last executing test programs: 2m22.481970507s ago: executing program 5 (id=123): openat$tun(0xffffffffffffff9c, 0x0, 0xc8400, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() syz_open_dev$hidraw(&(0x7f0000000400), 0xfffffffffffffffa, 0x321000) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = syz_open_dev$media(&(0x7f0000000680), 0x8, 0x8000) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) mknod$loop(0x0, 0xe050, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa27aaaaaaaaaa2808060001080006040001aaaaaaaaaa1aac1414bbaaaaaaaaaa"], 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b04000000000000000002000000440004802c0001800b0001006e756d67656e00001c000280080002400000000208000340000000000800014000000015140001800b00010072656a6563740000040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a37fdfa481c3f1076b3237c5e91a9030ea0969c6d62d160764be23697b19a79e6d8462ebe460d1434c2ddc77bfc0299767067bcefe5e5ab09a895c1270fa9a868c68960aca187c0585e4c0bccea93b98fa6a5895858a59fd3c5075aececf597b6b3152b88af3ecee1579c26311988158249dfa2151936f79cf3476949156927346f653eafcff215151d637e03ff5fef190d1b50a31d58c9f98b36b737ba4b0d9c2e4a44785f12d289b717"], 0x98}}, 0x0) 2m22.202220735s ago: executing program 5 (id=126): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) socket$rxrpc(0x21, 0x2, 0xa) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendmmsg$inet6(r1, &(0x7f0000003640)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="af", 0x1}], 0x1}}], 0x1, 0x4040005) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48) listen(r0, 0x1ad72f7) accept4(r0, 0x0, 0x0, 0x80000) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000600)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) r4 = accept4$netrom(r0, 0x0, 0x0, 0x80000) writev(r4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000080)="ecd4068d764de36b469f30a42d6f1a86b8da9a5341e7bab6cc77cf1d503cc8de4d5f", 0x22}, {&(0x7f0000000100)="789f631aec731f4176fe62a9b696fee65a738c419307f37f22fdae9144e31816475c5a03464df268ca", 0x29}, {0x0}], 0x7) 2m20.595546326s ago: executing program 5 (id=132): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0}) 2m19.870171353s ago: executing program 5 (id=137): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400}) close(r0) 2m19.457959858s ago: executing program 5 (id=140): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000380)='asymmetric\x00', &(0x7f00000002c0)=@keyring) 2m19.136508362s ago: executing program 5 (id=144): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 2m3.964975535s ago: executing program 32 (id=144): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 15.689758645s ago: executing program 6 (id=606): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d}) r4 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xe39}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e27, 0x2000001, @dev={0xfe, 0x80, '\x00', 0x12}, 0xffffffff}, @in6={0xa, 0x4e21, 0x3, @remote, 0x5}], 0x38) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) dup3(r6, r5, 0x0) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000915000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x20000012) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) 13.375349894s ago: executing program 2 (id=613): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) munlock(&(0x7f00002a4000/0x2000)=nil, 0x2000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(0xffffffffffffffff) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0xfffffffc, @empty, 0x2}, 0x1c) listen(0xffffffffffffffff, 0x9) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003140)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01002cbd7000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) 12.869839017s ago: executing program 2 (id=615): unshare(0x24040000) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301) socket$key(0xf, 0x3, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0xffffff80, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r2, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e20, @empty}}}, 0x108) setsockopt$inet_group_source_req(r2, 0x0, 0x2c, &(0x7f0000000000)={0x2, {{0x2, 0x4e26, @multicast2}}, {{0x2, 0x2, @dev={0xac, 0x14, 0x14, 0x37}}}}, 0x108) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r3 = signalfd(r2, &(0x7f00000002c0), 0x8) listen(r3, 0x9) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=") 12.087898693s ago: executing program 0 (id=621): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x2, {0x3}}, 0x18) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, r2, 0x800, 0x70bd2c, 0x25dfdbfd}, 0x14}}, 0x10) 11.495182381s ago: executing program 2 (id=622): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000080)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c) 11.077178872s ago: executing program 1 (id=624): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000280)=0x14) read(r3, &(0x7f00000019c0)=""/4097, 0x1001) 11.021810471s ago: executing program 2 (id=625): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0) r3 = socket$inet6(0xa, 0x80003, 0x6) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@remote, @in6=@loopback, 0x4e21, 0x0, 0x3, 0x0, 0xa}, {0x0, 0x0, 0x1, 0x8, 0x400000}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x1a}, 0x0, 0x3, 0x1, 0x7}}, 0xe4) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x1, 0x0, 0x0, 'queue1\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000180)={0x37, @time={0xf, 0x2}, 0x0, {0x0, 0x20}}) socket$inet6_tcp(0xa, 0x1, 0x0) 10.850291949s ago: executing program 0 (id=626): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x500, 0x0, 0x0, 0x0, 0x0, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) socket$inet(0x2, 0x4, 0x2) close_range(r1, 0xffffffffffffffff, 0x3e00000000000000) 10.606438675s ago: executing program 3 (id=627): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x1, 0x5001) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setregid(0xffffffffffffffff, 0x0) setuid(0xee01) writev(0xffffffffffffffff, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0xd4, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c}) socket(0x2, 0x80805, 0x0) openat$snapshot(0xffffff9c, &(0x7f00000003c0), 0x80800, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) listen(r3, 0x1) 10.347557403s ago: executing program 1 (id=628): r0 = getpid() syz_pidfd_open(r0, 