last executing test programs: 4m21.105582332s ago: executing program 5 (id=2087): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendmmsg$sock(r0, &(0x7f0000006740)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x5c2e, @mcast1, 0x8001}, 0x80, 0x0}}], 0x1, 0x24064044) r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x81, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x8000, 0x3000, 0x34343452, 0x4, 0x7, [{0x592e3537, 0x2}, {0xfffffff7, 0x9}, {0x1, 0x9}, {0xe53, 0x7}, {0x7000, 0x8}, {0x7, 0xc}, {0x8, 0x32}, {0x1, 0xfffffff0}], 0xd7, 0x4, 0x3, 0x2, 0x4}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x9, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0) setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x2, 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000004001500090002000000035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x8}) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0) ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f0000000280)={'pcl812\x00', [0x2f00, 0x5, 0x3, 0x2, 0x0, 0x1, 0x1, 0x9, 0xffe, 0x1, 0xc, 0x1, 0x4, 0x4, 0xffff, 0x6, 0xffffffa7, 0x40000009, 0x832, 0x30000, 0x3ff, 0x9, 0x800, 0xe2df, 0x2, 0x1, 0x80, 0x3, 0x4, 0x7, 0x70f]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r7 = socket$l2tp6(0xa, 0x2, 0x73) connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e23, 0x2, @mcast1, 0x5a89}}}, 0x3a) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000000) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041706aaaaaaaaaa12e54b3fcd443f560eb95ff5f70b2b2bf6ecdf05cceb7d5e7e0046025f2758300b9fdf09adaeef5901457f17aca2fccbf1fa7aaaec57f979171331d77806578f7db21dc0b308a31b95340ec3afde72d05bd07a588540372b7037132e5333e4ff000000"], 0x9) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0) connect$pppoe(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) 4m19.944097763s ago: executing program 5 (id=2089): socket$inet_smc(0x2b, 0x1, 0x0) openat$sequencer(0xffffff9c, 0x0, 0x80800, 0x0) r0 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x481, 0x0) ioctl$SNDCTL_SEQ_GETTIME(r0, 0x80045113, &(0x7f00000000c0)) 4m18.571268817s ago: executing program 5 (id=2095): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafbd63e"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={r2}, 0x4) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4) r4 = socket$inet_icmp(0x2, 0x2, 0x1) sendmmsg$inet(r4, &(0x7f0000000c40)=[{{&(0x7f0000000200)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000000)=[{&(0x7f00000002c0)}], 0x1}}], 0x1, 0x4800) 4m16.693352176s ago: executing program 5 (id=2101): mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioperm(0x0, 0x7fff, 0x15f9) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x1c, 0x12, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa8}}, 0x20050800) socket$pppl2tp(0x18, 0x1, 0x1) close(0x3) 4m14.790813699s ago: executing program 5 (id=2108): socket$inet_smc(0x2b, 0x1, 0x0) openat$sequencer(0xffffff9c, 0x0, 0x80800, 0x0) r0 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x481, 0x0) ioctl$SNDCTL_SEQ_GETTIME(r0, 0x80045113, &(0x7f00000000c0)) 4m13.789574704s ago: executing program 5 (id=2110): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14) 3m58.093529463s ago: executing program 32 (id=2110): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14) 3m24.466536146s ago: executing program 0 (id=2211): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x4414, 0x4) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14, &(0x7f0000000100)={0x0}, 0x7, 0x0, 0x0, 0x4002000}, 0x600c010) recvmmsg(r0, 0x0, 0x0, 0x40000141, 0x0) 3m24.205801159s ago: executing program 0 (id=2213): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800, 0x0, 0x0, 0x4}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="180000001600010a00000000000000000000000054"], 0x78}}, 0x0) 3m23.412182127s ago: executing program 0 (id=2215): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r4, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000100)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x38, 0x3a, 0xff, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, ':yE', 0x2, 0x3a, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, [], "8029335287b7a081"}}}}}}}, 0x0) recvmmsg(r4, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2000, 0x0) 3m20.754765193s ago: executing program 0 (id=2221): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@my=0x0, 0xffffbfff}, @my=0x1, 0x9, 0x2000000, 0x6449, 0xfffffffffffffffd, 0x8, 0xfffffffd, 0x2}) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0fb0000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2) 3m17.948006631s ago: executing program 0 (id=2225): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r1, 0x0, 0x0) listen(r1, 0x80) accept$netrom(r1, 0x0, 0x0) 3m15.712343799s ago: executing program 0 (id=2231): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000007c0)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@my=0x0, 0xffffbfff}, @my=0x1, 0x9, 0x2000000, 0x6449, 0xfffffffffffffffd, 0x8, 0xfffffffd, 0x2}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCXONC(r2, 0x540a, 0x0) ioctl$TCXONC(r2, 0x540a, 0x2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'ipvlan1\x00', {0x2}}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008000) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(0x0, 0x0, 0x0) mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)) sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="e8", 0x1, 0x20000045, 0x0, 0x0) 2m59.623021308s ago: executing program 33 (id=2231): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000007c0)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@my=0x0, 0xffffbfff}, @my=0x1, 0x9, 0x2000000, 0x6449, 0xfffffffffffffffd, 0x8, 0xfffffffd, 0x2}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCXONC(r2, 0x540a, 0x0) ioctl$TCXONC(r2, 0x540a, 0x2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'ipvlan1\x00', {0x2}}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008000) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(0x0, 0x0, 0x0) mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)) sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="e8", 0x1, 0x20000045, 0x0, 0x0) 20.678078052s ago: executing program 4 (id=2632): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r4, 0x0, 0x2, 0x0, 0x0) 20.480638369s ago: executing program 1 (id=2633): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) write$tun(r0, &(0x7f0000000500)={@val={0x0, 0x6006}, @val={0x1, 0x5, 0x7, 0x3, 0x80, 0x6}, @mpls={[{0x3}], @ipv6=@tipc_packet={0x9, 0x6, "40e154", 0x1a5, 0x6, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, {[@hopopts={0x1d, 0x17, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x6}, @jumbo={0xc2, 0x4, 0x6}, @generic={0x9, 0xae, "5434431289fa2ff1b5372ccac728ce54acbf552da2719c00de97696de4af3a60fdca7363f04f9af93f65a5a02b9f5d8be868fa851a49be7d04a2ccad409ad0d0c2a09c98d53c1c42a8cc2daffcd24be066cec9bfbc9d8af53f6cecfadb6ffaadbd84d0d3f6f48c80b33cb19d51f8bfae6bdaa5ba2707156f4a3699a0961ef72580cb05a3ebfcfcc2a9430d1db4c7390155220aa7f7f3577c8279305d7dadb5923e8687f09adf5a8a44f00cf0fae9"}]}, @dstopts={0x0, 0x3, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}, @srh={0x32, 0x10, 0x4, 0x8, 0x81, 0x28, 0xfff4, [@loopback, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x11}, @mcast1, @local, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @hopopts={0x29}], @payload_direct={{{{0x25, 0x0, 0x0, 0x0, 0x1, 0x8, 0x2, 0x2, 0x5, 0x0, 0x1, 0x0, 0x2, 0x3, 0x3ff, 0x9, 0x4, 0x4e22, 0x4e22}, 0x1, 0x2}}, [0x0, 0x0, 0x0, 0x0, 0x0]}}}}}, 0x1df) 19.364200574s ago: executing program 4 (id=2634): r0 = socket$pppoe(0x18, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x1e00) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r4) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r6, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000], [0x0, 0x1001000], [0x0, 0x0, 0xe8a6]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8, 0x0, 0x0, r9], [0x2b8]}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000280)={&(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) 18.752728278s ago: executing program 4 (id=2635): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000005400000054000000060000040000000100008409000000040000baefe5e9c03761d054af72c48170643f0001000000030000009503006b00000000030000000000000000000003000000000100000002000000ff0100"/111], 0x0, 0x72, 0x0, 0x1}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@private1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8) setreuid(0xee00, r4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@ipv4_delroute={0x24, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x80, 0x0, 0x0, 0x4, 0xff}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) clock_nanosleep(0xfffffff2, 0x0, 0x0, &(0x7f0000000040)) rt_sigqueueinfo(0x0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d3, &(0x7f0000000100)) openat$procfs(0xffffffffffffff9c, 0x0, 0x41, 0x0) 17.597601005s ago: executing program 4 (id=2638): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x400000b4e) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x2000000) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) 13.514282365s ago: executing program 3 (id=2644): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getpid() syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xffffffffffffff2b) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @local}, 0x1c) ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2271, &(0x7f0000000080)=0x1) 11.860314663s ago: executing program 3 (id=2645): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x18b242, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_GET_SYSNAME(r2, 0x8040552c, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x18, 0x209, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00'}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) syz_open_dev$video4linux(&(0x7f0000001540), 0x6, 0x0) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() socket(0x6, 0x1, 0x0) syz_open_dev$loop(0x0, 0x81, 0x2a82) r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r7 = syz_open_dev$ttys(0xc, 0x2, 0x0) r8 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000080)={0xffffffff, 0x1f, 0x7, 0xfffffffa, 0x3, "a4c82192e6aed8e8950470331d04006c9957ed"}) ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)=0x3) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000004b80)) socket$inet_mptcp(0x2, 0x1, 0x106) 11.167610657s ago: executing program 4 (id=2647): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004c40)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x8, @local, 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000440)=[@flowinfo={{0x14, 0x29, 0xb, 0x200}}, @pktinfo={{0x24, 0x29, 0x32, {@private2}}}], 0x40}}], 0x1, 0x4) r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x8) setsockopt$ax25_int(r4, 0x101, 0xa, &(0x7f0000000080)=0x40, 0x4) 7.503559169s ago: executing program 1 (id=2648): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10) bind$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040), 0x6) socket$unix(0x1, 0x1, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast1, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x16}, 0x2c) r6 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffec0) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r7, 0x400448ca, 0x0) fcntl$notify(r4, 0x402, 0x6) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0x36) bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) setsockopt$sock_int(r0, 0x1, 0x7, 0x0, 0x0) fcntl$dupfd(r6, 0x406, r5) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) 6.882375906s ago: executing program 2 (id=2649): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x17) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4) 6.774625846s ago: executing program 3 (id=2650): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xca) ioctl$SIOCAX25GETINFOOLD(r0, 0x89e3, &(0x7f0000000180)) 6.46011078s ago: executing program 2 (id=2651): socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10) bind$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040), 0x6) socket$unix(0x1, 0x1, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast1, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x16}, 0x2c) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0x36) 6.347114364s ago: executing program 3 (id=2652): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r0, &(0x7f0000000200)=ANY=[], 0x7) syz_init_net_socket$ax25(0x3, 0x2, 0xf0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) syz_pidfd_open(0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r1 = socket(0x1, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bind$unix(r1, 0x0, 0x0) ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, &(0x7f0000000000)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') read$FUSE(r3, &(0x7f0000003440)={0x2020}, 0x2020) 6.263863344s ago: executing program 1 (id=2653): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@my=0x0, 0xffffbfff}, @my=0x1, 0x9, 0x2000000, 0x6449, 0xfffffffffffffffd, 0x8, 0xfffffffd, 0x2}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$sg(0x0, 0x0, 0x5) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0fb0000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2) 5.42834106s ago: executing program 2 (id=2654): socket$inet(0x2, 0xa, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000009c0)=@bridge_getlink={0x28, 0x12, 0x101, 0x0, 0xffffffe0, {0x7, 0x0, 0x0, 0x0, 0x8448, 0x4000}, [@IFLA_EXT_MASK={0x8, 0x1d, 0xc3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4050}, 0x0) 5.343326015s ago: executing program 1 (id=2655): setitimer(0x2, &(0x7f0000000180)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0) clock_gettime(0x0, 0x0) setitimer(0x1, &(0x7f00000001c0)={{}, {0x0, 0x2710}}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) 5.34115234s ago: executing program 3 (id=2656): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getpid() syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xffffffffffffff2b) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @local}, 0x1c) 3.302618602s ago: executing program 3 (id=2657): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001d"], 0xb8}}, 0x0) 3.273347219s ago: executing program 2 (id=2658): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x7, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) clock_adjtime(0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r1, 0x0, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) readv(r1, 0x0, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x1d, 0x0, 0x0) setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10) setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) sendmmsg$inet(r3, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000100)='affs\x00', 0x200000, 0x0) 3.040113023s ago: executing program 4 (id=2659): bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc43", 0xf) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$rds(0x15, 0x5, 0x0) execve(0x0, 0x0, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "00000000000000000001000f0e00"}}}]}, 0x48}}, 0x0) ioctl$BLKPBSZGET(0xffffffffffffffff, 0x127b, &(0x7f0000000080)) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x2}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) add_key$keyring(&(0x7f0000000380), &(0x7f0000000440)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) io_uring_setup(0x2e5b, &(0x7f00000003c0)={0x0, 0x4c55, 0x2, 0x3, 0xd0}) 1.893960468s ago: executing program 2 (id=2660): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x17) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) socket$inet6_mptcp(0xa, 0x1, 0x106) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) 1.700097063s ago: executing program 1 (id=2661): prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xb, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f0000000440)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x10000000000019, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x6, 0x1, 0x0, 0x4dcc, 0x1ff, 0xfd0d, 0x0, 0x0, 0x40, 0x5}}, 0x50) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xfffffffffffffa8a) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000010) syz_open_dev$vim2m(0x0, 0x7, 0x2) mknod(&(0x7f0000000040)='./file0\x00', 0x2a8, 0x8021) mount(&(0x7f00000000c0)=@nullb, 0x0, &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0) 372.117855ms ago: executing program 2 (id=2662): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x5, 0x101400) ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000280)={0x0, "369f5c95b1fc607aea8137aefcae1d57248333eca390611644f567ffdc17606f0a9972f66c67b61e37fac788cc4853e81d0455c60b2e9b2f8019a498983d1e587f3b8130c86c3043537d4befeb3b0604e0d60df71d9b6c37500ab7394b3646793a1db9415df38517cdf99ec4e749eb7305819e87ab62da1a66ca8e7f6a1c01aaba1042c47bf4e3a7515a6dceac012b0f5f330944126e36a8ec794255de70996de72cc35e13028bfa87abfa2ff5e3e832b42db9b5df199077f210f3e259f24e8b1e0e051b836893860880932b7db97116002ff92654c94c5557a856586b3dcccb37fe0555360c69410603aa5eb2ddf1f72fb7125402ad3240afa863af85b509fc"}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc}, 