last executing test programs: 5.729472379s ago: executing program 0 (id=119): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getitimer(0x0, &(0x7f0000000440)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 4.051063431s ago: executing program 1 (id=130): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00)={[{@grpjquota}]}, 0x3, 0x5ee, &(0x7f00000012c0)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5") mknod$loop(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2) 3.750290697s ago: executing program 1 (id=125): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, 0x0}, 0x2058) write$FUSE_LSEEK(r0, &(0x7f00000021c0)={0x18, 0x0, r1, {0x7}}, 0x18) utime(&(0x7f0000000300)='./file0\x00', 0x0) 2.831801195s ago: executing program 2 (id=127): pipe2$9p(&(0x7f00000027c0)={0xffffffffffffffff}, 0x0) unshare(0x22020000) r1 = socket(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x3, 0x1}]}) mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000004) close_range(r0, 0xffffffffffffffff, 0x0) 2.621691289s ago: executing program 1 (id=129): openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x6d41, 0xd5) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101081, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9400000013004f0a000200"/20, @ANYRES32=r2, @ANYBLOB="00000000000000000800cfffecc507006c001a8054000a80140007"], 0x94}}, 0x20008841) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0xd) 2.472096232s ago: executing program 0 (id=132): sched_setscheduler(0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000000000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.297763395s ago: executing program 0 (id=133): r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2) ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000580)={0x0, 0x1, [{0xffffffffffffffff, 0x0, 0x0, 0xfffff000}]}) 2.271759526s ago: executing program 3 (id=134): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0xd, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10) setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000080)=0x1, 0x4) 2.186871347s ago: executing program 0 (id=135): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x6, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x200000006, 0xfffffffffffffced, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xfffffff9) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80242, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/62, 0x3000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x63, &(0x7f00000001c0)=""/99}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc4a}, 0x42) 1.817688714s ago: executing program 0 (id=136): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f00000000c0)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000000)='U', 0x1}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000), 0xd) 1.808905775s ago: executing program 2 (id=137): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0xfd, 0x2c3, &(0x7f0000000440)="$eJzs3NFLU2EYx/Ent9yc6RZEUFA91E3dHHT9ATVCIRoU5qS6CI55VmOnTc4ZxiJyN9Ftf4d02V1Q/QPeRDfddyeB0I0X0QnP2dFNp26m29LvB/S8O8/7833VozxH8Kw8ePe8mHeNvFmRgbjKgEhN1kRS66O6E/XjgD8elEY1uTb86/uF+w8f3clksxNTqpOZ6etpVR299OnFq/eXv1SGZz6MfozJcurxymr6x/LZ5XMrf6afFVwtuFoqV9TU2XK5Ys7als4V3KKhes+2TNfSQsm1nLAeqy84P19VszQ3kph3LNdVs1TVolXVSlkrTlXNp2ahpIZh6EhCjrdoG3NyS1NTZmbHshfZ6wPEOt0VDtVQq5OOk6m1LuaWurAnAADQZ3bv/4Nef+f+PzsTHA+4/xfZ3v/79bxdbr//b6cBPnZqTa/26P9xJDhOxkzUf35FGu/p6P8BAAAAAAAAAAAAAAAAAAAAAPgfrHle0vO8ZHgM32IiEheR8HWv94nD0fH331pdf3+jl3vGwWn4x724iP12IbeQC45BPZOXgthiyZgk5bd/PdQF48nb2Ykx9aXks71Yzy8u5CL+wyH8fCjVKn/x9HiQ1+b8SUk0rp+WpJxpvX66ZX5Qrl5pyBuSlK9PpCy2zPnX9Wb+9bjqrbvZLfkhfx4AAAAAAEeBoRu23b/7dX9CXLbXg3wHfx/Ycn8dlfM8oQcAAAAAgK5wqy+Lpm1bzj4GMRH5h7g9eyrYwz7j/TqISPMZifbDxm6KSB9so1uDuIgEZ3Q/8Z8b8bZSXhtzoutXeq+/LB0Mev2bCQAAAMBB22z6Owh9e3OIOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Php93lg4fymUlzcaljYJd6wXKTrnyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQR/4GAAD///fUGeI=") r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00c1000000", @ANYRES32=0x0, @ANYRES32], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r0, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000300)='%pI4 \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000007c0)={r1}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000880)={r1}, 0x4) 1.54686388s ago: executing program 3 (id=138): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000004000000200000008000300", @ANYRES32=r1, @ANYBLOB="0800a0029e090000080027000300000008002600a80900"], 0x34}}, 0x80) 1.51218102s ago: executing program 1 (id=139): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x22a140cc, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c616c6c6f775f7574696d653d30303030303030303030303030303030000030303030372c646973636172642c00214b3cf244ea5fb7437f2c69f67a093e240a6e978fa4cd2d", @ANYRES8=0xffffffffffffffff, @ANYRESOCT, @ANYRESHEX, @ANYRESHEX=0x0], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x971}) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES64=r2]) 1.445711382s ago: executing program 3 (id=140): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, {0xffe0}, {0x0, 0xfff3}, {0xa, 0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000140)=[{0x0}], 0x1) 1.387079363s ago: executing program 2 (id=141): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) pivot_root(0x0, 0x0) 1.283045725s ago: executing program 3 (id=142): syz_clone3(&(0x7f0000000080)={0xa690b000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x4, 0x2, 0x5, 0x100000, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x7800, 0x20, 0x6, 0x2}}) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x800, 0x22) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={0x0, &(0x7f0000000480)=""/17, 0x7f, 0x11, 0x0, 0x10000}, 0x28) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x6, 0x823, 0x40, 0x8000, 0x1, 0x9, '\x00', r1, r2, 0x5, 0x1, 0x2, 0xf, @value=r3}, 0x50) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000009, 0x28011, r4, 0x2f38a000) r5 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, 0x0, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r6, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r7 = dup(r3) connect$unix(r7, 0x0, 0x0) sendto$inet6(r6, &(0x7f00000006c0)='{', 0x1, 0x24008894, &(0x7f0000000040)={0xa, 0x4e20, 0x7fffffff, @empty}, 0x1c) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) r9 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$bt_hci(r9, 0x0, 0x2, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8}, 0x48) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r10, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r10, &(0x7f0000000180)=ANY=[@ANYBLOB="0e00010002"], 0x8) epoll_create(0x5) r11 = epoll_create(0x6c) epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r8, &(0x7f0000000100)={0x10000011}) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_open_pts(r5, 0x1c882) close_range(r12, r5, 0x2) r13 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)=@bridge_delneigh={0x1c, 0x13, 0x1, 0x1, 0x25dfdbfb, {0x7, 0x0, 0x0, 0x0, 0x80, 0x0, 0x6}}, 0x1c}, 0x1, 0x0, 0x0, 0x40051}, 0x40c0) 1.085738199s ago: executing program 2 (id=143): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)) 1.085527238s ago: executing program 0 (id=144): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x3) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f0000000140)='Q', 0x1, 0x200980) r2 = open(&(0x7f0000000000)='./file1\x00', 0x0, 0x49) preadv2(r2, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x2200, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 985.340071ms ago: executing program 1 (id=145): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0xa7, @rand_addr=' \x01\x00', 0x4}, 0x1c) 953.055341ms ago: executing program 3 (id=146): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1008002, &(0x7f0000000100)={[{@grpjquota}, {@discard}, {@noinit_itable}, {@nouid32}]}, 0x3, 0x5ee, &(0x7f00000012c0)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5") bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=") openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)={0x54, r2, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x1, 0x1}, {0x4544}, @broadcast, @device_a, @initial, {0x0, 0xb3}}, 0x1d, @val={0x8c, 0x18, {0x5ae, "1c35612cf8f1", @long="ab271fe2eef3b5df2b96dc754d83ed4d"}}}}]}, 0x54}}, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, 0x6b35e9d94325c671, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48241, 0x141) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) 689.565146ms ago: executing program 1 (id=147): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x882) write$sndseq(r3, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick, {}, {}, @raw32}], 