0x0) r1 = syz_open_dev$dri(0x0, 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r2, r3], 0x2, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x30002, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}, 0x0, 0x0, 0xff}, 0x20) r7 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') read$midi(r7, &(0x7f0000000380)=""/62, 0x3e) 8.686250099s ago: executing program 3 (id=630): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0b0400000000000000000200000050000480240001800b000100736f636b65740000140002800800024000000003080001400000000228000180080001006e6174001c000280080005400000000308000140000000000800024000d066020900010073797a30000000000900020073797a"], 0xa4}}, 0x0) 8.345754626s ago: executing program 6 (id=631): r0 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1", 0x7, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, 0x0, 0x0, 0x10102, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000001000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800) r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee1, 0x0, 0x0, 0x229}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r4, 0x5361, 0xfffffffd, 0x2, 0x0, 0x0) 8.262921101s ago: executing program 0 (id=632): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") futex(0x0, 0x3, 0x2, &(0x7f0000fd7ff0), 0x0, 0xfffffffd) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) 8.159517543s ago: executing program 3 (id=633): socket(0x1d, 0x1, 0x9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) connect$inet(0xffffffffffffffff, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) sendmsg$nl_route_sched(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r6, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0) mknod$loop(0x0, 0x0, 0x1) syz_io_uring_setup(0x110b, &(0x7f0000000380)={0x0, 0xe883, 0x4000, 0x1, 0xbb}, &(0x7f00000000c0), &(0x7f0000000280)) r7 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x7c, r8, 0x0}) ioctl$DRM_IOCTL_MODE_DIRTYFB(r7, 0xc01864b1, &(0x7f0000000040)={r9, 0x2, 0xfae, 0x1, &(0x7f0000000000)=[{0x4, 0x34, 0xf6c, 0x201}]}) 6.972476932s ago: executing program 6 (id=634): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r2 = socket$netlink(0x10, 0x3, 0x14) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18) syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001f40)=ANY=[@ANYBLOB="1000000004"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r4, 0x0, &(0x7f0000000000), 0x2}, 0x20) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x26}}, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) 6.467250864s ago: executing program 3 (id=636): mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x10b441, 0x0) rmdir(&(0x7f0000000380)='./file0/../file0\x00') 6.36995744s ago: executing program 0 (id=637): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @sack_perm, @timestamp, @mss={0x2, 0x1}, @sack_perm], 0x51) sendto$inet(r0, &(0x7f0000000780)="1ede55", 0x3, 0x4008041, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) shutdown(r0, 0x1) 5.550854408s ago: executing program 4 (id=639): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00') 5.462637055s ago: executing program 0 (id=640): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) syz_fuse_handle_req(r0, &(0x7f0000002100)="6be00ff09321e32a7e0f1d45fb750f1ec1e15be572a7d646754b1e1cea02c1a06d0d9b86514e6d2afce29df5f1c8c9d7fe087f7116a341c9cbd7e536063d42367f79ccea05e0fcf72d19ca8c65612a23cc447ab5982f306298cdfc40a20a86edfb26c58e1491cae8751acfc1a22867f2c866f123215209101ec37c2734d97fb4612d3fcefd3a3c824ace75498471f1e35363631e29cc05b89e0f7c26948edbe418596cbc3c686d37d24c4e049f35e99d6b6de3470b342a4fd59bf1012aa8d0238f32d7f7702e0c293dcf71b3d4b2dc6c6527b070c12a5ae65027998d74526c4ad93283708c59afc157dd299b378f85e159970e6d3a248022714873dd40b54f4418012650d564b568730769a5f27fd458d5f535672fddbd105e2423a85bfdfda463d3cd154ea1185276b3c400ccc39953ef1af942faeff3095d9cdd9bc03374408464d4f85ab3c1fd2965b5e0fbd95a396baf089d5792b3ecc98c536c19b4d3cdf8cb499072f3491f0cf76b5f42ea959c5366ab26f2b7e2539e999d41d6bc583ba13a3f59fc4d3b37eb96374ffc22d53e79198778092656323188c7a052e0d9587a6b80cafa69a0ad770d514e5c9edc0b8556732c04549cc9f4d14299e75514d80b6e026a0f8daea3ff396aff507f89bf2ca4c48d0413f6a37c8ef193dbe07ab52e7487f4e115caa83153f729d4659f51e27939429c41a5e5152eb48e109e81baa49ebf076bb13ebdd031a0c077b18c0db18a085d5b3262cb50649b4e8fecf6b306a0430a8f89e2ff7fda3ca48fb8e2b1aad0999072f20c98466cc868970e53d6860b8fc76fa3b40eb40ab92863469346d5a6860c0297dfa94d908f1168ba2ac5197a9f9cbf3abc32fce7d14ee228d395ae53b1bc374939be6b2a135661048a02aaeeedfc755fe1df353b8e8e0aa093574321ab55fc3d16060ed0cd3e8c3f5954b745048d58061e834cfb142d027c03a69df52118f92acc387a734df458e28cd8324ae588bdcf3c12e4c492e4c14e47dc3efc9123bc189dcc677b619fd8cf34ebed6b73c2c740964072f1d87505ccc4ce189293b0c1e6cd68b8ad7a8cb8b049b8aa4f3675ab09787732643353c4f93cec2787e5ca3b96011459c133cb6947d51c408981798b675b9f9bc2186f016b585bdbb6100434e97033261967b1f6fc02bbe32e4125e922b364757008fff71df0ac6e9479caebefc5255727e8f9deb38bac48fcf65b70b7ff53b1b73682903d1300ba4fe2cf7a7c4b1a561f902d4bdfcc37697c68ff5e4f9bb0722f2be019fa57791da330e8ec69683e7b12d64ec27fe017bb18190609be3a406cc4b1c818e778c404c0e35b1f0cf2e8109f672ee2d649fb71e686930c434ad92fe5d290deed7fdf3fdd71d7409f23daab810569a01a8ae9167e558e71f84f88639ecb5ec1ae0eae0474e37ce81d73c7c93a912a56de243e39995c8d1a6194457509fbd62b94bcce0f1e7b3aca47d36c4874fd1aa8d8d1475a2af2f457ea39004dc3c1834bf20701c00416858c810bd72e8c55f4507c2187d062abf119fe91a1871e423c16964de5351c70dd668f08c99329fe189d78d7944a2e9ce47b2aad9657f8e860ab6bc03c365059528dd28350b84c06c56e87f019a0fe5a71595c7ccbf493c41fe52e907708020cdaf26be8e21d3a97c2ef6dd1de85ac6a9f8ba0771d48353b399555c5b6be41241c9de86888d0fcd5198343ad913fa35da296dc3eeecfe2ee4a56b56bf84e23a3bddc4601b504433b339468f029cd2dd9e637217e5816391010093471cd0ac2d352cb88ff5e5930dd589d1b03c5f408023c8207a1bfc2de6794a65985c1345ab256b8e7990fb8c3fe54b9b76dee19f4a7380a0659b730db58bf69efb51044eb4eaf0df5b7a07baf629a537fdef46c33c6dec622c27dc806025bc0144a3a1a64136cd8e7674a4e01aafaec604ef8356b921be7df063a2ec67dc312d964ff1c30f8d77b7c3e06588ac351a8818701c5b7c9e4b9e9721e12d0bc0731c7e2ccd0b1028e5ac990a3e45c44ba1ce8ea73a54927f6fda6cf5e52253a8ee0df194073fe76568f51c6cf45312f1aec20010db2b59d95d39c3b1a40067e6657964368e12173d71fe2f7950e5f0f3a2923ecd474b623010d77f674e52f23552eece20dccfe15c64fa05ffa6bec88d28fea4b2de624c8dd1106