0x48) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) 0s ago: executing program 1 (id=2663): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xfffffffffffffe34) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r5, 0x0) setpgid(0x0, r5) bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe) sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0) write$cgroup_int(r6, &(0x7f0000000040)=0x1c9, 0x12) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f0000000480)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x80000}) kernel console output (not intermixed with test programs): T4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 253.243031][ T9234] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1207: lblock 2 mapped to illegal pblock 2 (length 1) [ 253.346120][ T9234] EXT4-fs (loop4): Remounting filesystem read-only [ 253.358454][ T9234] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 253.378438][ T9234] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 253.408538][ T9234] EXT4-fs (loop4): 1 orphan inode deleted [ 253.445534][ T9234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.703148][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.100405][ T9259] loop0: detected capacity change from 0 to 8192 [ 254.858574][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.383965][ T9316] syzkaller1: entered promiscuous mode [ 255.419344][ T9316] syzkaller1: entered allmulticast mode [ 255.740404][ T9310] loop3: detected capacity change from 0 to 8192 [ 255.844815][ T9329] siw: device registration error -23 [ 255.900199][ T9329] loop1: detected capacity change from 0 to 512 [ 255.913325][ T9329] EXT4-fs: Ignoring removed oldalloc option [ 256.120703][ T9329] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1245: Parent and EA inode have the same ino 15 [ 256.574779][ T9329] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1245: Parent and EA inode have the same ino 15 [ 256.590962][ T9329] EXT4-fs (loop1): 1 orphan inode deleted [ 256.598835][ T9329] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.941388][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.999487][ T9380] syzkaller1: entered promiscuous mode [ 258.047103][ T9380] syzkaller1: entered allmulticast mode [ 258.125454][ T9378] loop2: detected capacity change from 0 to 8192 [ 258.774749][ T9398] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1273'. [ 259.178906][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1273'. [ 259.901168][ T9417] loop5: detected capacity change from 0 to 1024 [ 259.912632][ T9417] EXT4-fs: Ignoring removed nobh option [ 259.925670][ T9417] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 260.004328][ T9417] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.1281: lblock 2 mapped to illegal pblock 2 (length 1) [ 260.060534][ T9417] EXT4-fs (loop5): Remounting filesystem read-only [ 260.067150][ T9417] Quota error (device loop5): qtree_write_dquot: dquota write failed [ 260.139003][ T9417] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 260.148019][ T9417] EXT4-fs (loop5): 1 orphan inode deleted [ 260.250030][ T9417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.500770][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.672218][ T9429] loop2: detected capacity change from 0 to 8192 [ 260.710406][ T9436] trusted_key: encrypted_key: keylen parameter is missing [ 261.040907][ T9441] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1290'. [ 261.096059][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1290'. [ 261.562065][ T9460] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1299'. [ 261.674639][ T9462] loop4: detected capacity change from 0 to 1024 [ 261.692431][ T9462] EXT4-fs: Ignoring removed nobh option [ 261.723068][ T9462] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 261.831474][ T9462] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1300: lblock 2 mapped to illegal pblock 2 (length 1) [ 261.926904][ T9462] EXT4-fs (loop4): Remounting filesystem read-only [ 261.976183][ T9462] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 262.029511][ T9462] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 262.069632][ T9462] EXT4-fs (loop4): 1 orphan inode deleted [ 262.105147][ T9462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.373297][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.417575][ T9478] loop0: detected capacity change from 0 to 8192 [ 262.502425][ T9488] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1311'. [ 262.538196][ T9488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1311'. [ 263.867639][ T9524] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1328'. [ 263.915590][ T9524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1328'. [ 264.072135][ T9520] loop0: detected capacity change from 0 to 8192 [ 265.319932][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.326344][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.705631][ T9556] loop4: detected capacity change from 0 to 512 [ 265.759792][ T9556] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 265.882062][ T9556] EXT4-fs (loop4): 1 truncate cleaned up [ 265.922732][ T9556] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.366785][ T9572] loop5: detected capacity change from 0 to 8192 [ 266.505034][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.773739][ T9632] loop0: detected capacity change from 0 to 1024 [ 267.809556][ T9632] EXT4-fs: Ignoring removed nobh option [ 267.826673][ T9632] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 267.886045][ T9632] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 2: comm syz.0.1376: lblock 2 mapped to illegal pblock 2 (length 1) [ 267.914569][ T9632] EXT4-fs (loop0): Remounting filesystem read-only [ 267.950828][ T9632] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 268.009896][ T9632] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 268.018671][ T9626] loop2: detected capacity change from 0 to 8192 [ 268.019435][ T9632] EXT4-fs (loop0): 1 orphan inode deleted [ 268.033239][ T9632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.161350][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.520554][ T9644] syzkaller0: entered promiscuous mode [ 268.535657][ T9657] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1385'. [ 268.566893][ T9644] syzkaller0: entered allmulticast mode [ 268.606252][ T9657] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1385'. [ 271.101228][ T9686] 9pnet_fd: Insufficient options for proto=fd [ 271.747538][ T9713] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1405'. [ 271.842098][ T9708] syzkaller0: entered promiscuous mode [ 271.868483][ T9708] syzkaller0: entered allmulticast mode [ 271.893486][ T9722] loop0: detected capacity change from 0 to 512 [ 271.928707][ T9722] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 271.972636][ T9722] EXT4-fs (loop0): 1 truncate cleaned up [ 271.981362][ T9732] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1405'. [ 272.022758][ T9722] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.017459][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.482390][ T9802] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1434'. [ 276.559158][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1434'. [ 276.888948][ T9805] syzkaller0: entered promiscuous mode [ 276.907120][ T9805] syzkaller0: entered allmulticast mode [ 277.348817][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 278.341704][ T9834] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1444'. [ 278.568644][ T30] audit: type=1326 audit(1752642522.563:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.643641][ T30] audit: type=1326 audit(1752642522.563:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.685093][ T30] audit: type=1326 audit(1752642522.563:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.711160][ T30] audit: type=1326 audit(1752642522.563:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.794999][ T30] audit: type=1326 audit(1752642522.563:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.825568][ T30] audit: type=1326 audit(1752642522.573:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 278.855873][ T30] audit: type=1326 audit(1752642522.573:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 279.310366][ T9846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 279.329396][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.344142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.414094][ T30] audit: type=1326 audit(1752642522.573:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 279.576593][ T30] audit: type=1326 audit(1752642522.573:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 279.672568][ T30] audit: type=1326 audit(1752642522.573:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 281.177361][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 281.484383][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 281.635418][ T9857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 281.964996][ T55] rtc_cmos 00:00: Alarms can be up to one day in the future [ 281.988167][ T55] rtc_cmos 00:00: Alarms can be up to one day in the future [ 282.046263][ T55] rtc_cmos 00:00: Alarms can be up to one day in the future [ 282.078813][ T55] rtc_cmos 00:00: Alarms can be up to one day in the future [ 282.086171][ T55] rtc rtc0: __rtc_set_alarm: err=-22 [ 283.256158][ T9875] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1458'. [ 283.840285][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 283.840460][ T5860] Bluetooth: hci3: unexpected event for opcode 0x0809 [ 288.139463][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 288.344444][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 288.428895][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 288.438663][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 290.758945][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1473'. [ 290.790707][ T9911] warning: `syz.2.1468' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 291.706639][ T9949] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1479'. [ 292.806241][ T9955] loop4: detected capacity change from 0 to 512 [ 292.815129][ T9955] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 292.855598][ T9955] EXT4-fs (loop4): 1 truncate cleaned up [ 292.870745][ T9955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.878599][ T9951] syzkaller0: entered promiscuous mode [ 292.894327][ T9951] syzkaller0: entered allmulticast mode [ 293.912348][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.667449][ T9985] vxcan1: entered allmulticast mode [ 296.253533][T10009] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1496'. [ 297.898541][T10018] block device autoloading is deprecated and will be removed. [ 298.242003][ T5939] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 298.926955][T10022] loop5: detected capacity change from 0 to 512 [ 298.948055][T10022] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 298.948652][ T5939] usb 5-1: Using ep0 maxpacket: 16 [ 298.974231][T10022] EXT4-fs (loop5): 1 truncate cleaned up [ 298.982021][T10022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.299645][ T5939] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 300.170560][ T5939] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 300.181654][ T5939] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 300.193851][ T5939] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 300.372807][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.398583][ T5939] usb 5-1: string descriptor 0 read error: -71 [ 300.405245][ T5939] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 300.448435][ T5939] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.491577][ T5939] usb 5-1: can't set config #1, error -71 [ 300.501705][ T5939] usb 5-1: USB disconnect, device number 3 [ 300.818285][T10039] syzkaller0: entered promiscuous mode [ 300.848547][T10039] syzkaller0: entered allmulticast mode [ 301.142825][T10059] Unsupported ieee802154 address type: 0 [ 302.532548][T10077] loop0: detected capacity change from 0 to 512 [ 302.561410][T10077] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 302.606018][T10077] EXT4-fs (loop0): 1 truncate cleaned up [ 302.629402][T10077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.070155][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.923842][T10095] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 308.342243][ T5947] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 308.880444][T10115] trusted_key: encrypted_key: insufficient parameters specified [ 309.183838][ T5947] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 309.213535][ T5947] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 309.237312][ T5947] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 309.449507][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.472008][T10109] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 309.503001][ T5947] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 309.557128][T10123] Unsupported ieee802154 address type: 0 [ 310.178814][ T5947] usb 4-1: USB disconnect, device number 2 [ 310.285734][T10127] loop2: detected capacity change from 0 to 512 [ 310.323456][T10127] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 310.567870][T10127] EXT4-fs (loop2): 1 truncate cleaned up [ 310.590931][T10133] siw: device registration error -23 [ 310.604949][T10133] loop1: detected capacity change from 0 to 512 [ 310.612519][T10133] EXT4-fs: Ignoring removed oldalloc option [ 311.543833][T10127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.614290][T10133] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1530: Parent and EA inode have the same ino 15 [ 311.712396][T10133] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1530: Parent and EA inode have the same ino 15 [ 311.892034][T10133] EXT4-fs (loop1): 1 orphan inode deleted [ 311.901040][T10133] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.830523][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.041796][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.323888][T10152] syzkaller0: entered promiscuous mode [ 314.340454][T10152] syzkaller0: entered allmulticast mode [ 315.872388][T10185] Unsupported ieee802154 address type: 0 [ 319.028360][T10202] loop3: detected capacity change from 0 to 1024 [ 319.035939][T10202] EXT4-fs: Ignoring removed nobh option [ 319.042974][T10202] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 319.173189][T10202] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1549: lblock 2 mapped to illegal pblock 2 (length 1) [ 319.200253][T10202] EXT4-fs (loop3): Remounting filesystem read-only [ 319.206793][T10202] __quota_error: 38 callbacks suppressed [ 319.206813][T10202] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 319.231715][T10202] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 319.246889][T10202] EXT4-fs (loop3): 1 orphan inode deleted [ 319.255106][T10202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.364344][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.323235][T10209] loop0: detected capacity change from 0 to 512 [ 320.331397][T10209] EXT4-fs: Ignoring removed oldalloc option [ 320.369912][T10209] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.1550: Parent and EA inode have the same ino 15 [ 320.380706][T10211] loop3: detected capacity change from 0 to 512 [ 320.391607][T10211] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 320.465895][T10209] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.1550: Parent and EA inode have the same ino 15 [ 320.480752][T10209] EXT4-fs (loop0): 1 orphan inode deleted [ 320.489607][T10209] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.495016][T10211] EXT4-fs (loop3): 1 truncate cleaned up [ 320.531798][T10211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.789988][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.872017][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.240650][T10177] syzkaller1: entered promiscuous mode [ 324.246242][T10177] syzkaller1: entered allmulticast mode [ 324.764275][T10239] Unsupported ieee802154 address type: 0 [ 326.928617][T10258] trusted_key: encrypted_key: insufficient parameters specified [ 327.249917][T10251] loop5: detected capacity change from 0 to 512 [ 327.261793][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.268265][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.011706][T10251] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 329.049410][T10251] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 329.058456][T10251] EXT4-fs: failed to create workqueue [ 329.081107][T10251] EXT4-fs (loop5): mount failed [ 329.637356][T10272] 9pnet_fd: Insufficient options for proto=fd [ 330.365294][T10269] syzkaller0: entered promiscuous mode [ 330.413790][T10269] syzkaller0: entered allmulticast mode [ 333.292524][T10309] Unsupported ieee802154 address type: 0 [ 334.664537][T10324] loop5: detected capacity change from 0 to 512 [ 334.677670][T10325] 9pnet_fd: Insufficient options for proto=fd [ 334.705434][T10324] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 334.783170][T10324] EXT4-fs (loop5): 1 truncate cleaned up [ 334.800336][T10324] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.497819][ T30] audit: type=1326 audit(1752642579.893:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 336.800299][ T30] audit: type=1326 audit(1752642580.123:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 337.643181][ T30] audit: type=1326 audit(1752642580.613:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 338.065904][ T30] audit: type=1326 audit(1752642580.613:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 338.616671][ T30] audit: type=1326 audit(1752642580.633:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 338.877795][ T30] audit: type=1326 audit(1752642580.643:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 339.148727][ T30] audit: type=1326 audit(1752642580.653:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 339.263306][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.284317][ T30] audit: type=1326 audit(1752642580.703:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 339.309190][ T30] audit: type=1326 audit(1752642580.723:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 339.332654][ T30] audit: type=1326 audit(1752642580.723:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz.2.