] loop2: detected capacity change from 0 to 8192 [ 97.702309][ T30] audit: type=1326 audit(1750940417.099:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 97.736487][ T30] audit: type=1326 audit(1750940417.099:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 97.774574][ T30] audit: type=1326 audit(1750940417.099:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 97.796460][ C0] vkms_vblank_simulate: vblank timer overrun [ 97.873993][ T30] audit: type=1326 audit(1750940417.099:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 97.895926][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.218311][ T6044] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 98.340256][ T30] audit: type=1326 audit(1750940417.099:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 98.362105][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.454066][ T30] audit: type=1326 audit(1750940417.099:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 98.476009][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.592297][ T30] audit: type=1326 audit(1750940417.099:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 98.835107][ T6047] kernel profiling enabled (shift: 7) [ 99.255895][ T30] audit: type=1326 audit(1750940417.099:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f990778d290 code=0x7ffc0000 [ 99.277914][ C0] vkms_vblank_simulate: vblank timer overrun [ 99.305734][ T5834] Bluetooth: hci4: command 0x0405 tx timeout [ 99.775946][ T30] audit: type=1326 audit(1750940417.109:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6034 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f990778e929 code=0x7ffc0000 [ 100.017289][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.623821][ T6060] loop0: detected capacity change from 0 to 4096 [ 101.729148][ T6060] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 104.096931][ T6066] veth0_vlan: entered allmulticast mode [ 105.673752][ T6085] ubi31: attaching mtd0 [ 105.680560][ T6085] ubi31: scanning is finished [ 105.685278][ T6085] ubi31: empty MTD device detected [ 105.904461][ T6085] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 105.912864][ T6085] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 105.920503][ T6085] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 105.927823][ T6085] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 105.935296][ T6085] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 105.947936][ T6085] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 105.957276][ T6085] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2699645771 [ 105.967591][ T6085] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 106.040209][ T6091] kAFS: No cell specified [ 106.086918][ T6089] ubi31: background thread "ubi_bgt31d" started, PID 6089 [ 107.901586][ T977] IPVS: starting estimator thread 0... [ 109.036156][ T5843] Bluetooth: hci4: unexpected event for opcode 0x2031 [ 109.136043][ T6108] IPVS: using max 28 ests per chain, 67200 per kthread [ 111.321584][ T6129] loop0: detected capacity change from 0 to 32768 [ 111.989770][ T6129] ea_get: invalid extended attribute [ 111.995160][ T6129] ffff888058ad3148: 04 00 00 00 .... [ 112.366633][ T6142] loop4: detected capacity change from 0 to 1024 [ 112.374067][ T6142] hfsplus: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 112.854585][ T6145] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 112.989995][ T6144] read_mapping_page failed! [ 112.994655][ T6144] ialloc: diAlloc returned -5! [ 114.703004][ T6165] netlink: 12 bytes leftover after parsing attributes in process `syz.0.40'. [ 115.810432][ T6161] loop3: detected capacity change from 0 to 32768 [ 116.531618][ T6160] loop4: detected capacity change from 0 to 2048 [ 116.542559][ T6160] udf: Unknown parameter '/dev/kvm' [ 116.594487][ T6160] loop4: detected capacity change from 0 to 8 [ 118.940675][ T6160] SQUASHFS error: xz decompression failed, data probably corrupt [ 118.949130][ T6160] SQUASHFS error: Failed to read block 0x108: -5 [ 118.955953][ T6160] SQUASHFS error: Unable to read metadata cache entry [106] [ 118.963430][ T6160] SQUASHFS error: Unable to read inode 0x11f [ 119.148447][ T6172] ubi: mtd0 is already attached to ubi31 [ 121.136076][ T6184] netlink: 'syz.2.46': attribute type 10 has an invalid length. [ 121.204327][ T6184] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.213039][ T6184] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.435048][ T6183] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 121.450011][ T6183] qnx6: wrong signature (magic) in superblock #1. [ 121.456748][ T6183] qnx6: unable to read the first superblock [ 121.918812][ T6184] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.926322][ T6184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.934182][ T6184] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.941332][ T6184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.956992][ T5905] IPVS: starting estimator thread 0... [ 122.274350][ T6196] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 122.994947][ T6195] netlink: 64 bytes leftover after parsing attributes in process `syz.0.49'. [ 123.069355][ T6193] IPVS: using max 26 ests per chain, 62400 per kthread [ 123.488773][ T6200] loop4: detected capacity change from 0 to 1024 [ 124.114192][ T6184] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 124.135072][ T6190] bridge_slave_0: left allmulticast mode [ 124.149927][ T6190] bridge_slave_0: left promiscuous mode [ 124.207684][ T6190] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.294130][ T6190] bridge_slave_1: left allmulticast mode [ 124.319328][ T6190] bridge_slave_1: left promiscuous mode [ 124.354978][ T6190] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.413165][ T6190] bond0: (slave bond_slave_0): Releasing backup interface [ 124.438454][ T6204] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.454815][ T6190] bond0: (slave bond_slave_1): Releasing backup interface [ 124.501888][ T6190] team0: Port device team_slave_0 removed [ 124.513767][ T6190] team0: Port device team_slave_1 removed [ 124.521373][ T6190] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.530600][ T6190] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.540692][ T6190] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.548750][ T6190] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.880802][ T6212] 9pnet_virtio: no channels available for device syz [ 124.964739][ T6212] netlink: 20 bytes leftover after parsing attributes in process `syz.4.51'. [ 126.069220][ T6220] loop4: detected capacity change from 0 to 512 [ 126.542577][ T6219] loop2: detected capacity