c86b220af9f53f15e00785d764224975efb15f290c4a6af055f7a8baeebe9903c0c9f48b53dc423997adcb8acbe7d82de105383644f9d9f3d8cc8f9a79bfa75c7e1a3f470d2448612ee26950b0affc39e98bb75a30583ae55383d376f22dce6c2cdc544ad8d68fa82e5d16b0a65c63ba4c4fae2ce1269ce321be2a0f2550c2b47c8cca190d0e44af824705dc3d5565c4c0a1ab68c50d83534fb32e7ba31c8dec6a17c127985a516ace1f9016278e85056f6288513ed706b873646e0fe3f1803ce71dc72d91da85ad5d385e0b072b6857ecf36746cceced48b0e4663b92cc349baeec28d27ff568ba9bf4d68191166cf65a13af7cf213c2ffca68b9379ea167c7bda82fa7261e2754a00a6f0b4065c57a8f9868f8247d39eca71faae27afbff8864bf934e746300d5e9a31a4b78ca059bb9c40d30bfe745336264daa57002085686f73f48474e2d4bc1e38e62ed4547a6bbd74b1d9fab3f4b2622eb6c8d32b79ef9ab691fefd7b1bfa787de85ccaa14687be5a0529f928dfd974752bde8b063bc717d2a07eb4a1651f465aa78be32457955f83b2cb4608e22a4ef7bccba0378274289a7adc38521cd8d691741e87b03f536b9196c2284baa062038a22320e6d8c3f9e29051450b16bb7909566e75e6ebe423fa88b7f395c0dae22f027efc014db76ffc4244dfeb4d014809569caed95c43f92486c8d9cde522d403efe788fbc3b54ac39e90bd2f2dc3f3d66308d2df22d9602da5ec2133f296252bf0da014020194cf9ee65e7b137c5488401eba99def61e721fa3889d86ecaa5d5a3e4c8642fc0f9ef43186edd427402f63f06bbfa26850f2e4c71bd6387978a8085740fe4b1012dde14413dfc12052acf9508fd6a8a64f59d5756a59c806b64f42cc4466aed5327071f32fe2cb24aa62d21da4c1de44c2aab46f01c53eef1d83002437668fc494953f4951fcc1bc050e402b7cb73d61b3fae4d806fe6b745160df0a6fb6e830d18b04f142b22de9fe78b4307f95c9badbeeca0a2cb134d229e19fbab6a913ea4a0c59b59ac4e9de55b4fe2d7d5585d57c21678931d151038442fc388557da00dc01bae0c7df06ac72be56668cfd942c9edcfe77c1128a6640ad4d4a210d69d94b5e306b3848c09c61c05ec638096ceff5fc156bd34cc3c461bbc4d3eaee358ce246459f98f15821e181dfec54b87c9c10bf1ae64449ed9e90fa660191d38760117f9a0ae6422ad983e8b348bc0579dba87ad505c24ccb683ffd8f734b8e5f0c65e3a749d86a2fb1aad19abb96490167993fa130db74152d8984084220ad17653c01f3fbbd2e1000d3ace6ed697f0d4a9bdfb2dff49148e8def07acd5e3355370d1c19d3afb7bd12fc30e6acb4841f641672dda483d0afc53150369ce1e2523b3706f5b65542032838d45a5dedfc2369e385390d1628e78dced081b931f67dc75e23cf2b0f529fde6c9c84e4b3894c11b9f56ddc65827f68b0fde08875fa8ad3cac7e212c7727d41f6d51434a890ccac19f3e9b0a594556fbf51e84e874de4e2eeba206369871dd844f6248ec180b3741f2ab3d23b76448562207f577b10f4d14949a926b837252cdcf62af32e83001d63ebde5c1d266c8d2b43f5545dbf070eaa47613481d6c920f1801b490d2a847d7e85872fe75f56d90f050fe741d94511058d71271daf9c565ced757402c315685820c80ed1f6a889a8db0326ecb58f1f287d24c5beb5b19b94d8400aa406daa591e292832c78be74613ffc2a12635951d487650c864ef55927036edb5ec02614e5eb75f67b933220ac39f891c37cc0b7fe23ce8b0ad8e5ec9c0efbfd706f5730c142fbd5297ac7f03f4ca6f49b9cba1e9cbee6b08e936c7ee1642e5f1e3eb566c294d10fc4fb45a7239590cbdebb7a16b972a983748e73aa23be7f66a30c22610456445234bb8ba11b412eaae69b808f76d90b7bb14223b644b8860c550f3c92ae47c06a38429d66da2a414c01985d4b7c935717a4dec2cd4e89092d5dc9aefd0ac0b23481459a2adcb654063743b667c3c3241f203f81385aeef164a0be7655d02074b6710b4e2c50c3ee0747892327e8f22aaf51fccf2b715b24c02c6690389afe83e6128a1ef199234c8c9803124089382c6bed5b296945fcfa937313caf39176b741809c7c7fde30468e8875266315d9e733258b9305cd92276211d0c75c97b103c31c52c0c4dd17dc5931c5a7644ddb15ab8de78cc32125f85b78ba00d09079626a813e589dce18010f427079ec6cb74a2752c7247e7b7df37dc701245e9cf37fbfac5b1c427ba477b15c21d48084d38253a4d49af73d9f25e23333ac3a84e4b671fd31abd4b32441fb07dfe30659915a88ddb684933bee5ee9dccd45763f6544fdacfa4d821f36d7907a42ab9db72b231cbc9e1ddf2000441586eab8d59277955f9665c5e358da456d759490bf9f79462ced96372b237ab61d8b48a78612c64f48d5bd89fb6e67b0818033743b7ffb3305bcdbab0f71b46d5ab61d8190c5106813ca4435386e55e43c6cb925cf81039ed5f11df2d96c53a448519ede7e83dee8b82acd143ce0d1b91318a0f0efdabb77c178cdee559c1d2181600b6b3847e05f41234c5bee021d4f0bbed10cd557f686e8b9769780a13df35fd069855fd8e2aec5bb84e8d0b7740fb7fa88b823826b7e8a979148b95177a2e720b45296c280a9abce6bc5d943e394c07eed5148f86a94450569af8c38e184603abc46a59b2ba01e84225da828ccb93ca557e4ffe9e8e8b98c1fa471409f9d7b9d9da4b0f4fb7d58d7474039204faa2ab1067a2eaf9df247a2ba1b099cdfe79a7db1273e0660e37f6e8afc125564c6b8b5e893231a6addf326988bd78578950e4b2f317ffb322fb44a570587c6c6baa59d6d844454e92f89534c7d902760b984fae30ff5eff5b90fe03f49429c5a5becd275c5c670ae8d39b5faf986970492e579a8d98aed5da2894c96bf8779e9aaba84724bf471734b4d9d4db6a0ebfcb1c31f88c59d4b0f38078435f575b0e7cc7cd5f6cc9a39bf16d3514e89b562ded72187c1e550d4852e9bdc585525d02ed1d3adc819a072d82c37935b2fe6ff3c3f0c7b7fbee2c25ad515835d067ea53af1c6d0b4a9b35de653f2e5a8a1d9261c49813ecab580f368a79515a8621f16b750fa9d711d2884764e222c723e7dd94532de5d5d40fe12660fef784d8ecf2ededbef7a61b881cf61e8c035f31d3801b34ea385fb5fd3895e6789ed741aab0e5d091050f7cde8aa1f4feb53683626870adc4190554316bcea49c6ee182fd66a6ccd2e198ba2ae6f3621a6a6186a6cbd5378e6347afbd88cbff663f73ff568ed47861219eee3598520625f64f7a6303be64361d705021104d9871592d28524f5cf391e7d445746a0e9e42924760e62c955301e1ab3744f79217841a1668a6a871bf2efc278b0bf0b4b46a769caadf243f1af31df19006080d11a4f84ee4932034f48fdde875415d949438e8c1bdea8bb9899c230561482960cac0e77ce78584e35d3430af7ed37ec71f33f265d62b397b99f71aeef08e0a92e221d8ef14c82616d06b1ccafa63969a7ab145928d9c7b1b23e16acc00754ac707f6ce3939b4604baf0f3fa69fa48bb7218f3a992e65a4aabd8a6adf4a7c1e32877273393a1567632348d480a84f3b4ae31eb810a22ccb652064be040c9a90e52b59031a22abfd1840b2ecec89d16426ab31dfb83177ae08255d1424a6ddf8bb5d5adb66a7e6cf7f68be0ce5b4a56fa3463da621062ac85af5334018c3a473c5af9c5686eb9abbd24420293df7ae5fd075b2d3b9aec226e1a016c989b029d1daed5933d285227dbedab33a32b0d71d4cb1fb79c3a8e342fb4126785a3259f241150c7c381918f8f88146fb8fcf14d42ace0fd5c0084db3726575b04ef47c2bd1a0ccf977c8232e1688d4d39c88f7ab8d565b578bed84bbfa17982308a9269933ebd2f7260a67e01a3790fca5673643aff626514846dc1634e3c2fbdb0eaedb163072d9c0bb2fc129aa57618ca1d2b37324aa49972117b9ca81092eb89089659c39eaa380fd950aa914181ac98c1990af713eb834fdb2b731f2791292e9b2774aaf3a091152e25d7ea92a6c80f3217fedba12816ec910677d3381b361272074143fb51f391e6cd1953dd6cbfa33ba97e5d019fddd3da76fe350b767c8eb706a5f46a536c3103da6af42c1a5a7cf488be7f0d3a8ae4598d0d1f4f8339a63c124a5ce1b18a225f840368d390acddeac589093a753ed2e45ae4bfa62f222d4c6a6fbaee8163e76a0bf6291619d3b4af530d03c1769a456ec52491996c6739290f4cd325e9a3c1f0db9b079e5809859f6bb2d6cc494a500862179b65aa65ded80971e60dd9338dddbbf736924626aae8d65fa4a32e8affbf49b5b20c546520aac759594fd996e5f573e8a359dc4192c2723e05d7f8d212d78a03e9a7ee41b3ed6d098964f77e1e96e0e6641222fa247757998d