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 339.842843][T10353] loop3: detected capacity change from 0 to 1024 [ 339.869993][T10353] EXT4-fs: Ignoring removed nobh option [ 339.906660][T10353] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 340.039442][T10350] syzkaller0: entered promiscuous mode [ 340.065179][T10350] syzkaller0: entered allmulticast mode [ 340.306513][T10353] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1592: lblock 2 mapped to illegal pblock 2 (length 1) [ 340.587335][T10353] EXT4-fs (loop3): Remounting filesystem read-only [ 340.642536][T10353] EXT4-fs (loop3): 1 orphan inode deleted [ 340.973105][T10353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.227610][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.407858][T10390] loop0: detected capacity change from 0 to 512 [ 342.424505][T10390] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 342.441741][T10390] EXT4-fs (loop0): 1 truncate cleaned up [ 342.449692][T10390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.604965][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.002470][T10439] program syz.3.1619 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 350.489520][T10446] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1620'. [ 351.358719][T10460] siw: device registration error -23 [ 351.958696][T10455] loop1: detected capacity change from 0 to 512 [ 351.966178][T10455] EXT4-fs: Ignoring removed oldalloc option [ 352.041129][T10455] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1621: Parent and EA inode have the same ino 15 [ 352.143028][T10455] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1621: Parent and EA inode have the same ino 15 [ 352.186963][T10455] EXT4-fs (loop1): 1 orphan inode deleted [ 352.195189][T10455] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.522622][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.717530][T10492] loop4: detected capacity change from 0 to 1024 [ 354.772188][T10492] EXT4-fs: Ignoring removed nobh option [ 354.791082][T10492] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 354.836414][T10492] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1632: lblock 2 mapped to illegal pblock 2 (length 1) [ 354.883497][T10504] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1637'. [ 354.948373][T10492] EXT4-fs (loop4): Remounting filesystem read-only [ 354.954973][T10492] __quota_error: 17 callbacks suppressed [ 354.954995][T10492] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 355.074201][T10492] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 355.176458][T10492] EXT4-fs (loop4): 1 orphan inode deleted [ 355.609147][T10492] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.654326][T10511] syzkaller1: entered promiscuous mode [ 355.672017][T10511] syzkaller1: entered allmulticast mode [ 355.812730][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.026468][T10512] loop3: detected capacity change from 0 to 8192 [ 356.452032][T10532] netlink: 'syz.4.1647': attribute type 12 has an invalid length. [ 356.452069][T10532] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1647'. [ 357.199099][T10539] syzkaller0: entered promiscuous mode [ 357.199137][T10539] syzkaller0: entered allmulticast mode [ 357.222132][T10549] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1652'. [ 358.266309][T10559] loop3: detected capacity change from 0 to 1024 [ 358.299488][T10559] EXT4-fs: Ignoring removed nobh option [ 358.320434][T10559] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 358.377798][T10559] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1655: lblock 2 mapped to illegal pblock 2 (length 1) [ 358.405118][T10559] EXT4-fs (loop3): Remounting filesystem read-only [ 358.418963][T10559] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 358.427192][T10559] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 358.447368][T10559] EXT4-fs (loop3): 1 orphan inode deleted [ 358.465232][T10559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.575702][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.247068][T10585] syz.5.1662: attempt to access beyond end of device [ 362.247068][T10585] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 362.260822][T10585] gfs2: error -5 reading superblock [ 364.742274][T10601] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1668'. [ 371.228941][ T30] audit: type=1326 audit(1752642615.183:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 372.733099][ T30] audit: type=1326 audit(1752642615.193:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 372.888595][ T30] audit: type=1326 audit(1752642615.223:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 372.938461][ T30] audit: type=1326 audit(1752642615.263:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 372.962106][ T30] audit: type=1326 audit(1752642615.263:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 372.984681][ T30] audit: type=1326 audit(1752642616.353:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 373.007236][ T30] audit: type=1326 audit(1752642616.383:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 373.031703][ T30] audit: type=1326 audit(1752642616.413:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 373.367451][T10640] loop4: detected capacity change from 0 to 1024 [ 374.445058][T10640] EXT4-fs: Ignoring removed nobh option [ 374.517232][T10640] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 374.622200][T10650] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1686'. [ 374.650410][T10640] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1684: lblock 2 mapped to illegal pblock 2 (length 1) [ 374.688591][T10640] EXT4-fs (loop4): Remounting filesystem read-only [ 374.729703][T10640] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 374.737897][T10640] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 374.786798][T10640] EXT4-fs (loop4): 1 orphan inode deleted [ 374.795447][T10640] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.849865][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.907016][T10669] siw: device registration error -23 [ 376.699647][T10669] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 376.706579][T10669] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 376.716818][T10669] vhci_hcd vhci_hcd.0: Device attached [ 376.796849][T10670] vhci_hcd: connection closed [ 376.807308][ T79] vhci_hcd: stop threads [ 376.832329][ T79] vhci_hcd: release socket [ 376.857750][ T79] vhci_hcd: disconnect device [ 381.149215][T10708] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1704'. [ 381.257454][T10708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1704'. [ 381.941372][T10709] 9pnet: Could not find request transport: fd0x0000000000000003 [ 382.443650][T10725] siw: device registration error -23 [ 382.504537][T10725] loop2: detected capacity change from 0 to 512 [ 382.518796][T10725] EXT4-fs: Ignoring removed oldalloc option [ 382.747561][T10725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1708: Parent and EA inode have the same ino 15 [ 383.176807][T10725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1708: Parent and EA inode have the same ino 15 [ 383.203217][T10725] EXT4-fs (loop2): 1 orphan inode deleted [ 383.211147][T10725] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.564354][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.275445][ T30] audit: type=1326 audit(1752642628.273:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.365776][ T30] audit: type=1326 audit(1752642628.273:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.449174][ T30] audit: type=1326 audit(1752642628.303:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.493618][ T30] audit: type=1326 audit(1752642628.303:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.607695][T10740] Unsupported ieee802154 address type: 0 [ 384.820618][ T30] audit: type=1326 audit(1752642628.303:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.843812][ T30] audit: type=1326 audit(1752642628.303:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 384.866937][ T30] audit: type=1326 audit(1752642628.303:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 385.797101][ T30] audit: type=1326 audit(1752642628.303:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 385.957935][ T5860] Bluetooth: hci0: link tx timeout [ 385.966205][ T30] audit: type=1326 audit(1752642628.303:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 385.988835][ T30] audit: type=1326 audit(1752642628.303:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10736 comm="syz.1.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 386.127808][T10751] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 386.143757][T10751] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 386.523654][T10746] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 386.588797][T10746] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 386.825799][T10746] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 386.847656][T10746] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 386.883463][T10746] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 386.903927][T10746] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 386.930055][T10746] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 386.948654][T10746] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 387.209515][T10746] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 387.238661][T10746] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 387.720993][T10746] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 387.732864][T10746] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 388.199581][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.206088][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.673470][T10775] xt_hashlimit: size too large, truncated to 1048576 [ 389.216711][ T5860] Bluetooth: hci2: command 0x0406 tx timeout [ 389.222808][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 389.228617][ T5860] Bluetooth: hci3: command 0x0406 tx timeout [ 389.229992][ T51] Bluetooth: hci5: command 0x0406 tx timeout [ 389.367254][T10780] loop3: detected capacity change from 0 to 512 [ 389.548044][T10780] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 389.788512][ T5860] Bluetooth: hci4: command 0x0406 tx timeout [ 389.815173][T10787] syz.1.1724: attempt to access beyond end of device [ 389.815173][T10787] nbd1: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 389.829053][T10787] gfs2: error -5 reading superblock [ 389.926255][T10790] siw: device registration error -23 [ 390.000777][T10790] loop2: detected capacity change from 0 to 512 [ 390.015926][T10790] EXT4-fs: Ignoring removed oldalloc option [ 390.679906][T10780] EXT4-fs (loop3): 1 truncate cleaned up [ 390.687619][T10780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 390.794093][T10790] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1725: Parent and EA inode have the same ino 15 [ 391.013523][T10790] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1725: Parent and EA inode have the same ino 15 [ 391.076947][T10790] EXT4-fs (loop2): 1 orphan inode deleted [ 391.097538][T10790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.438591][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 391.444712][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 391.450853][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 391.457037][ T5860] Bluetooth: hci5: command 0x0406 tx timeout [ 391.662949][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.721058][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.911217][ T5160] Bluetooth: hci4: command 0x0406 tx timeout [ 392.950990][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 392.951015][ T30] audit: type=1326 audit(1752642636.953:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.285284][ T30] audit: type=1326 audit(1752642636.953:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.314654][ T30] audit: type=1326 audit(1752642637.003:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.343157][ T30] audit: type=1326 audit(1752642637.003:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.365937][ T30] audit: type=1326 audit(1752642637.013:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.390210][T10810] Unsupported ieee802154 address type: 0 [ 393.418879][ T30] audit: type=1326 audit(1752642637.013:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.441697][ T30] audit: type=1326 audit(1752642637.013:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.465208][ T30] audit: type=1326 audit(1752642637.013:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.580581][ T30] audit: type=1326 audit(1752642637.013:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.688491][ T30] audit: type=1326 audit(1752642637.023:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10807 comm="syz.3.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 393.785246][T10818] No buffer was provided with the request [ 400.822559][T10852] siw: device registration error -23 [ 400.836446][T10852] loop2: detected capacity change from 0 to 512 [ 400.844005][T10852] EXT4-fs: Ignoring removed oldalloc option [ 401.188142][T10852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1742: Parent and EA inode have the same ino 15 [ 401.278982][T10852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.1742: Parent and EA inode have the same ino 15 [ 401.315599][T10852] EXT4-fs (loop2): 1 orphan inode deleted [ 401.323522][T10852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 401.569678][T10863] Unsupported ieee802154 address type: 0 [ 404.957061][T10879] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 404.963217][T10879] syzkaller1: linktype set to 1 [ 405.394060][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.044440][T10899] syz.4.1754: attempt to access beyond end of device [ 406.044440][T10899] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 406.057835][T10899] gfs2: error -5 reading superblock [ 406.798477][ T5947] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 407.284859][ T5947] usb 6-1: Using ep0 maxpacket: 32 [ 407.300215][ T5947] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.334635][ T5947] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 409.360464][ T5947] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 409.588439][T10911] bond_slave_1: entered promiscuous mode [ 409.738673][T10908] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1758'. [ 410.402657][ T5947] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.012059][T10908] bond0: (slave bond_slave_1): Releasing backup interface [ 411.279128][ T5947] usb 6-1: config 0 descriptor?? [ 411.319790][ T5947] usb 6-1: can't set config #0, error -71 [ 411.320736][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 411.320883][ T30] audit: type=1326 audit(1752642655.323:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 411.325920][T10909] bridge0: port 3(gretap0) entered blocking state [ 411.362859][T10909] bridge0: port 3(gretap0) entered disabled state [ 411.369665][T10909] gretap0: entered allmulticast mode [ 411.376556][T10909] gretap0: entered promiscuous mode [ 411.382630][T10909] bridge0: port 3(gretap0) entered blocking state [ 411.389734][T10909] bridge0: port 3(gretap0) entered forwarding state [ 411.520157][ T5947] usb 6-1: USB disconnect, device number 2 [ 411.571428][ T30] audit: type=1326 audit(1752642655.523:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 411.852718][T10919] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1762'. [ 411.866296][ T30] audit: type=1326 audit(1752642655.523:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 411.976783][ T30] audit: type=1326 audit(1752642655.523:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 412.274382][T10924] mkiss: ax0: crc mode is auto. [ 414.771093][ T30] audit: type=1326 audit(1752642655.533:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 415.795649][ T30] audit: type=1326 audit(1752642655.533:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 415.824244][ T30] audit: type=1326 audit(1752642655.533:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 415.847904][ T30] audit: type=1326 audit(1752642655.533:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 415.871595][ T30] audit: type=1326 audit(1752642655.533:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 415.894278][ T30] audit: type=1326 audit(1752642655.533:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10913 comm="syz.0.