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x800, &(0x7f0000001b80)=ANY=[@ANYBLOB="002aa023060829d9f570706daaf7e64385f4003c6d03000000ffdde116534a3e539068b679d93c646500b71c53966a788a93af70a9e8378a4dff15e4a14b5a4b6c14d2feff8ec15164ffff00000000115ae1b2470a06d956cae4ea3b76e646ef7b00f8bcbad4030fa2f87bae1c91858fdee78fd19866212b8aedf818fea039932b8d5f454cf4fa9f9c1c0bd1c3f8c02f1bc702d7359eb8be446f88b77ce92c3d943828ece9eef54e10c2b4d66fb887ed9e56e2fbf982ea3443c9c30d40c4dd067682187e224173e49a3d0700efeb8fc6570ce5feb7d4c9ab5c4cc09ba9ae6276845ff55c7fdaab25776edddef50000000064dadb122182564d38cae5597ef4d5a2bf63415fdfe0867dee339da4a49e99fcf977e3be588fb6a8e4ee0d5395982f374f3802e1cf12c5849a07af1ad1e9f1f52725eab00af283cbfbd18fdc8e1951ba26508eb3781117b3a5263e3671d0b9e5aedd4e9261654e7cd5213600a77f55f0ab706a787ac204fff298dc72be1e80389d8f55f42c3b92acaee0df6b6bea8459d98d7bdc8e99b33022a2474d5527b68ba085ce52bf894f86c0f0f2f76c1ffe1e7ecbf2f1d7f8de553e0438a1ad1f67e43da56f853f594b16be3822b97389b248dd3079e41ce185206267e9f174fd6ba01f9cc52c465608000048d0ad524a70f1688d1f30ca729963f14d140bf06f606065187fef9b44e884699a5bda981b07000000000000009a74a84388dc82ed1ba29abafd6b9f6e11ea249e4870494ede40f7bc48dc2a14669c1b94b32209f16b4246a6f14f44e22c4b7d5422322a2f8d967532b133014da9c571ffc2664e0831391e0242bcacaa0c00358bdefaf2bc51dcf4a7673703b89cf213c3365c64493f3ed9866c4994c119363dec364813d2a1f3732323d6fde44b8178d35f936200a96118889bc34d1800779c82b877ba24d7aadec4abe72a3b5e9280cc12d3f3b60fa0163fc3ccdce18ced9a8ccf33122055f8870f804fb91d9f91ba8db505d020c01f532c9307117f34693dd535e1fc52ccc94ba178aaf524117c214fa858d6da2f91c14ab5ea3080500366075694cf317cdad3e61d17bfa4490124e3616a0d581cf05cf2cecc0a9b83fe00000000007ed60e73000000ed9111e3396fea123d15ff825b66e25945cb3fd6d31773af0634a155fe85159a644fba1135ff23d713431f3cf8587d8778f7eb1a02d155fb6185d105d26844d111c85fd6321fc4a9a368c04cd3f2292eb9ab00d3efd86111ca430dcfbf1910b235e636e99b615163989a3779e520b59d2e7db309a3710d5b11ae9c21ad7e4c7d000000000000000000000024aafb0479e8ea1ab8bfd97c2186a3a784ce996d63c42c31e3a211c284f7c0187429d7f0174806fd4519921b9d81a510de2ff2f21e7423328036d45adf7df57a0572a6dfba1e0e7dbed9aeebb7cd806f3685459be46dc69d314fd3ea633b1539f466c8d32a2e9392d1620656958900ffbf0c3f5139c03580f83516f02c1adbb6e16040f273456e982741fe40b3f6a3e9c8237f9da13572c209968b40dd6bf4fbb056d303698c74cdbd4c38c54e945e8e93ff946aa2a1fc940646fc7dbcb3455221cf6192c986eb7a087af45e68868f8495d2831c34ae5a824b2a0000000000000000c24a4830f8332a3db515e3bc4e6d67c82de4a7455610859e42b53acf4e70756fef370048f77768417a3f3d46623ca15e44b437264848055d7d56bec29d1e5fbc6c96ec0d21b9525ff08c3942ff0578d0fba72e4211d4d0efa23bbd7d086ecaa868a73b10b9d14011d0d275029e47c502f7bf3944b11c2f1722694beb339218fca3ceccd8d767a285bee0391df95b1138359a6dcd6846e7a51f256a4cbe744e599333c31805f4259b031e5c2aee0aa77e172a20bfca2a88ba1e79acf5f81e518376453a65edd5b2a9401276838e94b61e5c4c9b63753919", @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYRES16, @ANYRES64, @ANYRES8=0x0, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT=0x0, @ANYBLOB="96baa9bd293f32a4be21fdffc77440a9d9c7e16c6c51d63e8ba964b01e06c4ad80d5ba81bf754b2f63dd49ffac2f96d2be9ab12be13dc3bd59217be281d895795a047ce3258eb171bd1200000000000000a112eb61edbb22074fb2464c2c040aa73dc1cccff5291d669049a8e13b373c0960d91ad00e2765cf73b478067d073524b1515e0cf674b54ab1945a77534ca0c321c00bc82e1eec0d6ea55eab950800b5c12b71f10f76", @ANYRESOCT, @ANYRES8], 0x1, 0x1be, &(0x7f0000000640)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPWMY0MWk0vtMXKTXMwjwczAyMDQANKSmJOTWlTMxlBxq5WBgeEEA8t1+2sqzRKcDn/kORySNB10mI74eGTNaIS6iCFT4eyZD/Lr2DSOMDxawbyxzjOvsa4wdWpeWl5SVVZV1ryJEzfObOxsbFw5sS4qzW8VY0uKCzNDJyOTwxY1gc3M9VBTVj1McmDt8fBrPmWs9DqV+ZLxwiKpUyuqZk74ojSb0fA7wx2eshUSGhpOElckLBpMGI7U2TbAHJCmEMbIoMYm1rbnzJwQZn42N2aQu5lCj3IsnSlhcUCo6uRPS823DoluM7Y9dWA7w3P4OM+agj5Bo+MSDE4LBf/LMFTcSk5oaCjTWMu01HbBlyKNvxJeq42dMhjc7ZmWwQKUBRw2K6E8WbCehOQVHjqamkYpyQkNmxoZGBgKDJUZtu7hXC3QwIAUbSoMDAzbGWFxCwHXYIxRMApGwSgYBaNgFIyCUTAKRsEoGAUjAgACAAD//2KViGQ=") sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) userfaultfd(0x80801) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0xa200) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r7, 0xc02c5341, &(0x7f00000001c0)) r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x2, 0x0, 0x3}, 0x800000}) close_range(r1, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0xffffffffffffff5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x44) 689.417606ms ago: executing program 2 (id=148): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x11, 0x17e, &(0x7f00000004c0)="$eJzsmL9PwkAUx793RYjGRGcXTSQBBktb1MjgwOygib/iJpFK0CIGOgibf4Wzf4EzcSHxz9BBnVxwc3KoaXvQB/4c1MT4PsO77zse17vX5NvkwDDMv+X+7un2IpW80gCMI4mEmn/QohpJ6tsTz5nryurlmfF40+6s5IfXEwA87+vPjwHoFDS4Kve8wX8n1bgB2debkMgovQ0BXeldSGwpbUNgR+kDomt+va7vVxxb36s5JV8YfjD9YPkhN7y/7qlAiexPkN8bzdZh0XHs+g+Kz/rXLUgsk/3R99XrjUH6Z0LCVDoHgXWll5Do9SZsCTn/VCxaX/vl87NgweKvicifvHOBFPGnGPGPrFs9zjaarblKtVi2y/aRZeUWjXnDWLCygRGF8QP/Gw38aYysP/JObVzEcVJ03boZxn5uhfEtx40H/ieRng1zoeYowfdgUsz4Q1pTOcMwDMMwDMMwDMMwDMMwzDcR3UlOQwS3oAPkX01Za0H1SwAAAP//eg52cw==") r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 241.675575ms ago: executing program 3 (id=149): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200000000000000000000040000000000"], 0x0, 0x26}, 0x28) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000006dc6c6c6fdd45d9567b59822e76673c3508910b36114014c45719628e51ed583b52748989a6a8739111a05b595f5633c6a1be8383a94dadb0a6500c706fb3665819a2b8737fa9e47e4defb1bacacbb7a7f2fec446bd111c1487b61846e11e81d56a2b1cd13f413864b53fa44aa03a11a7d03e4e991ed1028c3334e266ea377a488a7a5e301a976f47c07395b7836b49a8c60fb4fe294b110839ac1c76c89f10a2dafa1588efc53210372063fbfa7e9077a6c937e0f8be57c4644b6358c54d4cc303d250c50852d160ba31968738f36356d18750ee5b59a25272823de208e4f9457c1e8fe53deb7224a2f690b03b4051761f4271e05f501bee61d8e38"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r4, 0x0, 0x0}, 0x10) 0s ago: executing program 2 (id=150): r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="24000000580041319c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.251' (ED25519) to the list of known hosts. [ 58.251937][ T5769] cgroup: Unknown subsys name 'net' [ 58.384006][ T5769] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 59.773256][ T5769] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 61.340891][ T5781] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.349053][ T5791] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 61.357299][ T5791] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.378402][ T5791] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 61.389976][ T5781] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 61.397777][ T5791] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.397859][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 61.412145][ T5790] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 61.414396][ T5781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.420657][ T5790] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 61.426394][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 61.443104][ T5793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 61.451212][ T5793] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 61.457578][ T5790] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.458845][ T5793] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 61.473184][ T5793] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 61.481390][ T5793] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 61.487298][ T5792] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 61.488761][ T5793] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.495772][ T5792] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.503274][ T5793] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 61.519589][ T5792] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 61.539152][ T5793] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 61.548131][ T5785] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 61.920187][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 62.008614][ T5779] chnl_net:caif_netlink_parms(): no params data found [ 62.119046][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 62.151457][ T5783] chnl_net:caif_netlink_parms(): no params data found [ 62.193448][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.200749][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.208692][ T5786] bridge_slave_0: entered allmulticast mode [ 62.215406][ T5786] bridge_slave_0: entered promiscuous mode [ 62.243775][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.251495][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.258761][ T5779] bridge_slave_0: entered allmulticast mode [ 62.265403][ T5779] bridge_slave_0: entered promiscuous mode [ 62.272839][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.280038][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.287153][ T5779] bridge_slave_1: entered allmulticast mode [ 62.294121][ T5779] bridge_slave_1: entered promiscuous mode [ 62.301538][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.308864][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.315996][ T5786] bridge_slave_1: entered allmulticast mode [ 62.323141][ T5786] bridge_slave_1: entered promiscuous mode [ 62.374982][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.400209][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.425553][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.449653][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.521317][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.528628][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.535759][ T5782] bridge_slave_0: entered allmulticast mode [ 62.542721][ T5782] bridge_slave_0: entered promiscuous mode [ 62.553413][ T5779] team0: Port device team_slave_0 added [ 62.562240][ T5779] team0: Port device team_slave_1 added [ 62.571290][ T5786] team0: Port device team_slave_0 added [ 62.588405][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.595510][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.602785][ T5783] bridge_slave_0: entered allmulticast mode [ 62.610501][ T5783] bridge_slave_0: entered promiscuous mode [ 62.617428][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.624701][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.632180][ T5782] bridge_slave_1: entered allmulticast mode [ 62.639402][ T5782] bridge_slave_1: entered promiscuous mode [ 62.648593][ T5786] team0: Port device team_slave_1 added [ 62.662837][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.670239][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.677342][ T5783] bridge_slave_1: entered allmulticast mode [ 62.684265][ T5783] bridge_slave_1: entered promiscuous mode [ 62.722684][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.729670][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.756476][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.769579][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.776526][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.802526][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.825898][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.838303][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.888204][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.895169][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.921530][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.933996][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.941242][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.967219][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.981825][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.031391][ T5779] hsr_slave_0: entered promiscuous mode [ 63.038613][ T5779] hsr_slave_1: entered promiscuous mode [ 63.046940][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.073683][ T5782] team0: Port device team_slave_0 added [ 63.082187][ T5782] team0: Port device team_slave_1 added [ 63.146744][ T5783] team0: Port device team_slave_0 added [ 63.153303][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.160535][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.186574][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.199027][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.206596][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.232665][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.256622][ T5786] hsr_slave_0: entered promiscuous mode [ 63.262913][ T5786] hsr_slave_1: entered promiscuous mode [ 63.269698][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.277481][ T5786] Cannot create hsr debugfs directory [ 63.285852][ T5783] team0: Port device team_slave_1 added [ 63.321514][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.328682][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.354939][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.405633][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.412947][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.439679][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.528424][ T5787] Bluetooth: hci3: command tx timeout [ 63.539497][ T5782] hsr_slave_0: entered promiscuous mode [ 63.546110][ T5782] hsr_slave_1: entered promiscuous mode [ 63.552890][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.562039][ T5782] Cannot create hsr debugfs directory [ 63.576008][ T5783] hsr_slave_0: entered promiscuous mode [ 63.582572][ T5783] hsr_slave_1: entered promiscuous mode [ 63.588719][ T5783] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.596258][ T5783] Cannot create hsr debugfs directory [ 63.607710][ T5785] Bluetooth: hci1: command tx timeout [ 63.607726][ T5793] Bluetooth: hci0: command tx timeout [ 63.614220][ T5787] Bluetooth: hci2: command tx timeout [ 63.880877][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 63.907838][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 63.918408][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 63.938309][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.024627][ T5779] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.050524][ T5779] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.066691][ T5779] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.096861][ T5779] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.116600][ T5783] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.145685][ T5783] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.155665][ T5783] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.183757][ T5783] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.220583][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.242744][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.252779][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.269599][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.280584][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.323734][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.369847][ T3449] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.377076][ T3449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.388009][ T3449] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.395124][ T3449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.555808][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.572241][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.592637][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.624622][ T5779] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.646736][ T5783] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.662898][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.689622][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.696780][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.708987][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.716132][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.759200][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.766350][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.776619][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.783759][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.795772][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.802901][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.815409][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.822525][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.890394][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.920288][ T5782] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.035567][ T5786] veth0_vlan: entered promiscuous mode [ 65.092179][ T5786] veth1_vlan: entered promiscuous mode [ 65.192858][ T5786] veth0_macvtap: entered promiscuous mode [ 65.222017][ T5786] veth1_macvtap: entered promiscuous mode [ 65.269094][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.291310][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.332996][ T5786] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.355652][ T5786] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.364749][ T5786] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.380539][ T5786] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.406292][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.456973][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.503096][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.553043][ T5782] veth0_vlan: entered promiscuous mode [ 65.601177][ T5779] veth0_vlan: entered promiscuous mode [ 65.611412][ T5782] veth1_vlan: entered promiscuous mode [ 65.611793][ T5787] Bluetooth: hci3: command tx timeout [ 65.626116][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.649709][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.687368][ T5779] veth1_vlan: entered promiscuous mode [ 65.693271][ T5787] Bluetooth: hci1: command tx timeout [ 65.698968][ T5785] Bluetooth: hci2: command tx timeout [ 65.699003][ T5785] Bluetooth: hci0: command tx timeout [ 65.714990][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.736375][ T5782] veth0_macvtap: entered promiscuous mode [ 65.738329][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.755062][ T5782] veth1_macvtap: entered promiscuous mode [ 65.775618][ T5783] veth0_vlan: entered promiscuous mode [ 65.795043][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.806016][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.821247][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.831993][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.844600][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.856919][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.890082][ T5782] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.903962][ T5782] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.913740][ T5782] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.922515][ T5782] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.936449][ T5779] veth0_macvtap: entered promiscuous mode [ 65.944913][ T5783] veth1_vlan: entered promiscuous mode [ 66.001178][ T5783] veth0_macvtap: entered promiscuous mode [ 66.015813][ T5779] veth1_macvtap: entered promiscuous mode [ 66.040987][ T5783] veth1_macvtap: entered promiscuous mode [ 66.065622][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.066612][ T5865] syz.3.4[5865]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 66.077448][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.106857][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.109521][ T5865] loop3: detected capacity change from 0 to 1024 [ 66.122539][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.129536][ T5865] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 66.146917][ T5865] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 66.153209][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.170225][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.181045][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.194503][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.206150][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.219171][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.249149][ T5865] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.276901][ T5779] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.301108][ T5779] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.315039][ T5779] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.324151][ T5779] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.361638][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.361664][ T5865] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.4: missing EA_INODE flag [ 66.372127][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.372141][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.372154][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.372162][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.372173][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.373594][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.406352][ T5865] EXT4-fs (loop3): Remounting filesystem read-only [ 66.458964][ T5865] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 66.475365][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.483349][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.483367][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.483376][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.483388][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.483397][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.483407][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.484676][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.503843][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.590440][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.592687][ T5783] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.607221][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.612141][ T5783] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.624034][ T5783] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.633724][ T5783] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.653926][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.790239][ T3449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.816785][ T3449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.157494][ T5877] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 67.403101][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.431519][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.474703][ T3449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.525645][ T3449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.613588][ T3514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.642867][ T3514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.719331][ T5787] Bluetooth: hci3: command tx timeout [ 67.769270][ T5787] Bluetooth: hci0: command tx timeout [ 67.774829][ T5787] Bluetooth: hci2: command tx timeout [ 67.780870][ T5787] Bluetooth: hci1: command tx timeout [ 68.841377][ T5888] loop0: detected capacity change from 0 to 256 [ 68.855983][ T5888] ======================================================= [ 68.855983][ T5888] WARNING: The mand mount option has been deprecated and [ 68.855983][ T5888] and is ignored by this kernel. Remove the mand [ 68.855983][ T5888] option from the mount to silence this warning. [ 68.855983][ T5888] ======================================================= [ 68.956809][ T5888] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d) [ 69.302712][ T27] audit: type=1800 audit(1758210421.599:2): pid=5888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="file1" dev="loop0" ino=1048592 res=0 errno=0 [ 69.331858][ T5888] syz.0.1: attempt to access beyond end of device [ 69.331858][ T5888] loop0: rw=0, sector=34359738488, nr_sectors = 8 limit=256 [ 69.583569][ T5892] loop2: detected capacity change from 0 to 512 [ 69.647748][ T5892] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 69.688091][ T5892] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 69.700815][ T5894] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 69.736727][ T5896] loop1: detected capacity change from 0 to 1024 [ 69.746094][ T5892] EXT4-fs (loop2): 1 truncate cleaned up [ 69.753192][ T5896] EXT4-fs: inline encryption not supported [ 69.759430][ T5896] EXT4-fs: Ignoring removed nobh option [ 69.765151][ T5896] EXT4-fs: Ignoring removed bh option [ 69.770907][ T5793] Bluetooth: hci3: command tx timeout [ 69.772234][ T5892] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.798763][ T5896] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 69.848022][ T5793] Bluetooth: hci1: command tx timeout [ 69.853466][ T5793] Bluetooth: hci2: command tx timeout [ 69.859284][ T5787] Bluetooth: hci0: command tx timeout [ 69.875221][ T5896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.890002][ T5899] loop0: detected capacity change from 0 to 1024 [ 69.910284][ T5899] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 69.925331][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.949313][ T5899] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 70.005146][ T5899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.596585][ T27] audit: type=1800 audit(1758210423.159:3): pid=5896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 70.732579][ T5896] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.10: Allocating blocks 385-513 which overlap fs metadata [ 70.953733][ T5915] loop2: detected capacity change from 0 to 1024 [ 71.706444][ T5919] netlink: 96 bytes leftover after parsing attributes in process `syz.3.12'. [ 71.716883][ T5919] netlink: 96 bytes leftover after parsing attributes in process `syz.3.12'. [ 71.756890][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.770516][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.797532][ C0] sched: RT throttling activated [ 72.276456][ T5896] EXT4-fs (loop1): pa ffff8880606bb570: logic 16, phys. 129, len 24 [ 72.284845][ T5896] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 72.439297][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.549169][ T3514] Trying to write to read-only block-device loop1 [ 72.566215][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.633326][ T5928] loop0: detected capacity change from 0 to 1024 [ 72.646595][ T5926] Zero length message leads to an empty skb [ 72.672779][ T5928] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 72.711267][ T5928] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 72.712357][ T5156] udevd[5156]: worker [5774] terminated by signal 33 (Unknown signal 33) [ 72.741682][ T5156] udevd[5156]: worker [5774] failed while handling '/devices/virtual/block/loop0' [ 72.770748][ T5928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.857114][ T5928] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.15: missing EA_INODE flag [ 72.931876][ T5928] EXT4-fs (loop0): Remounting filesystem read-only [ 73.058017][ T5926] loop2: detected capacity change from 0 to 8192 [ 73.123189][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.225762][ T5944] loop1: detected capacity change from 0 to 256 [ 73.403611][ T5944] loop1: detected capacity change from 0 to 128 [ 73.613961][ T5929] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 73.726914][ T5929] FAT-fs (loop2): Filesystem has been set read-only [ 75.615057][ T5958] netlink: 96 bytes leftover after parsing attributes in process `syz.1.22'. [ 75.631027][ T5958] netlink: 96 bytes leftover after parsing attributes in process `syz.1.22'. [ 75.805382][ T5956] loop0: detected capacity change from 0 to 1024 [ 76.178135][ T5963] loop3: detected capacity change from 0 to 512 [ 76.347106][ T5964] loop2: detected capacity change from 0 to 1024 [ 76.417980][ T5964] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 76.457964][ T5964] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 76.511841][ T5964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.666008][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.882161][ T5997] loop2: detected capacity change from 0 to 256 [ 77.983199][ T5997] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d) [ 78.153437][ T5995] syz.2.31: attempt to access beyond end of device [ 78.153437][ T5995] loop2: rw=0, sector=34359738488, nr_sectors = 8 limit=256 [ 78.195786][ T27] audit: type=1800 audit(1758210430.609:4): pid=5995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.31" name="file1" dev="loop2" ino=1048595 res=0 errno=0 [ 78.642194][ T6001] loop2: detected capacity change from 0 to 512 [ 78.882523][ T6001] EXT4-fs (loop2): orphan cleanup on readonly fs [ 78.895024][ T6001] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.35: bg 0: block 248: padding at end of block bitmap is not set [ 78.943460][ T6001] Quota error (device loop2): write_blk: dquota write failed [ 79.062353][ T6012] netlink: 96 bytes leftover after parsing attributes in process `syz.0.36'. [ 79.084545][ T6012] netlink: 96 bytes leftover after parsing attributes in process `syz.0.36'. [ 79.249431][ T6001] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 79.493508][ T6001] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.35: Failed to acquire dquot type 1 [ 79.649854][ T6001] EXT4-fs (loop2): 1 truncate cleaned up [ 79.705959][ T5922] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 79.725382][ T6001] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 79.799279][ T6001] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz.2.35: deleted inode referenced: 12 [ 79.917725][ T5922] usb 4-1: Using ep0 maxpacket: 32 [ 79.942225][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.973923][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 79.981850][ T6019] loop1: detected capacity change from 0 to 1024 [ 80.007790][ T5922] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 80.027070][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.055212][ T6022] loop0: detected capacity change from 0 to 1024 [ 80.058426][ T5922] usb 4-1: config 0 descriptor?? [ 80.072188][ T5955] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 80.083643][ T5922] hub 4-1:0.0: USB hub found [ 80.284304][ T5922] hub 4-1:0.0: 1 port detected [ 80.426513][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.494641][ T5922] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 80.513720][ T5922] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 80.537374][ T5922] usbhid 4-1:0.0: can't add hid device: -71 [ 80.545447][ T5922] usbhid: probe of 4-1:0.0 failed with error -71 [ 80.599368][ T3489] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.617174][ T5922] usb 4-1: USB disconnect, device number 2 [ 80.711630][ T3489] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.782940][ T3489] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.825737][ T3489] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.150362][ T6034] loop1: detected capacity change from 0 to 256 [ 81.326957][ T6036] loop2: detected capacity change from 0 to 2048 [ 81.526456][ T6042] loop3: detected capacity change from 0 to 256 [ 81.651348][ T6042] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d) [ 82.085933][ T6042] syz.3.44: attempt to access beyond end of device [ 82.085933][ T6042] loop3: rw=0, sector=34359738488, nr_sectors = 8 limit=256 [ 82.150491][ T6036] Alternate GPT is invalid, using primary GPT. [ 82.185960][ T27] audit: type=1800 audit(1758210434.269:5): pid=6042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.44" name="file1" dev="loop3" ino=1048596 res=0 errno=0 [ 82.225772][ T967] cfg80211: failed to load regulatory.db [ 82.229742][ T6036] loop2: p2 p3 p7 [ 82.544220][ T5771] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 82.647673][ T5846] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 82.715696][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 82.731133][ T5772] udevd[5772]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 82.754327][ T5971] udevd[5971]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 82.754651][ T5785] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.775470][ T5785] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.784876][ T5785] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.790134][ T5771] usb 2-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x98, skipping [ 82.808429][ T5785] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.818005][ T5785] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 82.825639][ T5785] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.842681][ T5771] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 19514, setting to 64 [ 82.857890][ T5846] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 82.866959][ T5846] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.884323][ T5846] usb 4-1: config 0 descriptor?? [ 82.893341][ T5846] cp210x 4-1:0.0: cp210x converter detected [ 82.905604][ T5771] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 82.954194][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 82.967481][ T5971] udevd[5971]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 82.983906][ T5771] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.034725][ T6046] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 83.065595][ T6046] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 83.092107][ T5771] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 83.102695][ T5771] usb 2-1: invalid MIDI in EP 0 [ 83.136376][ T5846] usb 4-1: cp210x converter now attached to ttyUSB0 [ 83.329868][ T5771] snd-usb-audio: probe of 2-1:27.0 failed with error -22 [ 83.330151][ T5846] usb 4-1: USB disconnect, device number 3 [ 83.387228][ T5771] usb 2-1: USB disconnect, device number 2 [ 83.423996][ T5846] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 83.433159][ T6066] loop2: detected capacity change from 0 to 256 [ 83.455513][ T5846] cp210x 4-1:0.0: device disconnected [ 83.508388][ T6066] FAT-fs (loop2): Directory bread(block 64) failed [ 83.515261][ T6066] FAT-fs (loop2): Directory bread(block 65) failed [ 83.567982][ T6066] FAT-fs (loop2): Directory bread(block 66) failed [ 83.589064][ T6066] FAT-fs (loop2): Directory bread(block 67) failed [ 83.600970][ T6066] FAT-fs (loop2): Directory bread(block 68) failed [ 83.617942][ T6066] FAT-fs (loop2): Directory bread(block 69) failed [ 83.624580][ T6066] FAT-fs (loop2): Directory bread(block 70) failed [ 83.637929][ T6066] FAT-fs (loop2): Directory bread(block 71) failed [ 83.668090][ T6066] FAT-fs (loop2): Directory bread(block 72) failed [ 83.688864][ T6066] FAT-fs (loop2): Directory bread(block 73) failed [ 83.746338][ T3489] hsr_slave_0: left promiscuous mode [ 83.768375][ T3489] hsr_slave_1: left promiscuous mode [ 83.782770][ T3489] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.798294][ T3489] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.817144][ T3489] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.835010][ T3489] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.843964][ T3489] bridge_slave_1: left allmulticast mode [ 83.850071][ T3489] bridge_slave_1: left promiscuous mode [ 83.869619][ T3489] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.911938][ T3489] bridge_slave_0: left allmulticast mode [ 83.945276][ T3489] bridge_slave_0: left promiscuous mode [ 83.966752][ T3489] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.084077][ T6085] loop1: detected capacity change from 0 to 8 [ 84.107090][ T3489] veth1_macvtap: left promiscuous mode [ 84.123242][ T3489] veth0_macvtap: left promiscuous mode [ 84.147804][ T3489] veth1_vlan: left promiscuous mode [ 84.158064][ T3489] veth0_vlan: left promiscuous mode [ 84.184245][ T5955] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 84.252083][ T6090] loop3: detected capacity change from 0 to 1024 [ 84.887733][ T5785] Bluetooth: hci0: command tx timeout [ 85.391668][ T3489] team0 (unregistering): Port device team_slave_1 removed [ 85.424777][ T3489] team0 (unregistering): Port device team_slave_0 removed [ 85.462843][ T3489] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 85.499344][ T3489] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 85.840767][ T3489] bond0 (unregistering): Released all slaves [ 86.193012][ T6056] chnl_net:caif_netlink_parms(): no params data found [ 86.240466][ T6119] loop3: detected capacity change from 0 to 8 [ 86.534089][ T6056] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.550595][ T6056] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.566380][ T6056] bridge_slave_0: entered allmulticast mode [ 86.580453][ T6056] bridge_slave_0: entered promiscuous mode [ 86.615288][ T6056] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.643322][ T6056] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.665542][ T6056] bridge_slave_1: entered allmulticast mode [ 86.673875][ T6056] bridge_slave_1: entered promiscuous mode [ 86.802719][ T6134] loop3: detected capacity change from 0 to 256 [ 86.826648][ T6134] exFAT-fs (loop3): bogus sector size bits : 0 [ 86.833061][ T6134] exFAT-fs (loop3): failed to read boot sector [ 86.839424][ T6134] exFAT-fs (loop3): failed to recognize exfat type [ 86.967924][ T5785] Bluetooth: hci0: command tx timeout [ 87.320721][ T6131] raw_sendmsg: syz.3.68 forgot to set AF_INET. Fix it! [ 87.327638][ T5955] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 87.390022][ T6056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.437805][ T6056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.588980][ T6143] netlink: 12 bytes leftover after parsing attributes in process `syz.2.70'. [ 87.894914][ T6056] team0: Port device team_slave_0 added [ 88.011182][ T6056] team0: Port device team_slave_1 added [ 88.773249][ T6056] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.804729][ T6056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.891531][ T6056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.954091][ C1] Unknown status report in ack skb [ 88.998090][ T6056] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.005061][ T6056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.067787][ T5785] Bluetooth: hci0: command tx timeout [ 89.158581][ T6056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.248562][ T6163] loop2: detected capacity change from 0 to 8 [ 89.799682][ T6056] hsr_slave_0: entered promiscuous mode [ 89.846820][ T6056] hsr_slave_1: entered promiscuous mode [ 90.025510][ T6178] loop1: detected capacity change from 0 to 512 [ 90.091777][ T5955] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 91.127756][ T5785] Bluetooth: hci0: command tx timeout [ 91.338127][ T5771] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 91.506476][ T6203] loop3: detected capacity change from 0 to 2048 [ 91.550739][ T5771] usb 2-1: config 160 has an invalid interface number: 200 but max is 0 [ 91.567617][ T6207] loop2: detected capacity change from 0 to 1024 [ 91.577774][ T5771] usb 2-1: config 160 has no interface number 0 [ 91.597603][ T5771] usb 2-1: config 160 interface 200 has no altsetting 0 [ 91.616479][ T5955] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 91.623628][ T5771] usb 2-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 91.634332][ T6207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.645430][ T5771] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.657592][ T5771] usb 2-1: Product: syz [ 91.668516][ T5771] usb 2-1: Manufacturer: syz [ 91.674573][ T5771] usb 2-1: SerialNumber: syz [ 91.687151][ T6207] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.884148][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.968462][ T5771] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 91.975510][ T5771] usb 2-1: MIDIStreaming interface descriptor not found [ 92.041580][ T6214] loop3: detected capacity change from 0 to 1024 [ 92.161396][ T5771] usb 2-1: USB disconnect, device number 3 [ 92.220860][ T6056] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.332082][ T6056] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.349069][ T6223] udevd[6223]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 92.382114][ T6056] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.389932][ T6214] EXT4-fs: Ignoring removed bh option [ 92.395450][ T6214] EXT4-fs: Ignoring removed nomblk_io_submit option [ 92.405503][ T6056] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.429667][ T6214] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 92.457195][ T6214] EXT4-fs (loop3): Test dummy encryption mode enabled [ 92.526628][ T6214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.587663][ T6214] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.90: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 92.690325][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.790650][ T6056] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.836479][ T6056] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.920031][ T3514] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.927624][ T3514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.011561][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.018772][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.123601][ T6056] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 93.317830][ T5846] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 93.429402][ T6266] capability: warning: `syz.3.99' uses deprecated v2 capabilities in a way that may be insecure [ 93.518324][ T5846] usb 2-1: Using ep0 maxpacket: 32 [ 93.543810][ T5846] usb 2-1: unable to get BOS descriptor or descriptor too short [ 93.580825][ T5846] usb 2-1: config 40 has an invalid interface number: 233 but max is 0 [ 93.606410][ T5846] usb 2-1: config 40 has no interface number 0 [ 93.640414][ T5846] usb 2-1: config 40 interface 233 has no altsetting 0 [ 93.661601][ T6056] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.671359][ T5846] usb 2-1: New USB device found, idVendor=05ac, idProduct=0218, bcdDevice=f5.f5 [ 93.707278][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.732138][ T5846] usb 2-1: Product: syz [ 93.736420][ T5846] usb 2-1: Manufacturer: syz [ 93.757125][ T5846] usb 2-1: SerialNumber: syz [ 93.791175][ T6056] veth0_vlan: entered promiscuous mode [ 93.826432][ T6056] veth1_vlan: entered promiscuous mode [ 93.863670][ T6276] loop3: detected capacity change from 0 to 1024 [ 93.919837][ T6056] veth0_macvtap: entered promiscuous mode [ 93.965925][ T6056] veth1_macvtap: entered promiscuous mode [ 93.994566][ T6275] hfsplus: invalid extended attribute record [ 94.086049][ T1011] hfsplus: b-tree write err: -5, ino 4 [ 94.102506][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.178644][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.235560][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.246158][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.257664][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.274185][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.342530][ T6283] loop1: detected capacity change from 0 to 16 [ 94.683885][ T6056] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.042629][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.070128][ T6285] loop3: detected capacity change from 0 to 1024 [ 95.077365][ T6285] ext4: Unknown parameter 'noacl' [ 95.104126][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.130525][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.152735][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.172173][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.208568][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.251446][ T6056] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.329700][ T6056] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.347721][ T6056] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.356513][ T6056] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.374111][ T6293] loop3: detected capacity change from 0 to 512 [ 95.378788][ T6056] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.383609][ T6293] EXT4-fs: Invalid want_extra_isize 95 [ 95.613513][ T2967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.647318][ T2967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.705039][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.725122][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.875004][ T6303] loop3: detected capacity change from 0 to 256 [ 95.979370][ T6303] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 96.006186][ T6303] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 96.131814][ T5846] appletouch 2-1:40.233: Failed to read mode from device. [ 96.152298][ T5846] appletouch: probe of 2-1:40.233 failed with error -5 [ 96.172482][ T6303] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 96.224182][ T5846] usb 2-1: USB disconnect, device number 4 [ 96.556676][ T6321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.108'. [ 96.670947][ T6322] loop1: detected capacity change from 0 to 256 [ 97.727997][ T6347] usb usb8: usbfs: process 6347 (syz.3.113) did not claim interface 7 before use [ 98.429452][ T6350] loop3: detected capacity change from 0 to 256 [ 98.447149][ T6350] exfat: Deprecated parameter 'namecase' [ 98.457087][ T6350] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 98.544640][ T6350] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 98.683270][ T6354] loop1: detected capacity change from 0 to 4096 [ 99.137790][ T5955] I/O error, dev loop1, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 99.348388][ T5793] Bluetooth: hci0: command tx timeout [ 99.693070][ T6370] loop3: detected capacity change from 0 to 128 [ 99.739662][ T6370] FAT-fs (loop3): Invalid FSINFO signature: 0x09615252, 0x614101ff (sector = 1) [ 99.743850][ T6374] loop2: detected capacity change from 0 to 512 [ 99.918019][ T6374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.942959][ T6374] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.099128][ T6374] EXT4-fs warning (device loop2): ext4_group_extend:1892: will only finish group (16384 blocks, 16256 new) [ 100.131194][ T6374] EXT4-fs warning (device loop2): ext4_group_extend:1897: can't read last block, resize aborted [ 100.223923][ T3449] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm kworker/u4:7: Invalid inode table block 741439091 in block_group 0 [ 100.256359][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.329486][ T6383] loop1: detected capacity change