9e9d33787079d1b0913f9b6fd0163f7603d4bbb7430738ab618026ba0526b5722f7c5b155e9c20209ebdac884d4afc34ee32420892acfa0a63d93e1aa4fa71581166d783abe45cbfc66f65c75b803d932dc3a40851508499001dde84fd3646ae3743c1edcfe433579cd41ce625262082cea3e4f87ea17f26c2390e9c134972cbe8291c500ad925f896aeb4d652cc01e397ff9eec6c4ab3d0c43c9774abfddb6b8ac12432f61f90ad6f24fc2f24c47d039e90cbdbdf97ea2c0b1ea6562c1ab651e46adab86814e14e9196366e6da5f16c743baa0d31a1b14200451df59b639dbf0ec8976e31b41462268a66d3fb55b0fb344a587890d92d7df87244b517276d6cef787cecdff92e2293d0d2e51228bba0ba3ba9e57483147727a90ab99b07498a1a9c46cd32e0af493e4c092e515ee9541c678c3566092e62a14a566e225741102071811d3306cb229b8c08da4119a565f9a37c06a983ceef668e7e97df595bdfbb43b0350fc823bcb53630508b3e7a42ff2ad5a8bbe83811c35b78578fa4842122ac76be6e7cd68a9d3ec8c6a3b83edc1f545a1f2a74ce5212f02ba85e104c0e1d21e4f77a7a6a0253fee2d486f65abc1d15e483b7fa87633e1c02e6f5aecdb779dd63af36c457905b2d4bf2c19cd4a4d2475245c45f3ef767654be5c17aa9b3e20f8019d356324baf677e4604e736c2a8b289874accbcb2ba300f063fae2c7d447f9a60daa87592275e501cbe880e7b46230659a7d62fc069ba7bbbbb71cd5ece453a692e2a3620cc8ccab581f4619963b1823c401b84092580dfcba08f63c14cef7963bf6af2d550e2fd43dc2ce1a5079e9018fe1a6ade4496b17f31dba644022c1bec7f7a345f2f02fe4eae1fcf5fb377fbf33c4774843cdbf1357741b0a9be5b403345db08d6ce70e4c5a18cd8725364b4096b69863964dc596cc115105043f6d80603873494c177b886299ca479d1c12a3547ff136a203282df0bcda49100de02b368ea5124385a03280d15319c5a5dd5e150b6eb19c969ca5f3c3368bdceef985c1ee957d5a61b3b9eb1c25e40b280fcec638726f78747dc2944e052c184cde480a6db7a2cd7b75f34cabcb2ca0e105b7af8c5d480b1cdb47d3675daf2e621db6e6e8924c157a028e860adde429979536c0ae06d3665e98166181eb47061fb20b4f0547daa938c54db21518a980ca5670a3dede7eb479497156b4998d11e838b6f112d3dfeae167bc3a8ed7c617fac11907094f25b0939bb9956f7aaeafbfa452ed4ec91b2d1450a43946096cd104a90a73d733da92125de061de39cf8e3d582e80f368b22c66cb69b86677a0af3bffc828ad1769a223f0f98e0857b60bc82f739fd6bbbc9a150830e1e850fa3bbd587bd9ca0fc157fb0b292cc91365348d01c435e2641885891306e177a108712290ec2d1ed3c6ac6d1c49aaffed07b6196787667cd8a7af66a1b631f9e9c6fd668509b7a2e3fb848d99e54e298742ca771bf913e50552faefdc0761a0b1aac3a38669fcead818c26a385ea630960c151199226c23d2b1c9ee42f864d4fe05d22eb826a80ad0738daa292938a4dcfcf18a60642b2b27f0e4998b0569e79c5dff424dd324641eea7b929d13735754b4ba6ba1540bba6b4bee8d3ee3c8eb8900e9c7e36854958f5b632b111abd2f722e2bc8aae4f112f488d8c1e68ba32fe88a39773ed81027a14cfb877ece8772dab7d360fab7cfdbe31a69d218ebdb7b0e42fd8b775348171f0f8a59386fa4fce2fcefefc09cc99a477cb856376541ea5048ab8fdda87ace560a565b2fef28327ca537eea30114a0581fee17e58ed375377a23d8ccbbf757a38aaac794a2630c42f9d4ed91cb886cb5277134b02ab691434ce897c5310472a691f99785cfda982c8e99bd2958589258228a7624137acc14a13414d06f6aee835b3637a0e7367a010652a076b2945fbdadeef39d65d503c18dddf7320fe07873331dcfd16e7cc786cac00d0934cbc6b024547e11132e413b7e5c4f926202128dd1aa76a39065a4228f109bc3327dac7028843868c32fc5d902e882494eb3cf81a90212434d404cbcfa72722e3ffae4079c2e6333a94d5f38e2a2948a01c10ef1a3adf58bae5b5629be02a1de64a201223c23eafd61a5be59c40188fa3463fd64e98f0646a9338bb9ee85f3ae5eabe370727121b4d8559fd32be127a6dbae3c1a0a43ef1173973b3b3332434c6c92b3144d9fb308768ac4067eb72d597b85882e0d228c6dece3da0677d9fa6c0b13788b3c2b0c9e67377ba0ada12aa956672c58f48fa6cfdf0357d3cacaabac46dc438632b1e7edd2e120310e7cd7aa2e55884b422b88e8eb9f5c468c04f9f045f4e5db6e12e9d7330f3e625a7e4676f61f93ef729e8cdcc743c44d409ff5720e85d4d447cfed7f187563ba04add8b27b4d5e1ffdd2bd61a167fcb2da8d58e67479ebc076329d27bd24ecaabc4cb05552a409ce732ecb86a6f0a213e35e53f895bc3c4ae020ece95499d4670375f61a32fa215c956734f5aa8127ec859cac7dfb5768864dbb7591f9d91c05e365c4dbbe864d207bf9eff04c4b3047b68cebef76a7915673dc5ccafceea57e38beb9a69473a1b2ae96c812ad737db0f66e87ca2305dcf4d66369e1afd74412a207a7a2d6d97982e1874afbb6a9b420d88c542bcdf6cf3c471c7535a3444ad20793876793ae8fce30fa468a50ef241a15ec0ea3229b1aafcc76eba39f8cd2a93f23ca2b04c8ab87c4f5a8a9a1db2bbcfc17a7aedf9877b669f8c2a05783586581656064dcfd19200a8f60c4a582766a0ca5148b56cafafc0ef1601336b5398a90d1bf68c6ecfd1ede4613fb9474bba76ac945f51129543e22f14fdea4e83c206032f0b5faa83a1de556d48d5f08bc53879f492897df7a59e0ddd00825706a2ac507e5fb31bad911885ffeb2d2368616786593f4c6a28de95edf2d993dab8412fa5b16eda075a934f46967fb1643085370da9d1e5895a5ddd6898429c85bdd41b28f58cc3e106ab683ecba03253b8122a8a5b6064eca49ebf4133c2351468cd01200332fca0a00c980262de8dcde7f7e145aefe3fa56b2dd6de3f2bd1514f5a2d143457a28bac927c248d4d89779835a83398fd54e7d53d7b2d1940fd12d7bc96e16b0fe15fbf16c3600b891b3bf6723303d01a73120734be1f27d43b5d5c374d6e44f42e0df163d2797da5bb292fbc58f8ac2056dbcb85b31c81d56fad2d70625b1304c04a508d6ccbfce072279358cb065a50f4bdf8c81ddd2d5ecf2b2c2b1015051b465e5ff682c9e3f8160123334b82dfe5a751d8b5f441587bbe7bed1325338cae6a8c06101081a55d499efbf77714e43ac99ecc08965e152bc84faba1bd966f4c01879f24b451b8f3ebae04852de5efd441396a6a871f97ea3dc413174886d71748c8beac5e5d403887e818e335cfdffa9d76b5074a5dcf12ad7725cb83cde0174679c0961643606a03082c5ec01590d687ff5bf9f8b2c3a84bfdb9c25622adc66aeb7f0355efddd4ab9954e5455c2428ee4e5383888ab466bd5fe817eb6b794a555c0eea446287cce32d9efd960e58771ddfb8ee2b4133b79d8953c2ae959a5d6ce09448d50da61bf22268fd32dcd501fd47c6b72cf8f50159a7aeec6e220ca81fc64ff97014ea77b6f791ccf6625eba88f60d1fe699cb16636a9acc4067786c537623c699568112c2093663bfba92ddc1ffcfe93f247f90accc6002faa61f43e54c3fab5e04a6ea1c5415e31ab129f8c9f82c3e3191513a4af151b1d6ab45a2f0eeca83f0870bc40da6257b9ea1c6238171a754995137d4123f2a4888e73db901f70a044ee0dd8176defd5dd82d9fc5a1a0d79effaf86fdf0c0dc4886b6a153b88eabc338c353f5fb040fe34db18211b20f8a3e4589b212e913665506488f21c88f5aec85eb694134a557c95d9a6ab9efc089e5c9848e591e3387cc11ca66fb03ca713513b98ebc2f35befcf64792ef44411e0f75ee4da42dcadfffdf9eecb761bd5e89183881103c5019e1ef3f3d80ba27fb0e1897e925d4122fdf3b3b568cc8795adf98643e86409226f2c5ed87cf481ffcd6e21a2bf0bff07a98bed3be5328118c3cb43c05f1b740242b0855f71400dd155c888b627615488025f81fcc6f5628efaf081489683c6d259c33b591edf4c9a4bfc54802c93ffbba4baf2a5030af8882b7d53eae80720e36a15c6c210658cdffa162630ba5d0217fbbf44879a04d41c58befb8a271abf4460a2d768be38d22f832e3cfad91b90f1b576924c8cbda71bbe89c85c239fa02f69c25e5422c977d97a54954fd16b85970db963db2b132b057a0282aef92614a9148e2a1a1edfa5ec46ae8d662dabae8f8141ea30dfddac44573ff52c3f93d82b0245b03c6db05b540e614cc9e3f702467054d688a92dcc9123f71a064cc52730fc5ee94b2746c80688521cc1cdb0f9455d4875f4af4afdc67d2e389361e1328edad7594d4bc9beec8b935aa3e5e98652c934d14fd16da50d685717303186da715778856da54666448d648d32becd2d63a6503ac21e56317903d15465ac4d3765f7a05420811307f71c1dc55ce5a4cd21130487cb0065397785da5094d27fae505996c1d404399797ff61d40f2ed63fca51db673197cd158a6e9b9ee93bb37df8bbaf92f47493c81c65439d359d578244a7f83629f4323a182e68526d674f4b6b64908350253520a4e564fae27df523e9218ff84f55a7ca622fc2e3bcc5edec9cc45c5a1b4c00c64038afdb165ad0ca3d8b66cea248e6a60a1c6d27e0dd2e5c7eec49fb8227a5266aedbc4fff982ffda402190548fb63fdeb67b3fb0894b11ce904b1c194f8f36cdecddc1312d64e9f227cc4b614b3679f978e0f1b6bb7aaeb2461cd28a94b73dd55eef1d5a98d72b9d8750b2dfe3a3cec044e13a87", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) io_submit(r3, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x4, r2, &(0x7f0000000340), 