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f8978e929 code=0x7ffc0000 [ 416.956970][ T5926] IPVS: starting estimator thread 0... [ 417.220481][T10939] IPVS: using max 24 ests per chain, 57600 per kthread [ 417.629478][T10945] 9pnet_fd: Insufficient options for proto=fd [ 418.379416][T10944] syzkaller0: entered promiscuous mode [ 418.385095][T10944] syzkaller0: entered allmulticast mode [ 419.422567][ T55] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 419.615670][ T55] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 419.627705][ T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.658029][ T55] usb 4-1: Product: syz [ 419.680432][ T55] usb 4-1: Manufacturer: syz [ 419.700879][ T5942] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 419.709753][ T55] usb 4-1: SerialNumber: syz [ 419.781203][ T55] usb 4-1: config 0 descriptor?? [ 419.910706][ T55] ch341 4-1:0.0: ch341-uart converter detected [ 420.013025][ T5942] usb 6-1: Using ep0 maxpacket: 16 [ 420.149720][ T5942] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 420.167655][ T5942] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 420.199307][ T5942] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 420.237828][ T55] usb 4-1: failed to receive control message: -121 [ 420.245554][ T55] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121 [ 420.406204][ T5942] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.416837][ T5942] usb 6-1: Product: syz [ 420.424191][ T5942] usb 6-1: Manufacturer: syz [ 420.804126][ T5942] usb 6-1: SerialNumber: syz [ 421.441566][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.453923][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.462512][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.474952][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.483306][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.491094][ C0] raw-gadget.1 gadget.5: ignoring, device is not running [ 421.498632][ T5942] usb 6-1: 0:2 : does not exist [ 421.571777][ T5942] usb 6-1: USB disconnect, device number 3 [ 422.379821][ T48] usb 4-1: USB disconnect, device number 3 [ 422.387984][ T48] ch341 4-1:0.0: device disconnected [ 424.212111][T10999] loop5: detected capacity change from 0 to 512 [ 424.220528][T10999] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 424.257128][T10999] EXT4-fs (loop5): 1 truncate cleaned up [ 424.268640][T11003] 9pnet_fd: Insufficient options for proto=fd [ 424.270680][T10999] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 425.322303][ T48] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 425.471886][ T48] usb 2-1: device descriptor read/64, error -71 [ 425.748474][ T48] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 425.839692][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 426.065545][T11018] program syz.0.1793 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 428.582789][ T5939] kernel write not supported for file /partitions (pid: 5939 comm: kworker/0:4) [ 430.960163][ T48] usb 2-1: device descriptor read/64, error -110 [ 431.072268][ T48] usb usb2-port1: attempt power cycle [ 431.471988][T11050] loop3: detected capacity change from 0 to 512 [ 431.520783][T11050] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 432.128793][T11050] EXT4-fs (loop3): 1 truncate cleaned up [ 432.136513][T11050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 432.298749][T11063] program syz.1.1807 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 435.360993][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.448942][ T5827] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 435.678505][ T5827] usb 5-1: unable to get BOS descriptor or descriptor too short [ 435.770259][ T5827] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 435.838094][ T5827] usb 5-1: can't read configurations, error -71 [ 436.543729][T11090] syzkaller0: entered promiscuous mode [ 436.553728][T11090] syzkaller0: entered allmulticast mode [ 436.934707][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 436.934734][ T30] audit: type=1326 audit(1752642680.933:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11109 comm="syz.0.1824" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f8978e929 code=0x0 [ 439.425883][T11140] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 439.436871][T11140] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 445.135142][T11191] program syz.0.1852 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 447.207385][T11205] loop4: detected capacity change from 0 to 512 [ 447.240796][T11205] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 447.304586][T11205] EXT4-fs (loop4): 1 truncate cleaned up [ 447.312673][T11205] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 447.406061][T11217] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1859'. [ 449.648576][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.668076][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.802950][T11246] netlink: 'syz.3.1867': attribute type 11 has an invalid length. [ 451.040320][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.859259][T11268] trusted_key: syz.0.1873 sent an empty control message without MSG_MORE. [ 455.629668][T11293] loop3: detected capacity change from 0 to 512 [ 455.649756][T11293] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 455.785033][T11297] Unsupported ieee802154 address type: 0 [ 455.835847][T11293] EXT4-fs (loop3): 1 truncate cleaned up [ 455.864004][T11293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 457.161298][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.261968][T11310] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in; [ 457.261968][T11310] program syz.2.1888 not setting count and/or reply_len properly [ 460.126199][ T30] audit: type=1326 audit(1752642704.123:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.203614][ T30] audit: type=1326 audit(1752642704.123:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.358573][ T30] audit: type=1326 audit(1752642704.123:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.407940][ T30] audit: type=1326 audit(1752642704.123:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.432314][T11350] Unsupported ieee802154 address type: 0 [ 460.443665][ T30] audit: type=1326 audit(1752642704.123:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.516313][ T30] audit: type=1326 audit(1752642704.123:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.751602][ T30] audit: type=1326 audit(1752642704.123:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.774665][ T30] audit: type=1326 audit(1752642704.153:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.798120][ T30] audit: type=1326 audit(1752642704.153:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 460.879813][T11356] siw: device registration error -23 [ 461.645767][ T30] audit: type=1326 audit(1752642704.153:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.1.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb762d8e929 code=0x7ffc0000 [ 466.521366][T11394] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1916'. [ 466.582165][ T5926] IPVS: starting estimator thread 0... [ 466.688504][T11396] IPVS: using max 24 ests per chain, 57600 per kthread [ 466.760900][T11394] bond1: entered promiscuous mode [ 466.828761][T11394] bond1: entered allmulticast mode [ 466.834490][T11394] 8021q: adding VLAN 0 to HW filter on device bond1 [ 467.329045][T11404] loop2: detected capacity change from 0 to 8192 [ 469.472685][T11426] xt_hashlimit: size too large, truncated to 1048576 [ 473.820563][T11460] netlink: 'syz.4.1935': attribute type 11 has an invalid length. [ 474.844351][T11466] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in; [ 474.844351][T11466] program syz.1.1937 not setting count and/or reply_len properly [ 476.915591][T11479] netlink: 'syz.2.1940': attribute type 1 has an invalid length. [ 476.982502][T11479] netlink: 'syz.2.1940': attribute type 2 has an invalid length. [ 477.498867][ T5827] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 478.174214][T11470] vxfs: WRONG superblock magic 00000000 at 1 [ 478.181535][T11470] vxfs: WRONG superblock magic 00000000 at 8 [ 478.187531][T11470] vxfs: can't find superblock. [ 478.218509][ T5827] usb 5-1: Using ep0 maxpacket: 16 [ 478.223713][ T5827] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 478.256186][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 478.301834][ T5827] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 478.328514][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.357138][ T5827] usb 5-1: Product: syz [ 478.375136][T11495] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1949'. [ 478.378401][ T5827] usb 5-1: Manufacturer: syz [ 478.419474][ T5827] usb 5-1: SerialNumber: syz [ 478.445605][ T5827] usb 5-1: config 0 descriptor?? [ 478.532411][T11501] random: crng reseeded on system resumption [ 478.592805][T11502] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1949'. [ 479.734055][ T5827] appledisplay 5-1:0.0: Error while getting initial brightness: -32 [ 479.752369][ T5827] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -32 [ 480.014905][ T5827] usb 5-1: USB disconnect, device number 6 [ 480.560238][T11516] siw: device registration error -23 [ 480.627110][T11516] loop1: detected capacity change from 0 to 512 [ 480.641541][T11516] EXT4-fs: Ignoring removed oldalloc option [ 481.715846][T11516] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1952: Parent and EA inode have the same ino 15 [ 481.837128][T11516] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.1952: Parent and EA inode have the same ino 15 [ 481.950302][T11516] EXT4-fs (loop1): 1 orphan inode deleted [ 481.958201][T11516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 482.029293][T11528] program syz.4.1957 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 482.631851][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.158860][ T5925] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 483.370370][ T5925] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 483.582035][ T5925] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.880133][ T5925] usb 6-1: config 0 descriptor?? [ 484.121944][T11550] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in; [ 484.121944][T11550] program syz.0.1967 not setting count and/or reply_len properly [ 484.405081][ T5925] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32 [ 484.463996][ T5925] asix 6-1:0.0: probe with driver asix failed with error -32 [ 484.549479][ T5925] usb 6-1: USB disconnect, device number 4 [ 487.576664][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 487.576853][ T30] audit: type=1326 audit(1752642731.563:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11560 comm="syz.1.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb762d8e929 code=0x7fc00000 [ 488.343528][T11593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1982'. [ 488.397043][T11593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1982'. [ 488.528811][ T5926] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 488.978516][ T5926] usb 2-1: Using ep0 maxpacket: 32 [ 489.011143][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 104, changing to 10 [ 489.052211][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25701, setting to 1024 [ 489.080750][ T5926] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 489.125676][ T5926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.196373][ T5926] usb 2-1: config 0 descriptor?? [ 489.217403][T11588] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 489.250856][ T5926] hub 2-1:0.0: USB hub found [ 489.839766][ T5926] hub 2-1:0.0: 1 port detected [ 490.307720][T11622] netlink: 'syz.4.1993': attribute type 11 has an invalid length. [ 490.591231][ T5926] usb 2-1: reset high-speed USB device number 5 using dummy_hcd [ 491.460086][T11321] usb 2-1: USB disconnect, device number 5 [ 491.993751][T11648] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2002'. [ 492.606165][T11651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2002'. [ 494.229815][T11678] netlink: 'syz.3.2014': attribute type 11 has an invalid length. [ 494.438036][ T30] audit: type=1326 audit(1752642738.433:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.516089][ T30] audit: type=1326 audit(1752642738.463:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.875444][ T30] audit: type=1326 audit(1752642738.463:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.901032][ T30] audit: type=1326 audit(1752642738.463:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.924202][ T30] audit: type=1326 audit(1752642738.463:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.946984][ T30] audit: type=1326 audit(1752642738.463:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 494.991428][ T30] audit: type=1326 audit(1752642738.463:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 495.249089][ T30] audit: type=1326 audit(1752642738.473:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 495.655811][ T30] audit: type=1326 audit(1752642738.473:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 495.689942][ T30] audit: type=1326 audit(1752642738.473:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11688 comm="syz.2.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943c98e929 code=0x7ffc0000 [ 499.277635][T11725] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2025'. [ 499.331290][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2025'. [ 499.434422][T11733] 9pnet_fd: Insufficient options for proto=fd [ 499.848077][T11743] xt_hashlimit: size too large, truncated to 1048576 [ 501.362624][T11768] overlayfs: failed to resolve './file1': -2 [ 503.852859][T11784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2046'. [ 504.510956][T11797] xt_hashlimit: size too large, truncated to 1048576 [ 505.350713][T11784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2046'. [ 510.348176][T11846] xt_hashlimit: size too large, truncated to 1048576 [ 511.133451][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.158392][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.840008][T11853] 9pnet_fd: Insufficient options for proto=fd [ 512.091420][T11862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2070'. [ 512.388224][T11873] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2070'. [ 513.275822][T11872] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 516.247972][T11902] netlink: 'syz.2.2081': attribute type 11 has an invalid length. [ 516.505865][T11910] netlink: 'syz.5.2087': attribute type 11 has an invalid length. [ 517.588745][T11922] Unsupported ieee802154 address type: 0 [ 519.817291][T11946] loop0: detected capacity change from 0 to 512 [ 519.829354][T11946] EXT4-fs: Ignoring removed oldalloc option [ 520.634602][T11946] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.2098: Parent and EA inode have the same ino 15 [ 520.725782][T11946] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.2098: Parent and EA inode have the same ino 15 [ 520.775127][T11946] EXT4-fs (loop0): 1 orphan inode deleted [ 520.782895][T11946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 521.535138][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.429638][T11970] netlink: 'syz.0.2102': attribute type 11 has an invalid length. [ 522.604725][T11973] netlink: 'syz.2.2103': attribute type 11 has an invalid length. [ 523.001489][T11979] netlink: 'syz.1.2105': attribute type 11 has an invalid length. [ 524.069678][T11993] syz.2.2109: attempt to access beyond end of device [ 524.069678][T11993] nbd2: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 524.082911][T11993] gfs2: error -5 reading superblock [ 527.028909][T12006] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 527.028909][T12006] program syz.0.2112 not setting count and/or reply_len properly [ 527.972418][T12007] loop3: detected capacity change from 0 to 1024 [ 528.991893][T12007] EXT4-fs: Ignoring removed nobh option [ 529.484959][T12014] siw: device registration error -23 [ 529.530819][T12014] loop2: detected capacity change from 0 to 512 [ 529.540982][T12014] EXT4-fs: Ignoring removed oldalloc option [ 529.610282][T12007] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 529.992949][T12014] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.2114: Parent and EA inode have the same ino 15 [ 530.020068][T12007] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 530.020165][T12007] EXT4-fs: failed to create workqueue [ 530.094584][T12014] EXT4-fs error (device loop2): ext4_xattr_inode_iget:432: comm syz.2.2114: Parent and EA inode have the same ino 15 [ 530.115553][T12014] EXT4-fs (loop2): 1 orphan inode deleted [ 530.116227][T12007] EXT4-fs (loop3): mount failed [ 530.123841][T12014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 530.488239][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.772717][ T5946] sched: DL replenish lagged too much [ 538.576167][T12046] xt_hashlimit: size too large, truncated to 1048576 [ 539.182171][T12049] netlink: 'syz.2.2122': attribute type 11 has an invalid length. [ 540.173829][T12057] syz.3.2127: attempt to access beyond end of device [ 540.173829][T12057] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 540.187182][T12057] gfs2: error -5 reading superblock [ 540.491568][T12065] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2129'. [ 541.162312][T12067] netlink: 'syz.4.2128': attribute type 10 has an invalid length. [ 541.175275][T12067] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2128'. [ 541.184615][T12067] team0: entered promiscuous mode [ 541.189945][T12067] team_slave_0: entered promiscuous mode [ 541.213473][T12067] team_slave_1: entered promiscuous mode [ 541.223533][T12067] team0: entered allmulticast mode [ 541.229065][T12067] team_slave_0: entered allmulticast mode [ 541.234935][T12067] team_slave_1: entered allmulticast mode [ 541.254243][T12067] bridge0: port 3(team0) entered blocking state [ 541.263217][T12067] bridge0: port 3(team0) entered disabled state [ 541.420334][T12067] bridge0: port 3(team0) entered blocking state [ 541.427016][T12067] bridge0: port 3(team0) entered forwarding state [ 542.499512][ T5860] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 542.515197][ T5860] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 542.527761][ T5860] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 542.547874][ T5860] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 542.562105][ T5860] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 543.368758][T12074] lo speed is unknown, defaulting to 1000 [ 543.984161][T12074] chnl_net:caif_netlink_parms(): no params data found [ 544.668558][ T5860] Bluetooth: hci6: command tx timeout [ 547.301100][ T5860] Bluetooth: hci6: command tx timeout [ 547.355994][ T60] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.816521][T12140] program syz.3.2150 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 549.433996][ T5860] Bluetooth: hci6: command tx timeout [ 549.871881][ T60] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.848703][T12074] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.855881][T12074] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.888044][T12074] bridge_slave_0: entered allmulticast mode [ 551.240646][T12074] bridge_slave_0: entered promiscuous mode [ 551.298989][T12074] bridge0: port 2(bridge_slave_1) entered blocking state [ 551.306232][T12074] bridge0: port 2(bridge_slave_1) entered disabled state [ 551.428879][T12074] bridge_slave_1: entered allmulticast mode [ 551.468569][ T5860] Bluetooth: hci6: command tx timeout [ 551.477121][T12074] bridge_slave_1: entered promiscuous mode [ 552.224560][ T60] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 552.827254][T12184] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 552.836398][T12184] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 553.325736][ T60] bond0: (slave netdevsim0): Releasing backup interface [ 553.427675][T12191] netlink: 'syz.1.2164': attribute type 11 has an invalid length. [ 553.525740][ T60] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 554.440084][T12074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 554.895808][T12074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 554.972577][T12210] netlink: 'syz.4.2165': attribute type 11 has an invalid length. [ 555.404669][T12208] loop3: detected capacity change from 0 to 512 [ 556.155424][T12210] vivid-000: kernel_thread() failed [ 556.194836][T12208] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 557.352446][T12208] EXT4-fs (loop3): 1 truncate cleaned up [ 557.360860][T12208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 558.965455][T12074] team0: Port device team_slave_0 added [ 559.132509][T12230] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 559.132509][T12230] program syz.1.2169 not setting count and/or reply_len properly [ 559.676543][T12074] team0: Port device team_slave_1 added [ 559.680711][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 561.677337][T12074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 561.706445][T12074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 561.732533][ C1] vkms_vblank_simulate: vblank timer overrun [ 561.918370][T12249] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 561.929750][T12249] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 562.151163][T12074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 562.243154][T12074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 562.251272][T12074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 562.476341][T12074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 562.708079][ T60] batadv1: left allmulticast mode [ 562.969332][ T60] batadv1: left promiscuous mode [ 563.024828][ T60] bridge0: port 3(batadv1) entered disabled state [ 563.165993][T12259] netlink: 'syz.1.2179': attribute type 11 has an invalid length. [ 563.393659][ T60] bridge_slave_1: left allmulticast mode [ 563.436704][ T60] bridge_slave_1: left promiscuous mode [ 563.475751][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 563.544595][T12271] syz.2.2185: attempt to access beyond end of device [ 563.544595][T12271] nbd2: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 563.558601][T12271] gfs2: error -5 reading superblock [ 564.183115][T12270] loop0: detected capacity change from 0 to 512 [ 564.220815][T12270] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 564.255334][ T60] bridge_slave_0: left allmulticast mode [ 564.271768][T12270] EXT4-fs (loop0): 1 truncate cleaned up [ 564.281545][ T60] bridge_slave_0: left promiscuous mode [ 564.307732][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 564.317655][T12270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.984027][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.727971][T12294] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2191'. [ 566.816156][T11321] IPVS: starting estimator thread 0... [ 566.909587][T12299] IPVS: using max 22 ests per chain, 52800 per kthread [ 567.665735][T12306] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 567.677249][T12306] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 568.462768][T12318] program syz.0.2199 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 569.803660][T12329] loop2: detected capacity change from 0 to 512 [ 569.845542][T12329] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 569.913836][T12329] EXT4-fs (loop2): 1 truncate cleaned up [ 570.816063][T12329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 571.843658][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.517797][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.524983][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.040957][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 573.122616][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 573.160620][ T60] bond0 (unregistering): Released all slaves [ 574.316555][T12074] hsr_slave_0: entered promiscuous mode [ 574.341626][T12074] hsr_slave_1: entered promiscuous mode [ 575.342684][T12373] 9pnet_fd: Insufficient options for proto=fd [ 575.633328][T12381] loop2: detected capacity change from 0 to 512 [ 575.668492][T12381] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 576.357879][T12381] EXT4-fs (loop2): 1 truncate cleaned up [ 576.711416][T12381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 578.381115][ T60] hsr_slave_0: left promiscuous mode [ 578.535703][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.791510][ T60] hsr_slave_1: left promiscuous mode [ 578.949244][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 579.227404][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 579.302227][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 579.326525][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 580.477038][ T60] veth1_macvtap: left promiscuous mode [ 580.518956][ T60] veth0_macvtap: left promiscuous mode [ 580.524785][ T60] veth1_vlan: left promiscuous mode [ 580.554225][ T60] veth0_vlan: left promiscuous mode [ 581.883936][T12421] 9pnet_fd: Insufficient options for proto=fd [ 581.948482][T12426] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 581.959249][T12426] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 582.620507][T12430] process 'syz.0.2231' launched './file0' with NULL argv: empty string added [ 583.763160][T12437] loop4: detected capacity change from 0 to 512 [ 584.046665][T12437] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 584.476157][T12437] EXT4-fs (loop4): 1 truncate cleaned up [ 584.886906][T12437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 585.950913][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.331089][T12488] 9pnet_fd: Insufficient options for proto=fd [ 589.466563][ T60] team0 (unregistering): Port device team_slave_1 removed [ 591.240032][ T60] team0 (unregistering): Port device team_slave_0 removed [ 592.169348][T12510] netlink: 'syz.2.2250': attribute type 11 has an invalid length. [ 592.342115][T12509] loop1: detected capacity change from 0 to 512 [ 592.400063][T12509] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 592.488313][T12509] EXT4-fs (loop1): 1 truncate cleaned up [ 592.499490][T12509] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 593.456160][ T5926] IPVS: starting estimator thread 0... [ 593.464534][T12518] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 593.505139][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.525669][T12518] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2253'. [ 593.589342][T12520] IPVS: using max 29 ests per chain, 69600 per kthread [ 596.666690][T12545] program syz.3.2260 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 596.910802][T12550] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2261'. [ 597.693139][T12429] 8021q: VLANs not supported on ipvlan1 [ 597.869942][T12487] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2243'. [ 598.147199][T12558] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 598.153824][T12558] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 598.180378][T12557] loop3: detected capacity change from 0 to 512 [ 598.208447][T12557] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 598.269817][T12558] vhci_hcd vhci_hcd.0: Device attached [ 598.350138][T12557] EXT4-fs (loop3): 1 truncate cleaned up [ 598.400714][T12557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 598.851604][T11321] usb 38-1: SetAddress Request (2) to port 0 [ 599.036040][T11321] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 599.052096][T12559] vhci_hcd: connection closed [ 599.111576][T12561] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 599.313948][ T5160] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 599.324315][ T5160] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 599.334462][ T5160] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 599.349167][ T5160] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 599.358808][ T5160] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 599.424480][T12575] lo speed is unknown, defaulting to 1000 [ 599.462660][T10186] vhci_hcd: stop threads [ 599.498745][T10186] vhci_hcd: release socket [ 599.504995][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.534080][T10186] vhci_hcd: disconnect device [ 600.198511][T12585] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 600.207294][T12585] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 600.718815][T12596] netlink: 'syz.3.2270': attribute type 11 has an invalid length. [ 601.388673][ T5160] Bluetooth: hci1: command tx timeout [ 602.479826][T12614] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2275'. [ 603.486833][ T5160] Bluetooth: hci1: command tx timeout [ 603.581554][T12575] chnl_net:caif_netlink_parms(): no params data found [ 604.198697][T11321] usb 38-1: device descriptor read/8, error -110 [ 604.777481][ T5860] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 604.789499][ T5860] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 604.789711][T12626] loop3: detected capacity change from 0 to 512 [ 604.799066][ T5860] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 604.857916][ T5860] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 604.867375][T11321] usb usb38-port1: attempt power cycle [ 604.877499][ T5860] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 604.922360][T12626] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 605.248146][T12626] EXT4-fs (loop3): 1 truncate cleaned up [ 605.503765][T12626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 605.548492][ T5860] Bluetooth: hci1: command tx timeout [ 606.566702][T12649] loop4: detected capacity change from 0 to 512 [ 606.574299][T12649] EXT4-fs: Ignoring removed oldalloc option [ 607.131653][T12575] bridge0: port 1(bridge_slave_0) entered blocking state [ 607.145618][ T5860] Bluetooth: hci2: command tx timeout [ 607.152060][T12575] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.629367][ T5860] Bluetooth: hci1: command tx timeout [ 607.710903][T11321] usb usb38-port1: unable to enumerate USB device [ 607.717950][T12575] bridge_slave_0: entered allmulticast mode [ 607.749854][ T5852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 607.751832][T12575] bridge_slave_0: entered promiscuous mode [ 607.775858][T12649] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.2281: Parent and EA inode have the same ino 15 [ 607.866720][T12649] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.2281: Parent and EA inode have the same ino 15 [ 607.899047][T12649] EXT4-fs (loop4): 1 orphan inode deleted [ 607.907171][T12649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 608.044460][T12575] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.061809][T12575] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.078763][T12575] bridge_slave_1: entered allmulticast mode [ 608.090604][T12575] bridge_slave_1: entered promiscuous mode [ 608.187027][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 608.423058][T12627] lo speed is unknown, defaulting to 1000 [ 608.425508][T12575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 608.565760][T12667] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2287'. [ 608.592342][T12575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 608.603477][ T60] IPVS: stop unused estimator thread 0... [ 609.002270][T12575] team0: Port device team_slave_0 added [ 609.091832][T12575] team0: Port device team_slave_1 added [ 609.228525][ T5860] Bluetooth: hci2: command tx timeout [ 609.527616][T12685] loop4: detected capacity change from 0 to 512 [ 609.538235][T12685] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 609.574123][T12575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 609.615052][T12575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 609.661634][T12685] EXT4-fs (loop4): 1 truncate cleaned up [ 609.719694][T12685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 609.739013][T12575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 610.705913][T12696] netlink: 'syz.1.2293': attribute type 11 has an invalid length. [ 610.809183][ T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.859716][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.899445][T12575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 610.918835][T12575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 611.018438][T12575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 611.029817][T12679] siw: device registration error -23 [ 611.308512][ T5860] Bluetooth: hci2: command tx timeout [ 611.512403][ T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.558292][ T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.930299][T12575] hsr_slave_0: entered promiscuous mode [ 612.937245][T12575] hsr_slave_1: entered promiscuous mode [ 612.957361][T12575] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 612.966915][T12575] Cannot create hsr debugfs directory [ 613.247624][T12738] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 613.247624][T12738] program syz.3.2302 not setting count and/or reply_len properly [ 613.390138][ T5860] Bluetooth: hci2: command tx timeout [ 615.119226][T12749] loop2: detected capacity change from 0 to 512 [ 616.038927][T12749] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 616.227175][T12749] EXT4-fs (loop2): 1 truncate cleaned up [ 616.235698][T12749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 616.250639][ T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 617.155750][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.263434][T12627] chnl_net:caif_netlink_parms(): no params data found [ 618.070914][T12769] netlink: 'syz.2.2308': attribute type 11 has an invalid length. [ 623.316184][ T60] bridge_slave_1: left allmulticast mode [ 623.322609][ T60] bridge_slave_1: left promiscuous mode [ 623.339523][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.429745][ T60] bridge_slave_0: left allmulticast mode [ 623.435497][ T60] bridge_slave_0: left promiscuous mode [ 623.445148][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.502538][ T60] bridge_slave_1: left allmulticast mode [ 623.503459][T12800] loop4: detected capacity change from 0 to 512 [ 623.530182][ T60] bridge_slave_1: left promiscuous mode [ 623.536155][T12800] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 623.546250][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.771020][ T60] bridge_slave_0: left allmulticast mode [ 623.777034][ T60] bridge_slave_0: left promiscuous mode [ 623.784509][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 624.889401][T12800] EXT4-fs (loop4): 1 truncate cleaned up [ 625.104734][T12800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 626.327299][T12816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 626.465975][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 626.801552][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 626.835559][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 626.874368][ T60] bond0 (unregistering): Released all slaves [ 633.114630][T12857] loop1: detected capacity change from 0 to 512 [ 633.123069][T12857] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 633.196013][T12857] EXT4-fs (loop1): 1 truncate cleaned up [ 633.222004][T12857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 633.252386][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 633.277764][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 633.292106][ T60] bond0 (unregistering): Released all slaves [ 633.959909][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 633.966287][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.301707][T12627] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.311548][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.343235][T12627] bridge0: port 1(bridge_slave_0) entered disabled state [ 634.374992][T12627] bridge_slave_0: entered allmulticast mode [ 634.410536][T12627] bridge_slave_0: entered promiscuous mode [ 634.442437][T12627] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.486909][T12627] bridge0: port 2(bridge_slave_1) entered disabled state [ 634.508047][T12627] bridge_slave_1: entered allmulticast mode [ 634.521299][T12627] bridge_slave_1: entered promiscuous mode [ 634.952892][T12879] loop1: detected capacity change from 0 to 512 [ 634.960363][T12879] EXT4-fs: Ignoring removed oldalloc option [ 636.559272][T12879] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2338: Parent and EA inode have the same ino 15 [ 636.659995][T12879] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2338: Parent and EA inode have the same ino 15 [ 636.687745][T12879] EXT4-fs (loop1): 1 orphan inode deleted [ 636.756095][T12879] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 637.350011][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 637.604796][T12627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 637.897273][T12627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 638.084614][T12575] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 638.132222][T12899] fuse: Invalid rootmode [ 639.149293][T12904] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 639.149293][T12904] program syz.3.2348 not setting count and/or reply_len properly [ 640.448248][T12575] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 641.016642][ T60] hsr_slave_0: left promiscuous mode [ 641.028755][ T60] hsr_slave_1: left promiscuous mode [ 641.038207][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 641.064971][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 641.104578][ T60] hsr_slave_0: left promiscuous mode [ 641.128516][ T60] hsr_slave_1: left promiscuous mode [ 641.146589][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 641.201616][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 641.396207][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 641.422771][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 641.571661][T12922] loop1: detected capacity change from 0 to 512 [ 641.585395][T12922] EXT4-fs: Ignoring removed oldalloc option [ 641.798549][T12922] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2354: Parent and EA inode have the same ino 15 [ 642.170835][T12922] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2354: Parent and EA inode have the same ino 15 [ 642.194585][T12922] EXT4-fs (loop1): 1 orphan inode deleted [ 642.202545][T12922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 642.247665][ T60] veth1_macvtap: left promiscuous mode [ 642.253531][ T60] veth0_macvtap: left promiscuous mode [ 642.268603][ T60] veth1_vlan: left promiscuous mode [ 642.274013][ T60] veth0_vlan: left promiscuous mode [ 642.470647][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 642.659079][T12165] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 642.964937][T12165] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 643.011219][T12165] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.093591][T12165] usb 5-1: config 0 descriptor?? [ 643.334878][T12165] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 643.363316][T12165] asix 5-1:0.0: probe with driver asix failed with error -71 [ 643.389593][T12165] usb 5-1: USB disconnect, device number 7 [ 644.405216][T12943] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 644.531405][ T60] team0 (unregistering): Port device team_slave_1 removed [ 644.670165][ T60] team0 (unregistering): Port device team_slave_0 removed [ 644.768966][T12947] netlink: 'syz.3.2361': attribute type 11 has an invalid length. [ 645.499645][T12947] vivid-000: kernel_thread() failed [ 648.024441][ T5942] IPVS: starting estimator thread 0... [ 648.148568][T12966] IPVS: using max 22 ests per chain, 52800 per kthread [ 650.022448][ T60] team0 (unregistering): Port device team_slave_1 removed [ 650.359778][ T60] team0 (unregistering): Port device team_slave_0 removed [ 650.990070][T12992] random: crng reseeded on system resumption [ 652.409230][T12627] team0: Port device team_slave_0 added [ 652.424472][T12575] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 652.465868][T12575] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 652.493043][ T55] lo speed is unknown, defaulting to 1000 [ 652.513663][ T55] infiniband syz0: ib_query_port failed (-19) [ 652.583925][T12627] team0: Port device team_slave_1 added [ 653.077697][T12627] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 653.102634][T12627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.363880][T12627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 653.380816][T12627] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 653.387950][T12627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.468028][T12627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 653.870839][T13022] netlink: 'syz.2.2381': attribute type 11 has an invalid length. [ 654.248519][ T5942] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 654.411768][T12627] hsr_slave_0: entered promiscuous mode [ 654.455487][ T5942] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x41, changing to 0x1 [ 654.572711][T12627] hsr_slave_1: entered promiscuous mode [ 654.578845][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 654.660951][ T5942] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 654.736703][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 654.804655][ T5942] usb 5-1: Product: syz [ 654.818299][ T5942] usb 5-1: Manufacturer: syz [ 654.853235][ T5942] usb 5-1: SerialNumber: syz [ 654.909474][ T5942] usb 5-1: config 0 descriptor?? [ 654.940493][ T5942] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0201 [ 655.218785][ T5942] usb 5-1: USB disconnect, device number 8 [ 656.986049][T12575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 657.034193][ T60] IPVS: stop unused estimator thread 0... [ 657.108131][T12575] 8021q: adding VLAN 0 to HW filter on device team0 [ 658.488128][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.495401][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 659.023174][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.030406][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 659.224305][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.230724][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.238833][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.254202][T13059] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 659.284631][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.292157][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.299820][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.307395][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.315220][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.323076][T13059] wg1 speed is unknown, defaulting to 1000 [ 659.421120][T12627] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 659.506958][T12627] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 662.380253][ T5160] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 662.415408][ T5160] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 662.427331][ T5160] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 662.450005][ T5160] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 662.469839][ T5160] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 664.362987][ T5860] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 664.384588][ T5860] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 664.417901][ T5860] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 664.426780][ T5860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 664.435809][ T5860] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 664.568950][T13085] wg1 speed is unknown, defaulting to 1000 [ 664.588565][ T5160] Bluetooth: hci6: command tx timeout [ 664.861094][T13095] wg1 speed is unknown, defaulting to 1000 [ 666.508566][ T5160] Bluetooth: hci1: command tx timeout [ 666.674149][ T5160] Bluetooth: hci6: command tx timeout [ 668.050369][T13121] netlink: 'syz.4.2409': attribute type 9 has an invalid length. [ 668.065056][T13121] netlink: 212160 bytes leftover after parsing attributes in process `syz.4.2409'. [ 668.592248][ T5160] Bluetooth: hci1: command tx timeout [ 668.748783][ T5160] Bluetooth: hci6: command tx timeout [ 669.035897][T13133] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2413'. [ 669.869708][T13085] chnl_net:caif_netlink_parms(): no params data found [ 670.164979][T13095] chnl_net:caif_netlink_parms(): no params data found [ 670.231797][ T79] bridge_slave_1: left allmulticast mode [ 670.253309][ T79] bridge_slave_1: left promiscuous mode [ 670.278766][ T79] bridge0: port 2(bridge_slave_1) entered disabled state [ 670.388980][ T79] bridge_slave_0: left allmulticast mode [ 670.521532][ T79] bridge_slave_0: left promiscuous mode [ 670.668632][ T5160] Bluetooth: hci1: command tx timeout [ 670.828485][ T5160] Bluetooth: hci6: command tx timeout [ 670.998674][ T79] bridge0: port 1(bridge_slave_0) entered disabled state [ 672.318450][T13162] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 672.334430][T13162] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2420'. [ 672.748664][ T5160] Bluetooth: hci1: command tx timeout [ 673.467353][T13176] netlink: 'syz.2.2426': attribute type 11 has an invalid length. [ 674.303718][T13182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2427'. [ 675.100294][ T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 675.220257][ T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 675.251454][ T79] bond0 (unregistering): Released all slaves [ 675.632220][ T79] hsr_slave_0: left promiscuous mode [ 675.653744][ T79] hsr_slave_1: left promiscuous mode [ 675.671169][ T79] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 675.925314][ T79] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 676.672814][T13194] random: crng reseeded on system resumption [ 680.148719][ T79] team0 (unregistering): Port device team_slave_1 removed [ 680.245230][ T79] team0 (unregistering): Port device team_slave_0 removed [ 681.129221][T13222] Falling back ldisc for ttyprintk. [ 681.564676][T13085] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.576399][T13085] bridge0: port 1(bridge_slave_0) entered disabled state [ 681.585150][T13085] bridge_slave_0: entered allmulticast mode [ 681.608207][T13085] bridge_slave_0: entered promiscuous mode [ 681.838217][T13085] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.855844][T13085] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.870247][T13085] bridge_slave_1: entered allmulticast mode [ 681.896984][T13085] bridge_slave_1: entered promiscuous mode [ 682.233507][T13237] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 682.242775][T13237] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 683.492527][T13085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 683.596919][T13085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 684.114443][T13085] team0: Port device team_slave_0 added [ 684.898878][T13085] team0: Port device team_slave_1 added [ 685.145502][T13095] bridge0: port 1(bridge_slave_0) entered blocking state [ 685.185327][T13095] bridge0: port 1(bridge_slave_0) entered disabled state [ 685.225295][T13095] bridge_slave_0: entered allmulticast mode [ 685.281008][T13095] bridge_slave_0: entered promiscuous mode [ 685.320625][T13095] bridge0: port 2(bridge_slave_1) entered blocking state [ 685.347660][T13095] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.366408][T13095] bridge_slave_1: entered allmulticast mode [ 685.383124][T13095] bridge_slave_1: entered promiscuous mode [ 686.991466][T13085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 687.007695][T13085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 687.088534][T13085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 687.126885][T13085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 687.150741][T13085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 687.221730][T13085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 687.796314][T13095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 687.941561][T13095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 688.491236][T13085] hsr_slave_0: entered promiscuous mode [ 688.538055][T13085] hsr_slave_1: entered promiscuous mode [ 688.552597][T13085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 688.561784][T13085] Cannot create hsr debugfs directory [ 689.946503][T13095] team0: Port device team_slave_0 added [ 690.445586][T13095] team0: Port device team_slave_1 added [ 691.289061][T13315] random: crng reseeded on system resumption [ 691.479886][T13315] Restarting kernel threads ... [ 691.485984][T13315] Done restarting kernel threads. [ 692.230920][T13095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 692.248744][T13095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 692.345189][T13095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 693.308974][T13095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 693.315969][T13095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 693.442076][T13095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 694.304720][T13095] hsr_slave_0: entered promiscuous mode [ 694.326850][T13095] hsr_slave_1: entered promiscuous mode [ 694.340413][T13095] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 694.348211][T13095] Cannot create hsr debugfs directory [ 695.395066][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 695.403499][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 697.117303][T13346] siw: device registration error -23 [ 697.405539][ T79] bridge_slave_1: left allmulticast mode [ 697.421073][ T79] bridge_slave_1: left promiscuous mode [ 697.443119][ T79] bridge0: port 2(bridge_slave_1) entered disabled state [ 697.502735][ T79] bridge_slave_0: left allmulticast mode [ 697.517641][ T79] bridge_slave_0: left promiscuous mode [ 697.536972][ T79] bridge0: port 1(bridge_slave_0) entered disabled state [ 698.354642][T13355] program syz.1.2484 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 699.185508][ T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 699.197353][ T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 699.213514][ T79] bond0 (unregistering): Released all slaves [ 700.150137][ T79] hsr_slave_0: left promiscuous mode [ 700.157554][ T79] hsr_slave_1: left promiscuous mode [ 700.486180][ T79] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 700.727503][ T79] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 701.961365][ T79] team0 (unregistering): Port device team_slave_1 removed [ 702.047767][ T79] team0 (unregistering): Port device team_slave_0 removed [ 704.381953][T13392] siw: device registration error -23 [ 707.433693][T13085] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 707.456914][T13085] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 707.484183][T13085] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 707.543607][T13440] pimreg: entered