change from 0 to 2048 [ 126.628344][ T6220] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.641567][ T6220] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.872361][ T6229] loop1: detected capacity change from 0 to 4096 [ 127.881064][ T6229] ntfs3: Unknown parameter 'discardRÀéNdows_names' [ 128.033696][ T6219] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.521237][ T6233] netlink: 28 bytes leftover after parsing attributes in process `syz.3.55'. [ 128.530434][ T6233] tipc: Started in network mode [ 128.535326][ T6233] tipc: Node identity 7, cluster identity 5 [ 128.541398][ T6233] tipc: Node number set to 7 [ 128.663803][ T6236] netlink: 36 bytes leftover after parsing attributes in process `syz.3.55'. [ 128.795996][ T6219] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (16), stripe is disabled [ 128.820112][ T5835] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.146850][ T6219] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 129.960995][ T6250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.52'. [ 130.215254][ T6245] trusted_key: syz.4.58 sent an empty control message without MSG_MORE. [ 131.930973][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.221179][ T6258] loop0: detected capacity change from 0 to 4096 [ 133.624936][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.631951][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.933477][ T6266] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 133.960024][ T6266] CIFS: Unable to determine destination address [ 135.005750][ T6271] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 136.328711][ T6279] bond0: entered promiscuous mode [ 136.333846][ T6279] bond_slave_0: entered promiscuous mode [ 136.340284][ T6279] bond_slave_1: entered promiscuous mode [ 137.154006][ T6281] loop4: detected capacity change from 0 to 65536 [ 137.322633][ T6281] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 137.358315][ T6281] XFS (loop4): Ending clean mount [ 137.526496][ T6294] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 139.827141][ T977] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 139.862665][ T5835] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 139.996294][ T977] usb 3-1: Using ep0 maxpacket: 32 [ 140.040575][ T977] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 140.065425][ T977] usb 3-1: config 0 has no interface number 0 [ 140.094552][ T977] usb 3-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 140.125374][ T977] usb 3-1: config 0 interface 1 has no altsetting 0 [ 140.143287][ T6311] netlink: 'syz.3.73': attribute type 3 has an invalid length. [ 140.154933][ T977] usb 3-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 140.174855][ T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.175828][ T6311] netlink: 44 bytes leftover after parsing attributes in process `syz.3.73'. [ 140.191764][ T977] usb 3-1: Product: syz [ 140.191800][ T977] usb 3-1: Manufacturer: syz [ 140.191814][ T977] usb 3-1: SerialNumber: syz [ 140.208446][ T977] usb 3-1: config 0 descriptor?? [ 140.298895][ T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 140.454609][ T977] cx231xx 3-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 140.484442][ T977] cx231xx 3-1:0.1: Failed to read PCB config [ 140.512012][ T9] usb 2-1: not running at top speed; connect to a high speed hub [ 140.522298][ T977] cx231xx 3-1:0.1: probe with driver cx231xx failed with error -71 [ 140.572500][ T9] usb 2-1: config 1 has an invalid interface number: 74 but max is 0 [ 140.662702][ T9] usb 2-1: config 1 has no interface number 0 [ 140.731359][ T977] usb 3-1: USB disconnect, device number 2 [ 140.771025][ T9] usb 2-1: config 1 interface 74 has no altsetting 0 [ 140.981902][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=22.be [ 141.070072][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.167069][ T9] usb 2-1: Product: syz [ 141.230779][ T9] usb 2-1: Manufacturer: syz [ 141.294636][ T9] usb 2-1: SerialNumber: syz [ 142.611111][ T9] usb 2-1: unknown interface protocol 0x55, assuming v1 [ 142.628529][ T9] usb 2-1: cannot find UAC_HEADER [ 142.790188][ T5962] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 143.183084][ T5962] usb 5-1: config 0 has an invalid interface number: 112 but max is 0 [ 143.225056][ T5962] usb 5-1: config 0 has no interface number 0 [ 143.281578][ T5962] usb 5-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=fb.16 [ 143.343322][ T5962] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.436332][ T5962] usb 5-1: Product: syz [ 143.480186][ T5962] usb 5-1: Manufacturer: syz [ 143.492450][ T9] snd-usb-audio 2-1:1.74: probe with driver snd-usb-audio failed with error -22 [ 143.512502][ T5962] usb 5-1: SerialNumber: syz [ 143.859629][ T9] usb 2-1: USB disconnect, device number 2 [ 144.071085][ T5962] usb 5-1: config 0 descriptor?? [ 144.283880][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.74/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 144.323959][ T5962] mvusb_mdio 5-1:0.112: probe with driver mvusb_mdio failed with error -5 [ 144.503245][ T5962] usb 5-1: USB disconnect, device number 2 [ 146.994259][ T6346] loop1: detected capacity change from 0 to 40427 [ 147.129162][ T6350] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 147.159908][ T6346] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 147.177039][ T6346] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 147.305732][ T6346] F2FS-fs (loop1): invalid crc value [ 147.313170][ T6346] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4) [ 147.401113][ T5843] Bluetooth: hci2: Malformed HCI Event: 0x22 [ 149.752606][ T6364] loop4: detected capacity change from 0 to 1764 [ 151.072024][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 151.072068][ T30] audit: type=1326 audit(2000000038.969:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 151.173743][ T6374] loop4: detected capacity change from 0 to 2048 [ 151.278412][ T6374] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 151.730819][ T30] audit: type=1326 audit(2000000038.969:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 151.768205][ T30] audit: type=1326 audit(2000000038.979:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 151.791911][ T30] audit: type=1326 audit(2000000038.979:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 151.822881][ T30] audit: type=1326 audit(2000000038.979:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 152.376941][ T30] audit: type=1326 audit(2000000038.979:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 153.336570][ T30] audit: type=1326 audit(2000000038.979:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 