0x0, 0x2}]) 5.336479841s ago: executing program 3 (id=641): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, r0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x2c, 0x68, 0xa898cf170ab9f9b9, 0x4, 0x0, {0xa, 0x0, 0x4, 0x0, 0x4}, [@NHA_ID={0x8, 0x1, 0x2}, @NHA_FDB={0x4}, @NHA_OIF={0x8}]}, 0x2c}}, 0x48092) r2 = socket(0x22, 0xa, 0x5) getsockopt(r2, 0x200000000114, 0x8, 0x0, &(0x7f00000001c0)) io_uring_setup(0x2d58, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x880}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) bind$alg(r2, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r6, 0x0, 0x0) 5.26602775s ago: executing program 4 (id=642): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000b40)}, {0x0}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad", 0x9d}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef00", 0x34}], 0x1}}], 0x2, 0xc0) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r4, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 5.147605082s ago: executing program 6 (id=643): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0xf5, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 3.434825098s ago: executing program 3 (id=644): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d}) r4 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xe39}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e27, 0x2000001, @dev={0xfe, 0x80, '\x00', 0x12}, 0xffffffff}, @in6={0xa, 0x4e21, 0x3, @remote, 0x5}], 0x38) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0}) dup3(r6, r5, 0x0) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000915000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x20000012) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) 3.4186061s ago: executing program 1 (id=645): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x392b8a4ff77e3f7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0) 3.412998281s ago: executing program 4 (id=646): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0b0400000000000000000200000050000480240001800b000100736f636b65740000140002800800024000000003080001400000000228000180080001006e6174001c000280080005400000000308000140000000000800024000d066020900010073797a30000000000900020073797a"], 0xa4}}, 0x0) 2.89001521s ago: executing program 1 (id=647): r0 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1", 0x7, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, 0x0, 0x0, 0x10102, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000001000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800) r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee1, 0x0, 0x0, 0x229}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r4, 0x5361, 0xfffffffd, 0x2, 0x0, 0x0) 2.841935823s ago: executing program 0 (id=648): socket(0x1d, 0x1, 0x9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) connect$inet(0xffffffffffffffff, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) sendmsg$nl_route_sched(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r6, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0) mknod$loop(0x0, 0x0, 0x1) syz_io_uring_setup(0x110b, &(0x7f0000000380)={0x0, 0xe883, 0x4000, 0x1, 0xbb}, &(0x7f00000000c0), &(0x7f0000000280)) r7 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x7c, r8, 0x0}) ioctl$DRM_IOCTL_MODE_DIRTYFB(r7, 0xc01864b1, &(0x7f0000000040)={r9, 0x2, 0xfae, 0x1, &(0x7f0000000000)=[{0x4, 0x34, 0xf6c, 0x201}]}) 2.464291599s ago: executing program 6 (id=649): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000000), 0x4, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000193c0)={0x11, 0x13, &(0x7f0000019300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000206a932500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000000)='sys_enter\x00', r0, 0x0, 0x91}, 0x18) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) 2.436873833s ago: executing program 4 (id=650): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="050000000500000002000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) 1.566858172s ago: executing program 1 (id=651): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000001680)=@gcm_128={{0x303}, "0000e60000010027", "568c9f21823385cf6b936989b62bac53", "0000001b", "ff00"}, 0x28) sendto$inet6(r0, &(0x7f0000000340)="d1", 0x1, 0x8000, 0x0, 0x0) write$binfmt_aout(r0, 0x0, 0xfdef) sendto$inet6(r0, &(0x7f0000000080)="c62ee5d6a89f2387cb40936b2f723c22", 0x10, 0x8000, 0x0, 0x0) write$binfmt_elf64(r0, 0x0, 0x78) 913.081874ms ago: executing program 2 (id=652): openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0xc8400, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() syz_open_dev$hidraw(&(0x7f0000000400), 0xfffffffffffffffa, 0x321000) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = syz_open_dev$media(&(0x7f0000000680), 0x8, 0x8000) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) mknod$loop(0x0, 0xe050, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa27aaaaaaaaaa2808060001080006040001aaaaaaaaaa1aac1414bbaaaaaaaaaa"], 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b04000000000000000002000000440004802c0001800b0001006e756d67656e00001c000280080002400000000208000340000000000800014000000015140001800b00010072656a6563740000040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a37fdfa481c3f1076b3237c5e91a9030ea0969c6d62d160764be23697b19a79e6d8462ebe460d1434c2ddc77bfc0299767067bcefe5e5ab09a895c1270fa9a868c68960aca187c0585e4c0bccea93b98fa6a5895858a59fd3c5075aececf597b6b3152b88af3ecee1579c26311988158249dfa2151936f79cf3476949156927346f653eafcff215151d637e03ff5fef190d1b50a31d58c9f98b36b737ba4b0d9c2e4a44785f12d289b717"], 