allmulticast mode [ 707.566957][T13085] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 707.612306][T13440] pimreg: left allmulticast mode [ 708.018193][T13095] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 708.481436][T13458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 708.849864][T13095] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 708.983472][T13095] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 709.036446][T13095] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 710.575571][T13085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 710.714998][T13095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 710.887101][T13085] 8021q: adding VLAN 0 to HW filter on device team0 [ 711.040356][T10186] bridge0: port 1(bridge_slave_0) entered blocking state [ 711.047716][T10186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 711.089693][T13095] 8021q: adding VLAN 0 to HW filter on device team0 [ 711.121918][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 711.129138][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 711.247317][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 711.254570][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 711.502546][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 711.509908][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 711.914716][T13492] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2526'. [ 713.661855][T13502] netlink: 'syz.2.2529': attribute type 11 has an invalid length. [ 714.836747][T13513] tipc: Started in network mode [ 714.864033][T13513] tipc: Node identity de7f5bf769ac, cluster identity 4711 [ 714.945849][T13513] tipc: Enabled bearer , priority 0 [ 715.041994][T13513] tipc: Resetting bearer [ 715.235315][T13512] tipc: Disabling bearer [ 715.275387][T13095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 715.323846][T13085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 718.549562][T13554] affs: No valid root block on device nullb0 [ 720.364672][T13563] netlink: 'syz.1.2542': attribute type 1 has an invalid length. [ 723.353509][T13582] netlink: 'syz.4.2547': attribute type 11 has an invalid length. [ 723.615167][T13587] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 723.639158][T13587] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 723.651315][T13587] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 723.660219][T13587] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 723.667951][T13587] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 724.742054][T13585] wg1 speed is unknown, defaulting to 1000 [ 725.159293][ T5160] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 725.180361][ T5160] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 725.190423][ T5160] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 725.206966][ T5160] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 725.440718][ T5160] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 725.557116][T13604] siw: device registration error -23 [ 725.619994][T13604] loop4: detected capacity change from 0 to 512 [ 725.634913][T13604] EXT4-fs: Ignoring removed oldalloc option [ 725.708450][T13587] Bluetooth: hci2: command tx timeout [ 725.901468][T13604] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.2552: Parent and EA inode have the same ino 15 [ 726.210035][T13604] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.2552: Parent and EA inode have the same ino 15 [ 726.228209][T13604] EXT4-fs (loop4): 1 orphan inode deleted [ 726.236031][T13604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 726.612662][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.767267][T13614] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 726.838009][T13597] wg1 speed is unknown, defaulting to 1000 [ 727.709259][ T5160] Bluetooth: hci1: command tx timeout [ 727.790734][ T5160] Bluetooth: hci2: command tx timeout [ 729.040158][T13638] netlink: 'syz.3.2562': attribute type 11 has an invalid length. [ 729.100859][T13585] chnl_net:caif_netlink_parms(): no params data found [ 729.789131][ T5160] Bluetooth: hci1: command tx timeout [ 729.889719][ T5160] Bluetooth: hci2: command tx timeout [ 730.725739][ T60] bridge_slave_1: left allmulticast mode [ 730.738665][ T60] bridge_slave_1: left promiscuous mode [ 730.744854][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.806365][ T60] bridge_slave_0: left allmulticast mode [ 730.812525][ T60] bridge_slave_0: left promiscuous mode [ 730.829608][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 732.392537][T13587] Bluetooth: hci2: command tx timeout [ 732.398056][ T5160] Bluetooth: hci1: command tx timeout [ 732.502696][T13661] siw: device registration error -23 [ 732.526193][T13659] loop1: detected capacity change from 0 to 512 [ 732.533678][T13659] EXT4-fs: Ignoring removed oldalloc option [ 733.081575][T13659] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2568: Parent and EA inode have the same ino 15 [ 733.188234][T13659] EXT4-fs error (device loop1): ext4_xattr_inode_iget:432: comm syz.1.2568: Parent and EA inode have the same ino 15 [ 733.201507][T13659] EXT4-fs (loop1): 1 orphan inode deleted [ 733.209342][T13659] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 733.490083][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.264692][T13677] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 734.436193][ T5160] Bluetooth: hci1: command tx timeout [ 734.802781][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 734.832416][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 734.877828][ T60] bond0 (unregistering): Released all slaves [ 734.925009][T13597] chnl_net:caif_netlink_parms(): no params data found [ 735.518750][ T60] hsr_slave_0: left promiscuous mode [ 735.545362][ T60] hsr_slave_1: left promiscuous mode [ 735.559364][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 735.600938][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 736.674225][T13708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 736.749529][T13707] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2581'. [ 737.427374][T13712] loop2: detected capacity change from 0 to 8192 [ 737.478250][ T60] team0 (unregistering): Port device team_slave_1 removed [ 738.053618][ T60] team0 (unregistering): Port device team_slave_0 removed [ 740.736998][T13735] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2591'. [ 741.885938][T13585] bridge0: port 1(bridge_slave_0) entered blocking state [ 741.898825][T13585] bridge0: port 1(bridge_slave_0) entered disabled state [ 741.906126][T13585] bridge_slave_0: entered allmulticast mode [ 741.937786][T13585] bridge_slave_0: entered promiscuous mode [ 741.977597][T13585] bridge0: port 2(bridge_slave_1) entered blocking state [ 742.000143][T13585] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.007599][T13585] bridge_slave_1: entered allmulticast mode [ 742.022322][T13585] bridge_slave_1: entered promiscuous mode [ 742.378986][T13750] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 743.153724][T13750] Falling back ldisc for ttyprintk. [ 743.943754][T13585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.086963][T13585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 745.017021][T13771] netlink: 'syz.2.2600': attribute type 11 has an invalid length. [ 745.995336][T13585] team0: Port device team_slave_0 added [ 746.011670][T13597] bridge0: port 1(bridge_slave_0) entered blocking state [ 746.021211][T13597] bridge0: port 1(bridge_slave_0) entered disabled state [ 746.029802][T13597] bridge_slave_0: entered allmulticast mode [ 746.038296][T13597] bridge_slave_0: entered promiscuous mode [ 746.069871][T13597] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.029506][T13597] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.062050][T13597] bridge_slave_1: entered allmulticast mode [ 747.107031][T13597] bridge_slave_1: entered promiscuous mode [ 747.136483][T13585] team0: Port device team_slave_1 added [ 749.203879][T13597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 749.218968][T13585] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 749.225963][T13585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 749.329472][T13585] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 749.354897][T13787] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 749.354897][T13787] program syz.3.2605 not setting count and/or reply_len properly [ 749.474054][T13597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 749.494171][T13585] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 749.507397][T13585] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 749.542774][T13585] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 749.832902][T13597] team0: Port device team_slave_0 added [ 749.874941][T13597] team0: Port device team_slave_1 added [ 750.781202][T13597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 750.815932][T13597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 750.968244][T13597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 751.850221][T13585] hsr_slave_0: entered promiscuous mode [ 751.857261][T13585] hsr_slave_1: entered promiscuous mode [ 751.872912][T13597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 751.884648][T13597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.968822][T13597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 752.432698][T13597] hsr_slave_0: entered promiscuous mode [ 752.453718][T13597] hsr_slave_1: entered promiscuous mode [ 752.483099][T13597] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 752.492502][T13597] Cannot create hsr debugfs directory [ 752.568576][ T5925] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 752.740664][ T5925] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 752.778011][ T5925] usb 2-1: config 0 has no interfaces? [ 752.824018][ T5925] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 752.879590][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.991970][ T5925] usb 2-1: config 0 descriptor?? [ 753.235651][ T5947] usb 2-1: USB disconnect, device number 6 [ 755.500565][ T60] bridge_slave_1: left allmulticast mode [ 755.513136][ T60] bridge_slave_1: left promiscuous mode [ 755.600210][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 755.660438][ T60] bridge_slave_0: left allmulticast mode [ 755.666280][ T60] bridge_slave_0: left promiscuous mode [ 755.706756][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 755.748094][T13845] netlink: 'syz.2.2627': attribute type 11 has an invalid length. [ 756.833731][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 756.840326][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.776271][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 758.791025][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 758.803738][ T60] bond0 (unregistering): Released all slaves [ 759.940697][ T60] hsr_slave_0: left promiscuous mode [ 760.056073][ T60] hsr_slave_1: left promiscuous mode [ 760.066578][T13878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 760.076891][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 760.100450][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 763.340638][T13887] loop3: detected capacity change from 0 to 8192 [ 763.854658][ T60] team0 (unregistering): Port device team_slave_1 removed [ 765.612183][ T60] team0 (unregistering): Port device team_slave_0 removed [ 767.238270][ T30] kauditd_printk_skb: 35 callbacks suppressed [ 767.238297][ T30] audit: type=1326 audit(1752643011.223:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 767.266851][ C0] vkms_vblank_simulate: vblank timer overrun [ 769.695230][ T30] audit: type=1326 audit(1752643011.223:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 769.717861][ C0] vkms_vblank_simulate: vblank timer overrun [ 769.786353][ T30] audit: type=1326 audit(1752643011.223:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 769.813078][ T30] audit: type=1326 audit(1752643011.223:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 769.878638][ T30] audit: type=1326 audit(1752643011.223:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 769.941533][ T30] audit: type=1326 audit(1752643011.223:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 770.045635][ T30] audit: type=1326 audit(1752643011.223:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 770.278416][T13916] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 770.604256][ T30] audit: type=1326 audit(1752643011.223:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f9a2318e929 code=0x7ffc0000 [ 770.626869][ T30] audit: type=1326 audit(1752643011.243:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9a2318e963 code=0x7ffc0000 [ 770.669376][ T30] audit: type=1326 audit(1752643011.243:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.3.2645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9a2318e963 code=0x7ffc0000 [ 770.724706][T13585] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 770.752544][T13585] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 770.764353][T13585] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 770.865453][T13585] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 771.297497][T13929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 771.999103][T13585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 772.194432][T13585] 8021q: adding VLAN 0 to HW filter on device team0 [ 772.438172][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.445478][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 774.208585][T13597] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 774.253137][T13597] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 774.342724][T13597] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 774.392539][T13597] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 774.494038][T13947] affs: No valid root block on device nullb0 [ 775.270280][ T6092] bridge0: port 2(bridge_slave_1) entered blocking state [ 775.277511][ T6092] bridge0: port 2(bridge_slave_1) entered forwarding state [ 776.495550][T13597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 777.101002][T13597] 8021q: adding VLAN 0 to HW filter on device team0 [ 777.169941][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 777.177201][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 777.323122][T10186] bridge0: port 2(bridge_slave_1) entered blocking state [ 777.330438][T10186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 778.634120][T13974] [ 778.636504][T13974] ====================================================== [ 778.643545][T13974] WARNING: possible circular locking dependency detected [ 778.650680][T13974] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted [ 778.657906][T13974] ------------------------------------------------------ [ 778.664957][T13974] syz.1.2663/13974 is trying to acquire lock: [ 778.671056][T13974] ffff888051b57140 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60 [ 778.680975][T13974] [ 778.680975][T13974] but task is already holding lock: [ 778.688373][T13974] ffff88803414d088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 778.697767][T13974] [ 778.697767][T13974] which lock already depends on the new lock. [ 778.697767][T13974] [ 778.708295][T13974] [ 778.708295][T13974] the existing dependency chain (in reverse order) is: [ 778.717332][T13974] [ 778.717332][T13974] -> #3 (&of->mutex){+.+.}-{4:4}: [ 778.724591][T13974] __mutex_lock+0x199/0xb90 [ 778.730123][T13974] kernfs_seq_start+0x4d/0x240 [ 778.735484][T13974] seq_read_iter+0x2c1/0x12c0 [ 778.740737][T13974] kernfs_fop_read_iter+0x40f/0x5a0 [ 778.746524][T13974] copy_splice_read+0x618/0xba0 [ 778.752034][T13974] do_splice_read+0x285/0x370 [ 778.757251][T13974] splice_direct_to_actor+0x2a1/0xa30 [ 778.763163][T13974] do_splice_direct+0x174/0x240 [ 778.768564][T13974] do_sendfile+0xb06/0xe50 [ 778.773694][T13974] __x64_sys_sendfile64+0x1d8/0x220 [ 778.779543][T13974] do_syscall_64+0xcd/0x4c0 [ 778.784612][T13974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.791053][T13974] [ 778.791053][T13974] -> #2 (&p->lock){+.+.}-{4:4}: [ 778.798155][T13974] __mutex_lock+0x199/0xb90 [ 778.803225][T13974] seq_read_iter+0xe1/0x12c0 [ 778.808365][T13974] kernfs_fop_read_iter+0x40f/0x5a0 [ 778.814153][T13974] copy_splice_read+0x618/0xba0 [ 778.819643][T13974] do_splice_read+0x285/0x370 [ 778.824889][T13974] splice_file_to_pipe+0x109/0x120 [ 778.830557][T13974] do_sendfile+0x400/0xe50 [ 778.835512][T13974] __x64_sys_sendfile64+0x1d8/0x220 [ 778.841266][T13974] do_syscall_64+0xcd/0x4c0 [ 778.846355][T13974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.852879][T13974] [ 778.852879][T13974] -> #1 (&pipe->mutex){+.+.