from 0 to 1024 [ 100.800735][ T6399] loop2: detected capacity change from 0 to 256 [ 100.817627][ T6399] exFAT-fs (loop2): bogus sector size bits : 0 [ 100.823873][ T6399] exFAT-fs (loop2): failed to read boot sector [ 100.831274][ T6399] exFAT-fs (loop2): failed to recognize exfat type [ 101.588399][ T27] audit: type=1326 audit(1758210454.149:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.2.127" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb62458eba9 code=0x0 [ 101.818250][ T6417] netlink: 60 bytes leftover after parsing attributes in process `syz.1.129'. [ 101.869373][ T6417] netlink: 60 bytes leftover after parsing attributes in process `syz.1.129'. [ 102.558187][ T6448] loop2: detected capacity change from 0 to 128 [ 102.596091][ T6448] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 102.700345][ T6448] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 102.776231][ T6445] Bluetooth: MGMT ver 1.22 [ 102.921472][ T6455] loop1: detected capacity change from 0 to 256 [ 103.024176][ T6223] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 103.178464][ T6459] Bluetooth: MGMT ver 1.22 [ 103.311889][ T6466] loop0: detected capacity change from 0 to 1024 [ 103.375607][ T6466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.407225][ T6466] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.429656][ T6477] loop3: detected capacity change from 0 to 1024 [ 103.478555][ T6477] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 103.534426][ T27] audit: type=1804 audit(1758210456.069:7): pid=6466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.144" name="/newroot/7/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 103.622240][ T6477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.632600][ T6484] loop1: detected capacity change from 0 to 8 [ 103.662580][ T6486] loop2: detected capacity change from 0 to 16 [ 103.699174][ T6477] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.146: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 103.730301][ T6477] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.146: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 103.738927][ T6486] erofs: (device loop2): mounted with root inode @ nid 36. [ 103.781945][ T5955] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 104.037733][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.469159][ T3514] ------------[ cut here ]------------ [ 104.474925][ T3514] WARNING: CPU: 1 PID: 3514 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.486076][ T3514] Modules linked in: [ 104.490214][ T3514] CPU: 1 PID: 3514 Comm: kworker/u4:9 Not tainted syzkaller #0 [ 104.497805][ T3514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 104.507922][ T3514] Workqueue: phy9 ieee80211_csa_finalize_work [ 104.514013][ T3514] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.522692][ C1] ------------[ cut here ]------------ [ 104.522715][ C1] WARNING: CPU: 1 PID: 3514 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600 [ 104.522760][ C1] Modules linked in: [ 104.522777][ C1] CPU: 1 PID: 3514 Comm: kworker/u4:9 Not tainted syzkaller #0 [ 104.522799][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 104.522813][ C1] Workqueue: phy9 ieee80211_csa_finalize_work [ 104.522837][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 104.522870][ C1] Code: 24 4c 89 e7 e8 de 69 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 99 44 97 f7 0f 0b e9 f6 f7 ff ff e8 8d 44 97 f7 <0f> 0b e9 48 fb ff ff e8 81 44 97 f7 48 c7 c7 60 0f 24 8e 4c 89 e6 [ 104.522888][ C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246 [ 104.522909][ C1] RAX: ffffffff89ee4bb3 RBX: ffffffff89ee39b6 RCX: ffff88802e495a00 [ 104.522926][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.522940][ C1] RBP: 0000000000000000 R08: ffff88802e495a00 R09: 0000000000000003 [ 104.522955][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bbde3c0 [ 104.522975][ C1] R13: dffffc0000000000 R14: ffff88805bbde8b0 R15: ffff888020bfb824 [ 104.522992][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 104.523011][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.523026][ C1] CR2: 0000555581a50608 CR3: 0000000062b75000 CR4: 00000000003506e0 [ 104.523045][ C1] Call Trace: [ 104.523054][ C1] [ 104.523076][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 104.523118][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 104.523154][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 104.523198][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 104.523232][ C1] __iterate_interfaces+0x243/0x500 [ 104.523257][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 104.523283][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 104.523311][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 104.523337][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 104.523368][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 104.523395][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 104.523426][ C1] ? hw_scan_work+0xf40/0xf40 [ 104.523458][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 104.523480][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 104.523515][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 104.523542][ C1] handle_softirqs+0x280/0x820 [ 104.523567][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 104.523594][ C1] ? do_softirq+0x180/0x180 [ 104.523620][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 104.523649][ C1] __irq_exit_rcu+0xc7/0x190 [ 104.523670][ C1] ? irq_exit_rcu+0x20/0x20 [ 104.523700][ C1] irq_exit_rcu+0x9/0x20 [ 104.523718][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 104.523747][ C1] [ 104.523756][ C1] [ 104.523765][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 104.523787][ C1] RIP: 0010:console_flush_all+0x889/0xd00 [ 104.523813][ C1] Code: ed 01 00 00 e8 88 2a 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 79 2a 1b 00 eb 06 e8 72 2a 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 50 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f [ 104.523830][ C1] RSP: 0018:ffffc9000d4f7320 EFLAGS: 00000293 [ 104.523850][ C1] RAX: ffffffff816a65ce RBX: ffffc9000d4f74bf RCX: ffff88802e495a00 [ 104.523862][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.523873][ C1] RBP: ffffc9000d4f7490 R08: ffffffff90da7507 R09: 1ffffffff21b4ea0 [ 104.523888][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: ffffffff8d4b5d40 [ 104.523905][ C1] R13: 1ffffffff19792f8 R14: ffffffff8d4b5d98 R15: dffffc0000000000 [ 104.523930][ C1] ? console_flush_all+0x87e/0xd00 [ 104.523974][ C1] ? console_flush_all+0x10f/0xd00 [ 104.524012][ C1] ? is_console_locked+0x20/0x20 [ 104.524037][ C1] ? lock_chain_count+0x20/0x20 [ 104.524065][ C1] ? __down_trylock_console_sem+0xef/0x1e0 [ 104.524094][ C1] console_unlock+0xae/0x340 [ 104.524121][ C1] ? other_cpu_in_panic+0xf0/0xf0 [ 104.524147][ C1] ? console_unlock+0x2e3/0x340 [ 104.524181][ C1] vprintk_emit+0x477/0x600 [ 104.524208][ C1] ? printk_sprint+0x460/0x460 [ 104.524230][ C1] ? kthread_probe_data+0x103/0x160 [ 104.524261][ C1] ? vprintk_emit+0x521/0x600 [ 104.524284][ C1] ? copy_from_kernel_nofault_allowed+0xbd/0x130 [ 104.524314][ C1] ? copy_from_kernel_nofault+0x1d2/0x320 [ 104.524351][ C1] _printk+0xd0/0x110 [ 104.524372][ C1] ? set_worker_desc+0x1c0/0x1c0 [ 104.524394][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524426][ C1] ? load_image+0x3b0/0x3b0 [ 104.524445][ C1] ? _printk+0xd0/0x110 [ 104.524471][ C1] ? load_image+0x3b0/0x3b0 [ 104.524489][ C1] ? print_modules+0xfd/0x1f0 [ 104.524513][ C1] show_ip+0x30/0x40 [ 104.524541][ C1] show_iret_regs+0x1d/0x50 [ 104.524569][ C1] __show_regs+0x34/0x610 [ 104.524600][ C1] ? dump_stack_print_info+0xf5/0x150 [ 104.524628][ C1] show_regs+0x44/0x90 [ 104.524654][ C1] __warn+0x160/0x470 [ 104.524681][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524714][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524744][ C1] report_bug+0x2be/0x4f0 [ 104.524769][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524800][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524830][ C1] ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0 [ 104.524860][ C1] handle_bug+0xcf/0x120 [ 104.524886][ C1] exc_invalid_op+0x1a/0x50 [ 104.524912][ C1] asm_exc_invalid_op+0x1a/0x20 [ 104.524931][ C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.524961][ C1] Code: 48 89 df e8 7a ea e9 f7 e9 dc fc ff ff e8 70 9f 92 f7 eb 24 e8 69 9f 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 58 9f 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 4a 9f 92 f7 48 8b 7c 24 08 4c 8b 7c [ 104.524983][ C1] RSP: 0018:ffffc9000d4f79c0 EFLAGS: 00010293 [ 104.525003][ C1] RAX: ffffffff89f2ecee RBX: 0000000000000001 RCX: ffff88802e495a00 [ 104.525019][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 104.525032][ C1] RBP: dffffc0000000000 R08: ffff88805bbdd5af R09: 1ffff1100b77bab5 [ 104.525048][ C1] R10: dffffc0000000000 R11: ffffed100b77bab6 R12: 0000000000000001 [ 104.525064][ C1] R13: ffff88805bbde5d9 R14: ffff888079112c70 R15: ffff888079112ce8 [ 104.525088][ C1] ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0 [ 104.525139][ C1] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 