153.359379][ T30] audit: type=1326 audit(2000000038.979:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 153.381515][ T30] audit: type=1326 audit(2000000038.979:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 153.403664][ T30] audit: type=1326 audit(2000000038.989:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6363 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f600218e963 code=0x7ffc0000 [ 154.999222][ T6396] bond0: entered promiscuous mode [ 155.004325][ T6396] bond_slave_0: entered promiscuous mode [ 155.010277][ T6396] bond_slave_1: entered promiscuous mode [ 155.016151][ T6396] bridge0: entered promiscuous mode [ 156.808877][ T6406] loop1: detected capacity change from 0 to 2048 [ 157.153692][ T6408] loop2: detected capacity change from 0 to 32768 [ 157.218103][ T6408] ea_get: invalid extended attribute [ 157.223575][ T6408] ffff888058ad2810: 04 00 00 00 .... [ 157.315745][ T5941] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 157.887845][ T6406] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.099391][ T6423] ialloc: diAlloc returned -17! [ 158.116483][ T6423] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 158.142238][ T5941] usb 4-1: Using ep0 maxpacket: 16 [ 158.625315][ T6406] EXT4-fs (loop1): stripe (248) is not aligned with cluster size (16), stripe is disabled [ 158.660683][ T5941] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 158.711794][ T5941] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 158.744370][ T6406] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 158.768827][ T5941] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 158.800702][ T5941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.834727][ T5941] usb 4-1: Product: syz [ 158.876311][ T5941] usb 4-1: Manufacturer: syz [ 158.942397][ T5941] usb 4-1: SerialNumber: syz [ 159.558615][ T6426] netlink: 4 bytes leftover after parsing attributes in process `syz.1.96'. [ 161.429245][ T5941] usb 4-1: 0:2 : does not exist [ 161.476391][ T5941] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 162.106324][ T6442] syz.4.104 (6442) used greatest stack depth: 16808 bytes left [ 162.108167][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.294245][ T5941] usb 4-1: USB disconnect, device number 2 [ 163.237160][ T6452] CIFS: Unable to determine destination address [ 163.770928][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 164.142202][ T6464] bond0: entered promiscuous mode [ 164.147339][ T6464] bond_slave_0: entered promiscuous mode [ 164.153223][ T6464] bond_slave_1: entered promiscuous mode [ 167.287784][ T6479] loop1: detected capacity change from 0 to 128 [ 167.295258][ T6479] EXT4-fs: Ignoring removed nobh option [ 167.349855][ T6479] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.368745][ T6479] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 168.467871][ T6487] ubi: mtd0 is already attached to ubi31 [ 168.989737][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 169.311165][ T6495] loop2: detected capacity change from 0 to 1764 [ 169.374234][ T6501] mmap: syz.0.122 (6501) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 169.500570][ T6503] loop0: detected capacity change from 0 to 8 [ 169.537638][ T6497] loop1: detected capacity change from 0 to 32768 [ 169.636844][ T6503] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 169.751407][ T6497] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 169.759860][ T6497] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 169.793178][ T6497] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 169.805037][ T54] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 169.873588][ T54] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 170.280404][ T5852] udevd[5852]: incorrect cramfs checksum on /dev/loop0 [ 170.310076][ T6501] cramfs: Error -5 while decompressing! [ 170.316016][ T6501] cramfs: ffffffff99be7b88(26)->ffff88806bb6f000(4096) [ 170.322878][ T6501] cramfs: Error -3 while decompressing! [ 170.328552][ T6501] cramfs: ffffffff99be7ba2(26)->ffff888054071000(4096) [ 170.335409][ T6501] cramfs: Error -3 while decompressing! [ 170.341001][ T6501] cramfs: ffffffff99be7bbc(16)->ffff888054070000(4096) [ 170.348631][ T6501] cramfs: Error -5 while decompressing! [ 170.354186][ T6501] cramfs: ffffffff99be7b88(26)->ffff88806bb6f000(4096) [ 170.382995][ T6504] loop4: detected capacity change from 0 to 4096 [ 170.421054][ T6504] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 170.433012][ T5851] udevd[5851]: incorrect cramfs checksum on /dev/loop0 [ 170.734492][ T54] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 861ms [ 170.799453][ T54] gfs2: fsid=syz:syz.0: jid=0: Done [ 170.805960][ T6497] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 170.933242][ T6497] gfs2: fsid=syz:syz.0: found 1 quota changes [ 171.234791][ T6517] bond0: entered promiscuous mode [ 171.239962][ T6517] bond_slave_0: entered promiscuous mode [ 171.245853][ T6517] bond_slave_1: entered promiscuous mode [ 172.495641][ T6523] IPVS: set_ctl: invalid protocol: 137 127.0.0.1:20003 [ 174.510295][ T6528] loop3: detected capacity change from 0 to 32768 [ 174.670985][ T6522] loop4: detected capacity change from 0 to 8192 [ 174.747774][ T6522] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 174.811589][ T6543] loop0: detected capacity change from 0 to 1024 [ 174.855014][ T6543] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 174.921291][ T6543] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 174.952865][ T6543] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 174.981528][ T5895] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 175.016050][ T6543] JBD2: no valid journal superblock found [ 175.021841][ T6543] EXT4-fs (loop0): Could not load journal inode [ 175.078125][ T6547] capability: warning: `syz.2.133' uses deprecated v2 capabilities in a way that may be insecure [ 175.185792][ T5895] usb 2-1: Using ep0 maxpacket: 32 [ 175.207524][ T5895] usb 2-1: config 0 has an invalid interface number: 121 but max is 0 [ 175.234815][ T5895] usb 2-1: config 0 has no interface number 0 [ 175.273340][ T5895] usb 2-1: config 0 interface 121 altsetting 3 has an invalid descriptor for endpoint zero, skipping [ 175.333010][ T5895] usb 2-1: config 0 interface 121 altsetting 3 has an endpoint descriptor with address 0xB5, changing to 0x85 [ 175.377186][ T5895] usb 2-1: config 0 interface 121 altsetting 3 endpoint 0x85 has invalid maxpacket 46480, setting to 1024 [ 175.398822][ T5895] usb 2-1: config 0 interface 121 altsetting 3 bulk endpoint 0x85 has invalid maxpacket 1024 [ 175.433049][ T5895] usb 2-1: config 0 interface 121 altsetting 