}-{4:4}: [ 778.860301][T13974] __mutex_lock+0x199/0xb90 [ 778.865362][T13974] anon_pipe_write+0x15d/0x1a70 [ 778.870761][T13974] __kernel_write_iter+0x720/0xa90 [ 778.876522][T13974] __kernel_write+0xf5/0x140 [ 778.881660][T13974] autofs_notify_daemon+0x4db/0xd60 [ 778.887396][T13974] autofs_wait+0x10ca/0x1a70 [ 778.892533][T13974] autofs_mount_wait+0x132/0x380 [ 778.898117][T13974] autofs_d_automount+0x390/0x7f0 [ 778.903684][T13974] __traverse_mounts+0x195/0x790 [ 778.909204][T13974] step_into+0x5aa/0x2270 [ 778.914073][T13974] walk_component+0xfc/0x5b0 [ 778.919202][T13974] link_path_walk+0x627/0xe20 [ 778.924505][T13974] path_lookupat+0x15a/0x6d0 [ 778.929723][T13974] filename_lookup+0x224/0x5f0 [ 778.935031][T13974] user_path_at+0x3a/0x60 [ 778.939987][T13974] bpf_obj_get_user+0xae/0x490 [ 778.945312][T13974] __sys_bpf+0x252f/0x4d80 [ 778.950287][T13974] __x64_sys_bpf+0x78/0xc0 [ 778.955266][T13974] do_syscall_64+0xcd/0x4c0 [ 778.960747][T13974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.967216][T13974] [ 778.967216][T13974] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}: [ 778.975242][T13974] __lock_acquire+0x126f/0x1c90 [ 778.980691][T13974] lock_acquire+0x179/0x350 [ 778.986157][T13974] __mutex_lock+0x199/0xb90 [ 778.991235][T13974] autofs_notify_daemon+0x4a6/0xd60 [ 778.997186][T13974] autofs_wait+0x10ca/0x1a70 [ 779.002330][T13974] autofs_mount_wait+0x132/0x380 [ 779.007831][T13974] autofs_d_automount+0x390/0x7f0 [ 779.013398][T13974] __traverse_mounts+0x195/0x790 [ 779.018897][T13974] step_into+0x5aa/0x2270 [ 779.023775][T13974] walk_component+0xfc/0x5b0 [ 779.028944][T13974] path_lookupat+0x142/0x6d0 [ 779.034085][T13974] filename_lookup+0x224/0x5f0 [ 779.039398][T13974] kern_path+0x35/0x50 [ 779.044011][T13974] lookup_bdev+0xd8/0x280 [ 779.048885][T13974] resume_store+0x1d6/0x460 [ 779.053952][T13974] kobj_attr_store+0x58/0x80 [ 779.059103][T13974] sysfs_kf_write+0xf2/0x150 [ 779.064233][T13974] kernfs_fop_write_iter+0x354/0x510 [ 779.070234][T13974] vfs_write+0x6c7/0x1150 [ 779.075144][T13974] ksys_write+0x12a/0x250 [ 779.080066][T13974] do_syscall_64+0xcd/0x4c0 [ 779.085136][T13974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.091721][T13974] [ 779.091721][T13974] other info that might help us debug this: [ 779.091721][T13974] [ 779.102397][T13974] Chain exists of: [ 779.102397][T13974] &sbi->pipe_mutex --> &p->lock --> &of->mutex [ 779.102397][T13974] [ 779.114553][T13974] Possible unsafe locking scenario: [ 779.114553][T13974] [ 779.122025][T13974] CPU0 CPU1 [ 779.127504][T13974] ---- ---- [ 779.132879][T13974] lock(&of->mutex); [ 779.136902][T13974] lock(&p->lock); [ 779.143381][T13974] lock(&of->mutex); [ 779.149949][T13974] lock(&sbi->pipe_mutex); [ 779.154470][T13974] [ 779.154470][T13974] *** DEADLOCK *** [ 779.154470][T13974] [ 779.162616][T13974] 4 locks held by syz.1.2663/13974: [ 779.167819][T13974] #0: ffff88807e351438 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 779.176961][T13974] #1: ffff888024c56428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 779.186009][T13974] #2: ffff88803414d088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 779.195917][T13974] #3: ffff888140acbe18 (kn->active#59){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 779.206013][T13974] [ 779.206013][T13974] stack backtrace: [ 779.211922][T13974] CPU: 1 UID: 0 PID: 13974 Comm: syz.1.2663 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 779.211967][T13974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 779.211988][T13974] Call Trace: [ 779.212000][T13974] [ 779.212014][T13974] dump_stack_lvl+0x116/0x1f0 [ 779.212070][T13974] print_circular_bug+0x275/0x350 [ 779.212126][T13974] check_noncircular+0x14c/0x170 [ 779.212185][T13974] __lock_acquire+0x126f/0x1c90 [ 779.212248][T13974] lock_acquire+0x179/0x350 [ 779.212276][T13974] ? autofs_notify_daemon+0x4a6/0xd60 [ 779.212313][T13974] ? __pfx___might_resched+0x10/0x10 [ 779.212359][T13974] ? kernel_text_address+0x8d/0x100 [ 779.212400][T13974] __mutex_lock+0x199/0xb90 [ 779.212451][T13974] ? autofs_notify_daemon+0x4a6/0xd60 [ 779.212484][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.212526][T13974] ? autofs_notify_daemon+0x4a6/0xd60 [ 779.212561][T13974] ? __pfx___mutex_lock+0x10/0x10 [ 779.212610][T13974] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 779.212657][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.212696][T13974] ? lockdep_hardirqs_on+0x7c/0x110 [ 779.212745][T13974] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 779.212800][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.212840][T13974] ? from_kgid_munged+0xab/0x130 [ 779.212886][T13974] ? autofs_notify_daemon+0x4a6/0xd60 [ 779.212923][T13974] autofs_notify_daemon+0x4a6/0xd60 [ 779.212959][T13974] ? __pfx_autofs_notify_daemon+0x10/0x10 [ 779.212991][T13974] ? sysfs_kf_write+0xf2/0x150 [ 779.213026][T13974] ? kernfs_fop_write_iter+0x354/0x510 [ 779.213055][T13974] ? vfs_write+0x6c7/0x1150 [ 779.213110][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213149][T13974] ? lockdep_init_map_type+0x5c/0x280 [ 779.213181][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213220][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213259][T13974] ? lockdep_init_map_type+0x5c/0x280 [ 779.213291][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213334][T13974] autofs_wait+0x10ca/0x1a70 [ 779.213370][T13974] ? __pfx_autofs_wait+0x10/0x10 [ 779.213401][T13974] ? __pfx_path_check_mount+0x10/0x10 [ 779.213448][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213489][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213527][T13974] ? find_held_lock+0x2b/0x80 [ 779.213569][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213611][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213649][T13974] ? do_raw_spin_unlock+0x172/0x230 [ 779.213687][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213726][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.213765][T13974] ? find_held_lock+0x2b/0x80 [ 779.213809][T13974] autofs_mount_wait+0x132/0x380 [ 779.213865][T13974] autofs_d_automount+0x390/0x7f0 [ 779.213899][T13974] __traverse_mounts+0x195/0x790 [ 779.213958][T13974] step_into+0x5aa/0x2270 [ 779.213993][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214035][T13974] ? __pfx_step_into+0x10/0x10 [ 779.214067][T13974] ? __pfx___up_read+0x10/0x10 [ 779.214103][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214143][T13974] ? lookup_fast+0x156/0x610 [ 779.214178][T13974] walk_component+0xfc/0x5b0 [ 779.214213][T13974] path_lookupat+0x142/0x6d0 [ 779.214250][T13974] filename_lookup+0x224/0x5f0 [ 779.214289][T13974] ? __pfx_filename_lookup+0x10/0x10 [ 779.214344][T13974] ? getname_kernel+0x52/0x370 [ 779.214391][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214431][T13974] ? __asan_memcpy+0x3c/0x60 [ 779.214461][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214504][T13974] kern_path+0x35/0x50 [ 779.214540][T13974] lookup_bdev+0xd8/0x280 [ 779.214577][T13974] ? __pfx_lookup_bdev+0x10/0x10 [ 779.214613][T13974] ? resume_store+0x1b8/0x460 [ 779.214651][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214690][T13974] ? __asan_memcpy+0x3c/0x60 [ 779.214723][T13974] resume_store+0x1d6/0x460 [ 779.214761][T13974] ? __pfx_resume_store+0x10/0x10 [ 779.214803][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214845][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.214884][T13974] ? find_held_lock+0x2b/0x80 [ 779.214935][T13974] ? __pfx_resume_store+0x10/0x10 [ 779.214973][T13974] kobj_attr_store+0x58/0x80 [ 779.215025][T13974] ? __pfx_kobj_attr_store+0x10/0x10 [ 779.215078][T13974] sysfs_kf_write+0xf2/0x150 [ 779.215116][T13974] kernfs_fop_write_iter+0x354/0x510 [ 779.215147][T13974] ? __pfx_sysfs_kf_write+0x10/0x10 [ 779.215185][T13974] vfs_write+0x6c7/0x1150 [ 779.215221][T13974] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 779.215253][T13974] ? __pfx___mutex_lock+0x10/0x10 [ 779.215305][T13974] ? __pfx_vfs_write+0x10/0x10 [ 779.215355][T13974] ksys_write+0x12a/0x250 [ 779.215389][T13974] ? __pfx_ksys_write+0x10/0x10 [ 779.215425][T13974] ? srso_alias_return_thunk+0x5/0xfbef5 [ 779.215470][T13974] do_syscall_64+0xcd/0x4c0 [ 779.215523][T13974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.215557][T13974] RIP: 0033:0x7fb762d8e929 [ 779.215583][T13974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.215616][T13974] RSP: 002b:00007fb763baf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 779.215647][T13974] RAX: ffffffffffffffda RBX: 00007fb762fb6080 RCX: 00007fb762d8e929 [ 779.215677][T13974] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000008 [ 779.215698][T13974] RBP: 00007fb762e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 779.215719][T13974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 779.215738][T13974] R13: 0000000000000000 R14: 00007fb762fb6080 R15: 00007ffdc030b308 [ 779.215772][T13974] [ 779.923187][T13974] PM: Image not found (code -22) [ 780.081546][T13597] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 780.092667][T13597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 781.329968][T10186] bridge_slave_1: left allmulticast mode [ 781.335763][T10186] bridge_slave_1: left promiscuous mode [ 781.342266][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.354270][T10186] bridge_slave_0: left allmulticast mode [ 781.368425][T10186] bridge_slave_0: left promiscuous mode [ 781.374194][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.761454][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 781.771188][T10186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 781.781254][T10186] bond0 (unregistering): Released all slaves [ 781.853332][T10186] bond1 (unregistering): Released all slaves [ 782.064946][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 782.073119][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 782.306456][T10186] team0 (unregistering): Port device team_slave_1 removed [ 782.346114][T10186] team0 (unregistering): Port device team_slave_0 removed [ 782.837350][T10186] IPVS: stop unused estimator thread 0... [ 782.898260][T10186] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 782.964751][T10186] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.003198][T10186] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.045004][T10186] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.115088][T10186] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.164388][T10186] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.233979][T10186] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.283751][T10186] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.631770][ T55] wg1 speed is unknown, defaulting to 1000 [ 783.637640][ T55] syz0: Port: 1 Link DOWN [ 783.705208][T10186] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.744033][T10186] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.793088][T10186] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.843241][T10186] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.911606][T10186] bridge_slave_1: left allmulticast mode [ 783.917292][T10186] bridge_slave_1: left promiscuous mode [ 783.923168][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 783.932164][T10186] bridge_slave_0: left allmulticast mode [ 783.937935][T10186] bridge_slave_0: left promiscuous mode [ 783.943881][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 783.954939][T10186] gretap0: left allmulticast mode [ 783.960640][T10186] gretap0: left promiscuous mode [ 783.965720][T10186] bridge0: port 3(gretap0) entered disabled state [ 783.973517][T10186] bridge_slave_1: left allmulticast mode [ 783.979441][T10186] bridge_slave_1: left promiscuous mode [ 783.985315][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 783.993748][T10186] bridge_slave_0: left allmulticast mode [ 783.999458][T10186] bridge_slave_0: left promiscuous mode [ 784.005234][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.017252][T10186] bridge_slave_1: left allmulticast mode [ 784.022957][T10186] bridge_slave_1: left promiscuous mode [ 784.031215][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.042396][T10186] bridge_slave_0: left allmulticast mode [ 784.048098][T10186] bridge_slave_0: left promiscuous mode [ 784.054049][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.064785][T10186] bridge_slave_1: left allmulticast mode [ 784.070523][T10186] bridge_slave_1: left promiscuous mode [ 784.076207][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.084837][T10186] bridge_slave_0: left allmulticast mode [ 784.090789][T10186] bridge_slave_0: left promiscuous mode [ 784.096706][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.106197][T10186] bridge0: port 3(team0) entered disabled state [ 784.114067][T10186] bridge_slave_1: left allmulticast mode [ 784.120065][T10186] bridge_slave_1: left promiscuous mode [ 784.125754][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.134211][T10186] bridge_slave_0: left allmulticast mode [ 784.140712][T10186] bridge_slave_0: left promiscuous mode [ 784.146385][T10186] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.394284][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.405416][T10186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 784.415133][T10186] bond0 (unregistering): Released all slaves [ 784.654075][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.664626][T10186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 784.674789][T10186] bond0 (unregistering): Released all slaves [ 784.751289][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.761463][T10186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 784.773041][T10186] bond0 (unregistering): Released all slaves [ 784.847421][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.857706][T10186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 784.868598][T10186] bond0 (unregistering): Released all slaves [ 784.985957][T10186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.996929][T10186] bond0 (unregistering): Released all slaves [ 785.091674][T10186] tipc: Left network mode [ 785.451205][T10186] hsr_slave_0: left promiscuous mode [ 785.457052][T10186] hsr_slave_1: left promiscuous mode [ 785.463077][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 785.470584][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 785.478304][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 785.485832][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 785.500859][T10186] hsr_slave_0: left promiscuous mode [ 785.506623][T10186] hsr_slave_1: left promiscuous mode [ 785.512991][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 785.520720][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 785.528630][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 785.536079][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 785.546451][T10186] hsr_slave_0: left promiscuous mode [ 785.552362][T10186] hsr_slave_1: left promiscuous mode [ 785.558167][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 785.566174][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 785.576618][T10186] hsr_slave_0: left promiscuous mode [ 785.583483][T10186] hsr_slave_1: left promiscuous mode [ 785.589355][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 785.596987][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 785.607731][T10186] hsr_slave_0: left promiscuous mode [ 785.614004][T10186] hsr_slave_1: left promiscuous mode [ 785.619789][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 785.627211][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 785.636099][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 785.643720][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 785.666452][T10186] veth1_macvtap: left promiscuous mode [ 785.672113][T10186] veth0_macvtap: left promiscuous mode [ 785.677679][T10186] veth1_vlan: left promiscuous mode [ 785.683774][T10186] veth0_vlan: left promiscuous mode [ 785.690778][T10186] veth1_macvtap: left promiscuous mode [ 785.696297][T10186] veth0_macvtap: left promiscuous mode [ 785.701945][T10186] veth1_vlan: left promiscuous mode [ 785.707240][T10186] veth0_vlan: left promiscuous mode [ 785.714192][T10186] veth1_macvtap: left promiscuous mode [ 785.719772][T10186] veth0_macvtap: left promiscuous mode [ 785.725330][T10186] veth1_vlan: left promiscuous mode [ 785.730834][T10186] veth0_vlan: left promiscuous mode [ 786.073289][T10186] team0 (unregistering): Port device team_slave_1 removed [ 786.097256][T10186] team0 (unregistering): Port device team_slave_0 removed [ 786.303868][T10186] team0 (unregistering): Port device team_slave_1 removed [ 786.331687][T10186] team0 (unregistering): Port device team_slave_0 removed [ 786.540997][T10186] team0 (unregistering): Port device team_slave_1 removed [ 786.564838][T10186] team0 (unregistering): Port device team_slave_0 removed [ 786.714487][T10186] team0 (unregistering): Port device team_slave_1 removed [ 786.741553][T10186] team0 (unregistering): Port device team_slave_0 removed [ 786.902902][T10186] team_slave_1 (unregistering): left promiscuous mode [ 786.911614][T10186] team_slave_1 (unregistering): left allmulticast mode [ 786.919553][T10186] team0 (unregistering): Port device team_slave_1 removed [ 786.943483][T10186] team_slave_0 (unregistering): left promiscuous mode [ 786.950513][T10186] team_slave_0 (unregistering): left allmulticast mode [ 786.958054][T10186] team0 (unregistering): Port device team_slave_0 removed [ 788.197588][T10186] IPVS: stop unused estimator thread 0... [ 788.204543][T10186] IPVS: stop unused estimator thread 0... [ 788.213326][T10186] IPVS: stop unused estimator thread 0...