0x98}}, 0x0) 854.152419ms ago: executing program 1 (id=653): mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x10b441, 0x0) rmdir(&(0x7f0000000380)='./file0/../file0\x00') 453.715966ms ago: executing program 4 (id=654): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @sack_perm, @timestamp, @mss={0x2, 0x1}, @sack_perm], 0x51) sendto$inet(r0, &(0x7f0000000780)="1ede55", 0x3, 0x4008041, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) shutdown(r0, 0x1) 273.797639ms ago: executing program 2 (id=655): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382) r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) bind$alg(r2, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r6, 0x0, 0x0) 0s ago: executing program 6 (id=657): r0 = getpid() syz_pidfd_open(r0, 0x0) r1 = syz_open_dev$dri(0x0, 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r2, r3], 0x2, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x30002, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}, 0x0, 0x0, 0xff}, 0x20) r7 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') read$midi(r7, &(0x7f0000000380)=""/62, 0x3e) kernel console output (not intermixed with test programs): atadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.223898][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.236990][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.244024][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.270089][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.286645][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 110.351675][ T5834] team0: Port device team_slave_1 added [ 110.360232][ T5832] team0: Port device team_slave_1 added [ 110.377801][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.411119][ T5836] hsr_slave_0: entered promiscuous mode [ 110.417901][ T5836] hsr_slave_1: entered promiscuous mode [ 110.444212][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.451207][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.477350][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.576518][ T5835] team0: Port device team_slave_0 added [ 110.603276][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.610296][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.637403][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.657033][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.664417][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.691649][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.705431][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.712426][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.738569][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.751492][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.759211][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.786577][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.800613][ T5835] team0: Port device team_slave_1 added [ 110.858395][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.865519][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.892107][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 111.020228][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 111.031656][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.058460][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 111.117404][ T5844] hsr_slave_0: entered promiscuous mode [ 111.124691][ T5844] hsr_slave_1: entered promiscuous mode [ 111.131051][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 111.139849][ T5844] Cannot create hsr debugfs directory [ 111.196548][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 111.203670][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.229778][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 111.245920][ T5840] Bluetooth: hci0: command tx timeout [ 111.308245][ T5833] hsr_slave_0: entered promiscuous mode [ 111.315982][ T5833] hsr_slave_1: entered promiscuous mode [ 111.322323][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 111.330915][ T5833] Cannot create hsr debugfs directory [ 111.378827][ T5832] hsr_slave_0: entered promiscuous mode [ 111.386023][ T5832] hsr_slave_1: entered promiscuous mode [ 111.392310][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 111.400532][ T5832] Cannot create hsr debugfs directory [ 111.406421][ T5840] Bluetooth: hci4: command tx timeout [ 111.411868][ T5840] Bluetooth: hci1: command tx timeout [ 111.422758][ T5838] Bluetooth: hci3: command tx timeout [ 111.422887][ T5852] Bluetooth: hci5: command tx timeout [ 111.482835][ T5852] Bluetooth: hci2: command tx timeout [ 111.502504][ T5834] hsr_slave_0: entered promiscuous mode [ 111.509259][ T5834] hsr_slave_1: entered promiscuous mode [ 111.516913][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 111.524599][ T5834] Cannot create hsr debugfs directory [ 111.544519][ T5835] hsr_slave_0: entered promiscuous mode [ 111.551294][ T5835] hsr_slave_1: entered promiscuous mode [ 111.558196][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 111.566011][ T5835] Cannot create hsr debugfs directory [ 112.273539][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 112.297189][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 112.328039][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 112.340071][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 112.414888][ T5844] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 112.427487][ T5844] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 112.438655][ T5844] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 112.470789][ T5844] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 112.573318][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 112.605582][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 112.618090][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 112.630175][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 112.774304][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 112.786499][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 112.802275][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 112.847145][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 112.889122][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.971936][ T5835] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 113.000179][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.015200][ T5835] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 113.027539][ T5835] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 113.040019][ T5835] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 113.098580][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.142549][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.210487][ T131] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.218178][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.232062][ T131] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.239261][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.252238][ T131] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.259420][ T131] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.300231][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.307491][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.317992][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 113.324935][ T5852] Bluetooth: hci0: command tx timeout [ 113.340859][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 113.354135][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 113.388753][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 113.418021][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.484066][ T5852] Bluetooth: hci1: command tx timeout [ 113.484091][ T5847] Bluetooth: hci3: command tx timeout [ 113.484118][ T5840] Bluetooth: hci5: command tx timeout [ 113.489538][ T5847] Bluetooth: hci4: command tx timeout [ 113.563280][ T5852] Bluetooth: hci2: command tx timeout [ 113.578277][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.625801][ T3508] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.633057][ T3508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.680923][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.688183][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.909331][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.925050][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.982006][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.036740][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.044223][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.106595][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.167961][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.175310][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.212366][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.260655][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.267938][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.326580][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.333910][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.429653][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.516981][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.531996][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.539313][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.621430][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.628780][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.676916][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.846331][ T5834] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 114.878260][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.127775][ T5836] veth0_vlan: entered promiscuous mode [ 115.274340][ T5836] veth1_vlan: entered promiscuous mode [ 115.337569][ T5832] veth0_vlan: entered promiscuous mode [ 115.403099][ T5852] Bluetooth: hci0: command tx timeout [ 115.441433][ T5832] veth1_vlan: entered promiscuous mode [ 115.502466][ T5836] veth0_macvtap: entered promiscuous mode [ 115.547746][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.568043][ T5852] Bluetooth: hci4: command tx timeout [ 115.568068][ T5847] Bluetooth: hci1: command tx timeout [ 115.573805][ T5852] Bluetooth: hci5: command tx timeout [ 115.573854][ T5852] Bluetooth: hci3: command tx timeout [ 115.576405][ T5836] veth1_macvtap: entered promiscuous mode [ 115.644584][ T5840] Bluetooth: hci2: command tx timeout [ 115.670637][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.748273][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.809867][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.867089][ T5832] veth0_macvtap: entered promiscuous mode [ 115.880694][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.897479][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.906583][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.919310][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.932581][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.000719][ T5832] veth1_macvtap: entered promiscuous mode [ 116.033978][ T5844] veth0_vlan: entered promiscuous mode [ 116.058675][ T5833] veth0_vlan: entered promiscuous mode [ 116.108281][ T5833] veth1_vlan: entered promiscuous mode [ 116.164092][ T5844] veth1_vlan: entered promiscuous mode [ 116.200084][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.260511][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.287202][ T5833] veth0_macvtap: entered promiscuous mode [ 116.311470][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.321601][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.331087][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.339936][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.363645][ T5833] veth1_macvtap: entered promiscuous mode [ 116.411778][ T5834] veth0_vlan: entered promiscuous mode [ 116.465817][ T5834] veth1_vlan: entered promiscuous mode [ 116.490774][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.504426][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.567904][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.578085][ T5844] veth0_macvtap: entered promiscuous mode [ 116.621974][ T3508] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.637358][ T3508] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.641431][ T5844] veth1_macvtap: entered promiscuous mode [ 116.679045][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.691566][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.705324][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.719169][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.728081][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.786759][ T5835] veth0_vlan: entered promiscuous mode [ 116.801479][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 