3 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 175.469445][ T6553] loop0: detected capacity change from 0 to 4096 [ 175.493023][ T6553] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 175.502292][ T5895] usb 2-1: config 0 interface 121 has no altsetting 0 [ 175.516268][ T6552] loop3: detected capacity change from 0 to 4096 [ 175.526035][ T5895] usb 2-1: New USB device found, idVendor=0bfd, idProduct=0111, bcdDevice=78.03 [ 175.535161][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.542398][ T6552] ntfs3(loop3): Primary boot: invalid index size -14. [ 175.561571][ T5895] usb 2-1: Product: syz [ 175.582059][ T5895] usb 2-1: Manufacturer: syz [ 175.596564][ T6552] ntfs3(loop3): try to read out of volume at offset 0x1ffe00 [ 175.608471][ T5895] usb 2-1: SerialNumber: syz [ 175.644240][ T5895] usb 2-1: config 0 descriptor?? [ 175.664420][ T6540] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 175.957235][ T5895] kvaser_usb 2-1:0.121: error -ENODEV: Cannot get usb endpoint(s) [ 176.173080][ T5895] usb 2-1: USB disconnect, device number 3 [ 177.587881][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 177.587899][ T30] audit: type=1326 audit(2000000065.539:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 177.884811][ T6581] loop2: detected capacity change from 0 to 32768 [ 177.903385][ T30] audit: type=1326 audit(2000000065.539:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 177.943501][ T30] audit: type=1326 audit(2000000065.549:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff669d8d3df code=0x7ffc0000 [ 177.965943][ T30] audit: type=1326 audit(2000000065.549:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 177.974119][ T5895] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 177.988440][ T30] audit: type=1326 audit(2000000065.549:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.018243][ T30] audit: type=1326 audit(2000000065.549:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.058620][ T6581] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 178.145649][ T30] audit: type=1326 audit(2000000065.549:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.189241][ T6581] XFS (loop2): Ending clean mount [ 178.206771][ T6581] XFS (loop2): Quotacheck needed: Please wait. [ 178.274734][ T30] audit: type=1326 audit(2000000065.549:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.285606][ T5895] usb 2-1: Using ep0 maxpacket: 32 [ 178.297020][ T6581] XFS (loop2): Quotacheck: Done. [ 178.299521][ T30] audit: type=1326 audit(2000000065.549:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.343833][ T30] audit: type=1326 audit(2000000065.549:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff669d8e929 code=0x7ffc0000 [ 178.370293][ T5895] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 178.380428][ T5895] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 178.390286][ T5895] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 178.399552][ T5895] usb 2-1: config 1 has no interface number 0 [ 178.410033][ T5895] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 178.423228][ T5895] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 178.444564][ T5895] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 178.454157][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.778120][ T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 178.920040][ T5895] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 179.068755][ T5838] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 179.090931][ T9] usb 5-1: config index 0 descriptor too short (expected 290, got 34) [ 179.101434][ T9] usb 5-1: config 1 has too many interfaces: 224, using maximum allowed: 32 [ 179.128236][ T5895] snd_usb_pod 2-1:1.1: invalid control EP [ 179.142211][ T9] usb 5-1: config 1 has an invalid interface association descriptor of length 5, skipping [ 179.152963][ T5895] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 179.179864][ T9] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 179.206447][ T5895] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 179.235592][ T9] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 224 [ 179.245471][ T5895] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 179.268204][ T9] usb 5-1: New USB device found, idVendor=19d2, idProduct=5755, bcdDevice=df.b8 [ 179.295631][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.305316][ T9] usb 5-1: Product: syz [ 179.309982][ T9] usb 5-1: Manufacturer: syz [ 179.314685][ T9] usb 5-1: SerialNumber: syz [ 179.489942][ T5962] usb 2-1: USB disconnect, device number 4 [ 179.559080][ T6579] loop0: detected capacity change from 0 to 32768 [ 179.630749][ T9] usb 5-1: USB disconnect, device number 3 [ 180.300361][ T6616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.151'. [ 180.399770][ T6616] fuse: Unknown parameter 'fd0x0000000000000009' [ 180.859017][ T6626] tipc: Started in network mode [ 180.863985][ T6626] tipc: Node identity 7, cluster identity 4711 [ 180.870468][ T6626] tipc: Node number set to 7 [ 182.968186][ T6638] loop2: detected capacity change from 0 to 64 [ 183.171308][ T6638] syz.2.160: attempt to access beyond end of device [ 183.171308][ T6638] loop2: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 183.559281][ T6646] loop4: detected capacity change from 0 to 32768 [ 183.797184][ T6648] loop0: detected capacity change from 0 to 4096 [ 183.905700][ T6648] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 184.127299][ T6646] ea_get: invalid extended attribute [ 184.132636][ T6646] ffff888058ae3a80: 04 00 00 00 .... [ 184.531577][ T6655] ialloc: diAlloc returned -17! [ 184.548868][ T6655] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 186.720207][ T6668] netlink: 12 bytes leftover after parsing attributes in process `syz.1.171'. [ 190.340753][ T30] kauditd_printk_skb: 70 callbacks suppressed [ 190.340771][ T30] audit: type=1326 audit(2000000078.299:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.340876][ T30] audit: type=1326 audit(2000000078.299:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.384575][ T6702] loop2: detected capacity change from 0 to 2048 [ 190.385879][ T30] audit: type=1326 audit(2000000078.339:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f600218d3df code=0x7ffc0000 [ 190.385929][ T30] audit: type=1326 audit(2000000078.339:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.385969][ T30] audit: type=1326 audit(2000000078.339:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.386008][ T30] audit: type=1326 audit(2000000078.339:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.386049][ T30] audit: type=1326 