104.525175][ C1] ieee80211_csa_finalize+0x59a/0xf00 [ 104.525197][ C1] ? mutex_lock_nested+0x20/0x20 [ 104.525227][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 104.525256][ C1] ? ieee80211_csa_finalize_work+0x140/0x140 [ 104.525278][ C1] ? read_lock_is_recursive+0x20/0x20 [ 104.525310][ C1] ieee80211_csa_finalize_work+0xf6/0x140 [ 104.525333][ C1] ? process_scheduled_works+0x957/0x15b0 [ 104.525359][ C1] process_scheduled_works+0xa45/0x15b0 [ 104.525413][ C1] ? assign_work+0x400/0x400 [ 104.525445][ C1] ? assign_work+0x39e/0x400 [ 104.525476][ C1] worker_thread+0xa55/0xfc0 [ 104.525502][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 104.525524][ C1] ? _raw_spin_unlock+0x40/0x40 [ 104.525542][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 104.525584][ C1] kthread+0x2fa/0x390 [ 104.525603][ C1] ? pr_cont_work+0x560/0x560 [ 104.525629][ C1] ? kthread_blkcg+0xd0/0xd0 [ 104.525649][ C1] ret_from_fork+0x48/0x80 [ 104.525673][ C1] ? kthread_blkcg+0xd0/0xd0 [ 104.525694][ C1] ret_from_fork_asm+0x11/0x20 [ 104.525736][ C1] [ 104.525747][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 104.525757][ C1] CPU: 1 PID: 3514 Comm: kworker/u4:9 Not tainted syzkaller #0 [ 104.525776][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 104.525786][ C1] Workqueue: phy9 ieee80211_csa_finalize_work [ 104.525805][ C1] Call Trace: [ 104.525812][ C1] [ 104.525818][ C1] dump_stack_lvl+0x16c/0x230 [ 104.525845][ C1] ? show_regs_print_info+0x20/0x20 [ 104.525868][ C1] ? load_image+0x3b0/0x3b0 [ 104.525900][ C1] panic+0x2c0/0x710 [ 104.525932][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 104.525973][ C1] ? ret_from_fork_asm+0x11/0x20 [ 104.526004][ C1] __warn+0x2e0/0x470 [ 104.526029][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526061][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526089][ C1] report_bug+0x2be/0x4f0 [ 104.526112][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526142][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526170][ C1] ? __ieee80211_beacon_get+0x1235/0x1600 [ 104.526199][ C1] handle_bug+0xcf/0x120 [ 104.526223][ C1] exc_invalid_op+0x1a/0x50 [ 104.526246][ C1] asm_exc_invalid_op+0x1a/0x20 [ 104.526263][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 104.526292][ C1] Code: 24 4c 89 e7 e8 de 69 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 99 44 97 f7 0f 0b e9 f6 f7 ff ff e8 8d 44 97 f7 <0f> 0b e9 48 fb ff ff e8 81 44 97 f7 48 c7 c7 60 0f 24 8e 4c 89 e6 [ 104.526307][ C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246 [ 104.526323][ C1] RAX: ffffffff89ee4bb3 RBX: ffffffff89ee39b6 RCX: ffff88802e495a00 [ 104.526338][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.526349][ C1] RBP: 0000000000000000 R08: ffff88802e495a00 R09: 0000000000000003 [ 104.526362][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bbde3c0 [ 104.526374][ C1] R13: dffffc0000000000 R14: ffff88805bbde8b0 R15: ffff888020bfb824 [ 104.526393][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 104.526423][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526458][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 104.526488][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 104.526526][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 104.526559][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 104.526601][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 104.526631][ C1] __iterate_interfaces+0x243/0x500 [ 104.526653][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 104.526677][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 104.526703][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 104.526726][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 104.526755][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 104.526780][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 104.526807][ C1] ? hw_scan_work+0xf40/0xf40 [ 104.526837][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 104.526857][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 104.526889][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 104.526914][ C1] handle_softirqs+0x280/0x820 [ 104.526937][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 104.526961][ C1] ? do_softirq+0x180/0x180 [ 104.526990][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 104.527017][ C1] __irq_exit_rcu+0xc7/0x190 [ 104.527036][ C1] ? irq_exit_rcu+0x20/0x20 [ 104.527063][ C1] irq_exit_rcu+0x9/0x20 [ 104.527079][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 104.527106][ C1] [ 104.527112][ C1] [ 104.527120][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 104.527139][ C1] RIP: 0010:console_flush_all+0x889/0xd00 [ 104.527162][ C1] Code: ed 01 00 00 e8 88 2a 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 79 2a 1b 00 eb 06 e8 72 2a 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 50 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f [ 104.527176][ C1] RSP: 0018:ffffc9000d4f7320 EFLAGS: 00000293 [ 104.527192][ C1] RAX: ffffffff816a65ce RBX: ffffc9000d4f74bf RCX: ffff88802e495a00 [ 104.527206][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.527218][ C1] RBP: ffffc9000d4f7490 R08: ffffffff90da7507 R09: 1ffffffff21b4ea0 [ 104.527232][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: ffffffff8d4b5d40 [ 104.527247][ C1] R13: 1ffffffff19792f8 R14: ffffffff8d4b5d98 R15: dffffc0000000000 [ 104.527269][ C1] ? console_flush_all+0x87e/0xd00 [ 104.527302][ C1] ? console_flush_all+0x10f/0xd00 [ 104.527338][ C1] ? is_console_locked+0x20/0x20 [ 104.527361][ C1] ? lock_chain_count+0x20/0x20 [ 104.527385][ C1] ? __down_trylock_console_sem+0xef/0x1e0 [ 104.527413][ C1] console_unlock+0xae/0x340 [ 104.527438][ C1] ? other_cpu_in_panic+0xf0/0xf0 [ 104.527461][ C1] ? console_unlock+0x2e3/0x340 [ 104.527496][ C1] vprintk_emit+0x477/0x600 [ 104.527518][ C1] ? printk_sprint+0x460/0x460 [ 104.527535][ C1] ? kthread_probe_data+0x103/0x160 [ 104.527562][ C1] ? vprintk_emit+0x521/0x600 [ 104.527582][ C1] ? copy_from_kernel_nofault_allowed+0xbd/0x130 [ 104.527610][ C1] ? copy_from_kernel_nofault+0x1d2/0x320 [ 104.527644][ C1] _printk+0xd0/0x110 [ 104.527662][ C1] ? set_worker_desc+0x1c0/0x1c0 [ 104.527682][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.527712][ C1] ? load_image+0x3b0/0x3b0 [ 104.527728][ C1] ? _printk+0xd0/0x110 [ 104.527751][ C1] ? load_image+0x3b0/0x3b0 [ 104.527768][ C1] ? print_modules+0xfd/0x1f0 [ 104.527790][ C1] show_ip+0x30/0x40 [ 104.527815][ C1] show_iret_regs+0x1d/0x50 [ 104.527841][ C1] __show_regs+0x34/0x610 [ 104.527869][ C1] ? dump_stack_print_info+0xf5/0x150 [ 104.527896][ C1] show_regs+0x44/0x90 [ 104.527919][ C1] __warn+0x160/0x470 [ 104.527944][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.527979][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.528008][ C1] report_bug+0x2be/0x4f0 [ 104.528030][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.528059][ C1] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.528088][ C1] ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0 [ 104.528116][ C1] handle_bug+0xcf/0x120 [ 104.528139][ C1] exc_invalid_op+0x1a/0x50 [ 104.528163][ C1] asm_exc_invalid_op+0x1a/0x20 [ 104.528179][ C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 104.528208][ C1] Code: 48 89 df e8 7a ea e9 f7 e9 dc fc ff ff e8 70 9f 92 f7 eb 24 e8 69 9f 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 58 9f 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 4a 9f 92 f7 48 8b 7c 24 08 4c 8b 7c [ 104.528223][ C1] RSP: 0018:ffffc9000d4f79c0 EFLAGS: 00010293 [ 104.528239][ C1] RAX: ffffffff89f2ecee RBX: 0000000000000001 RCX: ffff88802e495a00 [ 104.528253][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 104.528264][ C1] RBP: dffffc0000000000 R08: ffff88805bbdd5af R09: 1ffff1100b77bab5 [ 104.528278][ C1] R10: dffffc0000000000 R11: ffffed100b77bab6 R12: 0000000000000001 [ 104.528292][ C1] R13: ffff88805bbde5d9 R14: ffff888079112c70 R15: ffff888079112ce8 [ 104.528314][ C1] ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0 [ 104.528362][ C1] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 104.528396][ C1] ieee80211_csa_finalize+0x59a/0xf00 [ 104.528415][ C1] ? mutex_lock_nested+0x20/0x20 [ 104.528442][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 104.528469][ C1] ? ieee80211_csa_finalize_work+0x140/0x140 [ 104.528489][ C1] ? read_lock_is_recursive+0x20/0x20 [ 104.528519][ C1] ieee80211_csa_finalize_work+0xf6/0x140 [ 104.528539][ C1] ? process_scheduled_works+0x957/0x15b0 [ 104.528563][ C1] process_scheduled_works+0xa45/0x15b0 [ 104.528614][ C1] ? assign_work+0x400/0x400 [ 104.528643][ C1] ? assign_work+0x39e/0x400 [ 104.528671][ C1] worker_thread+0xa55/0xfc0 [ 104.528695][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 104.528714][ C1] ? _raw_spin_unlock+0x40/0x40 [ 104.528730][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 104.528769][ C1] kthread+0x2fa/0x390 [ 104.528786][ C1] ? pr_cont_work+0x560/0x560 [ 104.528809][ C1] ? kthread_blkcg+0xd0/0xd0 [ 104.528827][ C1] ret_from_fork+0x48/0x80 [ 104.528848][ C1] ? kthread_blkcg+0xd0/0xd0 [ 104.528867][ C1] ret_from_fork_asm+0x11/0x20 [ 104.528907][ C1] [ 104.529113][ C1] Kernel Offset: disabled