audit(2000000078.339:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.386088][ T30] audit: type=1326 audit(2000000078.339:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.386128][ T30] audit: type=1326 audit(2000000078.339:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.386166][ T30] audit: type=1326 audit(2000000078.339:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 190.478848][ T6702] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 190.588920][ T6701] loop4: detected capacity change from 0 to 32768 [ 191.515990][ T6710] loop1: detected capacity change from 0 to 32768 [ 191.578903][ T6702] syz.2.181: attempt to access beyond end of device [ 191.578903][ T6702] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 191.580783][ T6713] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 191.618952][ T6710] ea_get: invalid extended attribute [ 191.623530][ T6700] tty tty2: ldisc open failed (-12), clearing slot 1 [ 191.629584][ T6710] ffff888058ae0c68: 04 00 00 00 .... [ 191.645080][ T6701] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 191.889385][ T6701] XFS (loop4): Ending clean mount [ 191.917652][ T6701] XFS (loop4): Quotacheck needed: Please wait. [ 192.078051][ T6721] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 192.159287][ T6720] ialloc: diAlloc returned -17! [ 192.591081][ T6701] XFS (loop4): Quotacheck: Done. [ 194.011430][ T6733] bond0: entered promiscuous mode [ 194.183222][ T6730] loop3: detected capacity change from 0 to 4096 [ 194.248439][ T6729] loop1: detected capacity change from 0 to 4096 [ 194.256332][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.267017][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.279532][ T5835] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 195.432406][ T6729] ntfs3(loop1): ino=1f, "file2" attr_set_size [ 195.497578][ T6729] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 196.024932][ T6758] loop4: detected capacity change from 0 to 16 [ 196.313771][ T6758] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 197.059204][ T5834] Bluetooth: hci4: command 0x0405 tx timeout [ 197.402067][ T6765] loop1: detected capacity change from 0 to 1024 [ 197.409871][ T6765] hfsplus: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 198.196678][ T6781] xt_recent: hitcount (262144) is larger than allowed maximum (65535) [ 198.237141][ T6783] loop1: detected capacity change from 0 to 512 [ 198.244301][ T6783] EXT4-fs: Ignoring removed nobh option [ 198.376908][ T6783] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.205: iget: bad i_size value: 38620345925642 [ 198.435852][ T6783] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.205: couldn't read orphan inode 15 (err -117) [ 198.491980][ T6783] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.606965][ T6783] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.205: bg 0: block 5: invalid block bitmap [ 199.031986][ T6801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.213'. [ 199.764452][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.793734][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.066165][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.469764][ T6822] syz.0.221 uses obsolete (PF_INET,SOCK_PACKET) [ 201.901591][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 201.912314][ T5842] Bluetooth: hci4: command 0x0405 tx timeout [ 201.918837][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 201.926020][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 202.638535][ T6825] 9pnet: Could not find request transport: 0xffffffffffffffff [ 204.958595][ T6897] loop3: detected capacity change from 0 to 4096 [ 206.543018][ T6897] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 211.010120][ T6950] netlink: 'syz.3.251': attribute type 7 has an invalid length. [ 211.116951][ T6951] loop0: detected capacity change from 0 to 4096 [ 211.125774][ T6951] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 211.731070][ T6958] loop3: detected capacity change from 0 to 32768 [ 212.338231][ T6963] loop2: detected capacity change from 0 to 4096 [ 212.355346][ T6963] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 212.665729][ T6958] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 212.674017][ T6958] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 212.711280][ T6958] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 212.726215][ T5920] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 212.756759][ T5920] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 212.873424][ T5920] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 116ms [ 212.925248][ T5920] gfs2: fsid=syz:syz.0: jid=0: Done [ 212.953077][ T6958] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 213.053382][ T6958] gfs2: fsid=syz:syz.0: found 1 quota changes [ 213.542514][ T6981] IPVS: set_ctl: invalid protocol: 137 127.0.0.1:20003 [ 216.968183][ T7004] loop2: detected capacity change from 0 to 40427 [ 216.987602][ T7004] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 216.995423][ T7004] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 217.026093][ T7004] F2FS-fs (loop2): invalid crc value [ 217.174949][ T7004] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 217.182479][ T7004] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 219.659031][ T7026] loop0: detected capacity change from 0 to 4096 [ 219.705268][ T7026] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 220.529406][ T7036] loop4: detected capacity change from 0 to 32768 [ 220.548198][ T30] kauditd_printk_skb: 73 callbacks suppressed [ 220.548220][ T30] audit: type=1400 audit(2000000108.479:236): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7033 comm="syz.1.280" [ 220.623902][ T7036] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 220.634237][ T7036] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 220.652077][ T7036] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 220.664880][ T5920] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 220.673284][ T5920] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 221.629197][ T5920] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 955ms [ 221.771145][ T5920] gfs2: fsid=syz:syz.0: jid=0: Done [ 221.863019][ T7036] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 222.850421][ T7036] gfs2: fsid=syz:syz.0: found 1 quota changes [ 224.206505][ T7076] IPVS: set_ctl: invalid protocol: 137 127.0.0.1:20003 [ 224.666540][ T7083] netlink: 'syz.2.268': attribute type 4 has an invalid length. [ 224.687547][ T7083] netlink: 152 bytes leftover after parsing attributes in process `syz.2.268'. [ 224.787319][ T7083] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 225.781107][ T7096] program syz.3.291 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 226.039987][ T7101] netlink: 'syz.1.292': attribute type 1 has an invalid length. [ 226.145866][ T7101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.292'. [ 227.127714][ T7104] loop2: detected capacity change from 0 to 4096 [ 227.648286][ T7128] loop4: detected capacity change from 0 to 4096 [ 227.734066][ T7128] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 229.812954][ T7152] xt_HMARK: spi-set and port-set can't be combined [ 229.834098][ T7154] netlink: 44 bytes leftover after parsing attributes in process `syz.4.311'. [ 229.845506][ T7154] netlink: 24 bytes leftover after parsing attributes in process `syz.4.311'. [ 230.432163][ T7165] random: crng reseeded on system resumption [ 231.060721][ T7171] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 231.269545][ T7179] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 232.112264][ T7189] cgroup: subsys name conflicts with all [ 233.156608][ T30] audit: type=1326 audit(2000000121.109:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 233.319392][ T30] audit: type=1326 audit(2000000121.109:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 233.414486][ T30] audit: type=1326 audit(2000000121.169:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 233.434188][ T7211] ALSA: mixer_oss: invalid OSS volume '' [ 233.510442][ T30] audit: type=1326 audit(2000000121.309:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f60021c11e5 code=0x7ffc0000 [ 233.586866][ T30] audit: type=1326 audit(2000000121.309:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 233.699777][ T30] audit: type=1326 audit(2000000121.309:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 233.773182][ T30] audit: type=1326 audit(2000000121.459:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f600218e929 code=0x7ffc0000 [ 235.841387][ T7232] loop4: detected capacity change from 0 to 4096 [ 235.957566][ T7232] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 236.086888][ T30] audit: type=1326 audit(2000000123.829:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.3.343" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a2578e929 code=0x0 [ 236.109239][ T30] audit: type=1326 audit(2000000123.989:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.3.343" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f1a2578e929 code=0x0 [ 237.247938][ T7252] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 237.307539][ T7252] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 239.933175][ T7277] netlink: 16 bytes leftover after parsing attributes in process `syz.4.354'. [ 240.271822][ T7283] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 242.818200][ T7307] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 242.890213][ T7310] $Hÿ: renamed from bond0 [ 243.171546][ T7316] netlink: 16 bytes leftover after parsing attributes in process `syz.0.368'. [ 243.774970][ T7319] netlink: 'syz.4.367': attribute type 15 has an invalid length. [ 244.371769][ T7325] loop2: detected capacity change from 0 to 4096 [ 244.447897][ T7325] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 247.057236][ T7359] netlink: 16 bytes leftover after parsing attributes in process `syz.3.382'. [ 247.839567][ T7364] ip6t_srh: unknown srh match flags 4000 [ 249.226115][ T7367] [U] ^@ [ 249.577190][ T7382] netlink: 1348 bytes leftover after parsing attributes in process `syz.4.389'. [ 249.783699][ T7391] Driver unsupported XDP return value 0 on prog (id 59) dev N/A, expect packet loss! [ 250.537451][ T30] audit: type=1400 audit(2000000138.439:246): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7368 comm="syz.0.386" [ 250.934809][ T7402] loop2: detected capacity change from 0 to 1764 [ 251.123144][ T7402] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 251.714070][ T7402] block device autoloading is deprecated and will be removed. [ 251.729096][ T7402] syz.2.396: attempt to access beyond end of device [ 251.729096][ T7402] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 254.635695][ T7434] loop3: detected capacity change from 0 to 4096 [ 254.714946][ T7434] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 255.594279][ T7440] sp0: Synchronizing with TNC [ 255.690478][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.697447][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.350576][ T7454] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.413'. [ 261.337858][ T7508] netlink: 168 bytes leftover after parsing attributes in process `syz.2.429'. [ 262.792274][ T5940] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 263.355644][ T5940] usb 3-1: Using ep0 maxpacket: 16 [ 263.376481][ T5940] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30 [ 263.405466][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 263.417731][ T5962] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 263.435449][ T7530] loop3: detected capacity change from 0 to 256 [ 263.477368][ T7530] exfat: Deprecated parameter 'namecase' [ 263.480709][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 263.509741][ T7530] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xec8a951c, utbl_chksum : 0xe619d30d) [ 263.726156][ T30] audit: type=1400 audit(2000000151.529:247): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7510 comm="syz.0.430" [ 263.759907][ T5962] usb 5-1: Using ep0 maxpacket: 8 [ 263.833040][ T5940] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65 [ 263.851000][ T5962] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 263.878602][ T5940] usb 3-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00 [ 263.888251][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.896513][ T5962] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 263.905861][ T5962] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 263.913958][ T5962] usb 5-1: Product: syz [ 263.928912][ T5940] usb 3-1: config 0 descriptor?? [ 263.933887][ T7535] random: crng reseeded on system resumption [ 263.971669][ T5962] usb 5-1: Manufacturer: syz [ 264.000742][ T5962] usb 5-1: SerialNumber: syz [ 265.045877][ T5962] usb 5-1: Invalid connection information received from device [ 265.095099][ T5940] samsung 0003:0419:0001.0001: unknown main item tag 0x0 [ 265.355742][ T5940] samsung 0003:0419:0001.0001: unknown main item tag 0x0 [ 265.362846][ T5940] samsung 0003:0419:0001.0001: unknown main item tag 0x0 [ 265.379255][ T5940] samsung 0003:0419:0001.0001: unknown main item tag 0x0 [ 265.640587][ T5895] usb 5-1: USB disconnect, device number 4 [ 266.521610][ T5940] samsung 0003:0419:0001.0001: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.2-1/input0 [ 266.556862][ T5940] usb 3-1: USB disconnect, device number 3 [ 266.805715][ T30] audit: type=1400 audit(2000000154.759:248): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7551 comm="syz.1.443" [ 267.263545][ T7550] fido_id[7550]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 268.060740][ T7570] netlink: 'syz.4.448': attribute type 29 has an invalid length. [ 268.859774][ T7570] netlink: 'syz.4.448': attribute type 29 has an invalid length. [ 272.269535][ T7624] loop2: detected capacity change from 0 to 512 [ 272.460750][ T7624] EXT4-fs (loop2): orphan cleanup on readonly fs [ 272.926103][ T7624] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 272.943868][ T7624] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 272.990196][ T7624] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.467: attempt to clear invalid blocks 2 len 1 [ 273.780282][ T7624] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.467: invalid indirect mapped block 1819239214 (level 0) [ 273.811354][ T7624] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.467: invalid indirect mapped block 1819239214 (level 1) [ 273.865451][ T7635] ================================================================== [ 273.873598][ T7635] BUG: KASAN: slab-out-of-bounds in pause_parse_request+0x40/0x160 [ 273.882094][ T7635] Read of size 8 at addr ffff88802d893b30 by task syz.3.470/7635 [ 273.889825][ T7635] [ 273.892180][ T7635] CPU: 0 UID: 0 PID: 7635 Comm: syz.3.470 Not tainted 6.16.0-rc3-next-20250626-syzkaller #0 PREEMPT(full) [ 273.892207][ T7635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.892226][ T7635] Call Trace: [ 273.892235][ T7635] [ 273.892244][ T7635] dump_stack_lvl+0x189/0x250 [ 273.892278][ T7635] ? __virt_addr_valid+0x1c8/0x5c0 [ 273.892297][ T7635] ? rcu_is_watching+0x15/0xb0 [ 273.892323][ T7635] ? __kasan_check_byte+0x12/0x40 [ 273.892351][ T7635] ? __pfx_dump_stack_lvl+0x10/0x10 [ 273.892379][ T7635] ? rcu_is_watching+0x15/0xb0 [ 273.892405][ T7635] ? lock_release+0x4b/0x3e0 [ 273.892430][ T7635] ? __virt_addr_valid+0x1c8/0x5c0 [ 273.892447][ T7635] ? __virt_addr_valid+0x4a5/0x5c0 [ 273.892465][ T7635] print_report+0xd2/0x2b0 [ 273.892490][ T7635] ? pause_parse_request+0x40/0x160 [ 273.892517][ T7635] kasan_report+0x118/0x150 [ 273.892557][ T7635] ? pause_parse_request+0x40/0x160 [ 273.892586][ T7635] ? __pfx_pause_parse_request+0x10/0x10 [ 273.892612][ T7635] pause_parse_request+0x40/0x160 [ 273.892639][ T7635] ? __pfx_pause_parse_request+0x10/0x10 [ 273.892665][ T7635] ethnl_default_set_doit+0x2be/0xa40 [ 273.892685][ T7635] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 273.892713][ T7635] genl_family_rcv_msg_doit+0x212/0x300 [ 273.892739][ T7635] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 273.892768][ T7635] ? bpf_lsm_capable+0x9/0x20 [ 273.892793][ T7635] ? security_capable+0x7e/0x2e0 [ 273.892822][ T7635] genl_rcv_msg+0x60e/0x790 [ 273.892847][ T7635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.892866][ T7635] ? ref_tracker_free+0x63a/0x7d0 [ 273.892893][ T7635] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 273.892913][ T7635] ? __pfx_ref_tracker_free+0x10/0x10 [ 273.892943][ T7635] netlink_rcv_skb+0x205/0x470 [ 273.892967][ T7635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.892989][ T7635] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 273.893023][ T7635] ? down_read+0x1ad/0x2e0 [ 273.893042][ T7635] genl_rcv+0x28/0x40 [ 273.893061][ T7635] netlink_unicast+0x758/0x8d0 [ 273.893090][ T7635] netlink_sendmsg+0x805/0xb30 [ 273.893123][ T7635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 273.893152][ T7635] ? aa_sock_msg_perm+0xf1/0x1d0 [ 273.893180][ T7635] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 273.893201][ T7635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 273.893229][ T7635] __sock_sendmsg+0x219/0x270 [ 273.893256][ T7635] ____sys_sendmsg+0x505/0x830 [ 273.893278][ T7635] ? __pfx_____sys_sendmsg+0x10/0x10 [ 273.893303][ T7635] ? import_iovec+0x74/0xa0 [ 273.893329][ T7635] ___sys_sendmsg+0x21f/0x2a0 [ 273.893349][ T7635] ? __pfx____sys_sendmsg+0x10/0x10 [ 273.893386][ T7635] ? __fget_files+0x2a/0x420 [ 273.893414][ T7635] ? __fget_files+0x3a0/0x420 [ 273.893446][ T7635] __x64_sys_sendmsg+0x19b/0x260 [ 273.893468][ T7635] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 273.893493][ T7635] ? rcu_is_watching+0x15/0xb0 [ 273.893534][ T7635] ? do_syscall_64+0xbe/0x3b0 [ 273.893565][ T7635] do_syscall_64+0xfa/0x3b0 [ 273.893592][ T7635] ? lockdep_hardirqs_on+0x9c/0x150 [ 273.893618][ T7635] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.893638][ T7635] ? clear_bhb_loop+0x60/0xb0 [ 273.893659][ T7635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.893678][ T7635] RIP: 0033:0x7f1a2578e929 [ 273.893704][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.893722][ T7635] RSP: 002b:00007f1a26539038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 273.893743][ T7635] RAX: ffffffffffffffda RBX: 00007f1a259b5fa0 RCX: 00007f1a2578e929 [ 273.893759][ T7635] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003 [ 273.893772][ T7635] RBP: 00007f1a25810b39 R08: 0000000000000000 R09: 0000000000000000 [ 273.893784][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.893796][ T7635] R13: 0000000000000000 R14: 00007f1a259b5fa0 R15: 00007ffe56e807e8 [ 273.893817][ T7635] [ 273.893824][ T7635] [ 274.275129][ T7635] Allocated by task 7635: [ 274.279474][ T7635] kasan_save_track+0x3e/0x80 [ 274.284146][ T7635] __kasan_kmalloc+0x93/0xb0 [ 274.288815][ T7635] __kmalloc_noprof+0x27a/0x4f0 [ 274.293660][ T7635] genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 274.299713][ T7635] genl_family_rcv_msg_doit+0xb8/0x300 [ 274.305163][ T7635] genl_rcv_msg+0x60e/0x790 [ 274.309657][ T7635] netlink_rcv_skb+0x205/0x470 [ 274.314411][ T7635] genl_rcv+0x28/0x40 [ 274.318390][ T7635] netlink_unicast+0x758/0x8d0 [ 274.323144][ T7635] netlink_sendmsg+0x805/0xb30 [ 274.327908][ T7635] __sock_sendmsg+0x219/0x270 [ 274.332573][ T7635] ____sys_sendmsg+0x505/0x830 [ 274.337322][ T7635] ___sys_sendmsg+0x21f/0x2a0 [ 274.341984][ T7635] __x64_sys_sendmsg+0x19b/0x260 [ 274.346906][ T7635] do_syscall_64+0xfa/0x3b0 [ 274.351409][ T7635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.357288][ T7635] [ 274.359601][ T7635] The buggy address belongs to the object at ffff88802d893b00 [ 274.359601][ T7635] which belongs to the cache kmalloc-64 of size 64 [ 274.373464][ T7635] The buggy address is located 8 bytes to the right of [ 274.373464][ T7635] allocated 40-byte region [ffff88802d893b00, ffff88802d893b28) [ 274.387942][ T7635] [ 274.390264][ T7635] The buggy address belongs to the physical page: [ 274.396656][ T7635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d893 [ 274.405399][ T7635] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 274.412942][ T7635] page_type: f5(slab) [ 274.416949][ T7635] raw: 00fff00000000000 ffff88801a4418c0 0000000000000000 dead000000000001 [ 274.425522][ T7635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 274.434087][ T7635] page dumped because: kasan: bad access detected [ 274.440498][ T7635] page_owner tracks the page as allocated [ 274.446293][ T7635] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2138, tgid 2138 (kworker/u8:6), ts 17259855692, free_ts 0 [ 274.464693][ T7635] post_alloc_hook+0x240/0x2a0 [ 274.469462][ T7635] get_page_from_freelist+0x21e4/0x22c0 [ 274.474999][ T7635] __alloc_frozen_pages_noprof+0x181/0x370 [ 274.480795][ T7635] alloc_pages_mpol+0x232/0x4a0 [ 274.485642][ T7635] allocate_slab+0x8a/0x370 [ 274.490140][ T7635] ___slab_alloc+0xbeb/0x1410 [ 274.494823][ T7635] __kmalloc_noprof+0x305/0x4f0 [ 274.499665][ T7635] security_task_alloc+0x4d/0x360 [ 274.504678][ T7635] copy_process+0x1530/0x3c00 [ 274.509346][ T7635] kernel_clone+0x21e/0x870 [ 274.513877][ T7635] user_mode_thread+0xdd/0x140 [ 274.518636][ T7635] call_usermodehelper_exec_work+0x5c/0x230 [ 274.524531][ T7635] process_scheduled_works+0xade/0x17b0 [ 274.530065][ T7635] worker_thread+0x8a0/0xda0 [ 274.534647][ T7635] kthread+0x711/0x8a0 [ 274.538708][ T7635] ret_from_fork+0x3fc/0x770 [ 274.543309][ T7635] page_owner free stack trace missing [ 274.548849][ T7635] [ 274.551159][ T7635] Memory state around the buggy address: [ 274.556767][ T7635] ffff88802d893a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 274.564815][ T7635] ffff88802d893a80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 274.572860][ T7635] >ffff88802d893b00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 274.580915][ T7635] ^ [ 274.586531][ T7635] ffff88802d893b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 274.594577][ T7635] ffff88802d893c00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 274.602627][ T7635] ================================================================== [ 274.635067][ T7624] EXT4-fs (loop2): 1 truncate cleaned up [ 274.643258][ T7624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 274.653501][ T7638] netlink: 'syz.4.473': attribute type 10 has an invalid length. [ 274.656260][ T7635] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 274.656280][ T7635] CPU: 1 UID: 0 PID: 7635 Comm: syz.3.470 Not tainted 6.16.0-rc3-next-20250626-syzkaller #0 PREEMPT(full) [ 274.656303][ T7635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 274.656316][ T7635] Call Trace: [ 274.656323][ T7635] [ 274.656331][ T7635] dump_stack_lvl+0x99/0x250 [ 274.656365][ T7635] ? __asan_memcpy+0x40/0x70 [ 274.656387][ T7635] ? __pfx_dump_stack_lvl+0x10/0x10 [ 274.656414][ T7635] ? __pfx__printk+0x10/0x10 [ 274.656440][ T7635] panic+0x2db/0x790 [ 274.656476][ T7635] ? __pfx_panic+0x10/0x10 [ 274.656506][ T7635] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 274.656531][ T7635] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 274.656554][ T7635] ? print_memory_metadata+0x314/0x400 [ 274.656581][ T7635] ? pause_parse_request+0x40/0x160 [ 274.656607][ T7635] check_panic_on_warn+0x89/0xb0 [ 274.656627][ T7635] ? pause_parse_request+0x40/0x160 [ 274.656651][ T7635] end_report+0x78/0x160 [ 274.656677][ T7635] kasan_report+0x129/0x150 [ 274.656705][ T7635] ? pause_parse_request+0x40/0x160 [ 274.656733][ T7635] ? __pfx_pause_parse_request+0x10/0x10 [ 274.656757][ T7635] pause_parse_request+0x40/0x160 [ 274.656784][ T7635] ? __pfx_pause_parse_request+0x10/0x10 [ 274.656808][ T7635] ethnl_default_set_doit+0x2be/0xa40 [ 274.656828][ T7635] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 274.656855][ T7635] genl_family_rcv_msg_doit+0x212/0x300 [ 274.656881][ T7635] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 274.656909][ T7635] ? bpf_lsm_capable+0x9/0x20 [ 274.656935][ T7635] ? security_capable+0x7e/0x2e0 [ 274.656963][ T7635] genl_rcv_msg+0x60e/0x790 [ 274.656986][ T7635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 274.657006][ T7635] ? ref_tracker_free+0x63a/0x7d0 [ 274.657032][ T7635] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 274.657051][ T7635] ? __pfx_ref_tracker_free+0x10/0x10 [ 274.657082][ T7635] netlink_rcv_skb+0x205/0x470 [ 274.657110][ T7635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 274.657131][ T7635] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 274.657165][ T7635] ? down_read+0x1ad/0x2e0 [ 274.657182][ T7635] genl_rcv+0x28/0x40 [ 274.657201][ T7635] netlink_unicast+0x758/0x8d0 [ 274.657231][ T7635] netlink_sendmsg+0x805/0xb30 [ 274.657265][ T7635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 274.657295][ T7635] ? aa_sock_msg_perm+0xf1/0x1d0 [ 274.657323][ T7635] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 274.657343][ T7635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 274.657368][ T7635] __sock_sendmsg+0x219/0x270 [ 274.657395][ T7635] ____sys_sendmsg+0x505/0x830 [ 274.657418][ T7635] ? __pfx_____sys_sendmsg+0x10/0x10 [ 274.657441][ T7635] ? import_iovec+0x74/0xa0 [ 274.657462][ T7635] ___sys_sendmsg+0x21f/0x2a0 [ 274.657486][ T7635] ? __pfx____sys_sendmsg+0x10/0x10 [ 274.657522][ T7635] ? __fget_files+0x2a/0x420 [ 274.657549][ T7635] ? __fget_files+0x3a0/0x420 [ 274.657581][ T7635] __x64_sys_sendmsg+0x19b/0x260 [ 274.657603][ T7635] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 274.657628][ T7635] ? rcu_is_watching+0x15/0xb0 [ 274.657656][ T7635] ? do_syscall_64+0xbe/0x3b0 [ 274.657685][ T7635] do_syscall_64+0xfa/0x3b0 [ 274.657711][ T7635] ? lockdep_hardirqs_on+0x9c/0x150 [ 274.657734][ T7635] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.657753][ T7635] ? clear_bhb_loop+0x60/0xb0 [ 274.657774][ T7635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.657793][ T7635] RIP: 0033:0x7f1a2578e929 [ 274.657810][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.657826][ T7635] RSP: 002b:00007f1a26539038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 274.657847][ T7635] RAX: ffffffffffffffda RBX: 00007f1a259b5fa0 RCX: 00007f1a2578e929 [ 274.657862][ T7635] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003 [ 274.657874][ T7635] RBP: 00007f1a25810b39 R08: 0000000000000000 R09: 0000000000000000 [ 274.657887][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.657899][ T7635] R13: 0000000000000000 R14: 00007f1a259b5fa0 R15: 00007ffe56e807e8 [ 274.657919][ T7635] [ 274.663748][ T7635] Kernel Offset: disabled