116.850514][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.858477][ T5834] veth0_macvtap: entered promiscuous mode [ 116.862045][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.887430][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.975502][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.996855][ T5835] veth1_vlan: entered promiscuous mode [ 117.044075][ T5834] veth1_macvtap: entered promiscuous mode [ 117.117749][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.127447][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.155002][ T5844] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.181636][ T5844] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.202344][ T5844] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.211535][ T5844] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.262441][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 117.343988][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 117.426692][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.446788][ T5835] veth0_macvtap: entered promiscuous mode [ 117.466580][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.480780][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.511580][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.532880][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.541852][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.644640][ T5835] veth1_macvtap: entered promiscuous mode [ 117.851791][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.875069][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 117.889609][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.959314][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.147564][ T5835] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.182939][ T5835] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.191986][ T5835] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.206312][ T5835] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.235587][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.250825][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.158154][ T6003] input: syz0 as /devices/virtual/input/input5 [ 119.345518][ T6002] block device autoloading is deprecated and will be removed. [ 119.380255][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.449512][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.501259][ T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.513487][ T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.563345][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 119.806497][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.842431][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.906998][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.985660][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.175613][ T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.247457][ T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.283634][ T30] audit: type=1326 audit(1749796270.501:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 120.324258][ T6008] @: renamed from vlan0 (while UP) [ 120.413758][ T30] audit: type=1326 audit(1749796270.511:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 120.494880][ T6018] loop2: detected capacity change from 0 to 256 [ 120.499105][ T30] audit: type=1326 audit(1749796270.511:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 120.524046][ T6018] ======================================================= [ 120.524046][ T6018] WARNING: The mand mount option has been deprecated and [ 120.524046][ T6018] and is ignored by this kernel. Remove the mand [ 120.524046][ T6018] option from the mount to silence this warning. [ 120.524046][ T6018] ======================================================= [ 120.852753][ T30] audit: type=1326 audit(1749796270.511:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea0d990847 code=0x7ffc0000 [ 120.939888][ T30] audit: type=1326 audit(1749796270.511:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 121.070232][ T30] audit: type=1326 audit(1749796270.511:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 121.114250][ T30] audit: type=1326 audit(1749796270.511:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 121.226396][ T30] audit: type=1326 audit(1749796270.511:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 121.309858][ T6028] loop1: detected capacity change from 0 to 512 [ 121.432965][ T30] audit: type=1326 audit(1749796270.531:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 121.571492][ T30] audit: type=1326 audit(1749796270.531:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.1.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 122.183040][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.362880][ T6040] input: syz0 as /devices/virtual/input/input6 [ 122.531425][ T6042] binder: BINDER_SET_CONTEXT_MGR already set [ 122.542829][ T6042] binder: 6039:6042 ioctl 4018620d 200000000040 returned -16 [ 122.976292][ T6051] overlayfs: failed to resolve './file1': -2 [ 123.497750][ T6051] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 123.506166][ T6051] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 123.591324][ T6051] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 124.159276][ T6051] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.218545][ T6051] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.349429][ T6051] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.579585][ T6051] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.586027][ T6051] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.643292][ T6073] netlink: 'syz.2.37': attribute type 4 has an invalid length. [ 124.701905][ T6051] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.820685][ T6051] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.831899][ T6077] loop5: detected capacity change from 0 to 1024 [ 124.833085][ T6051] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.880173][ T6051] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.975206][ T6051] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 124.981268][ T6051] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 125.020415][ T6077] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.052987][ T6077] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.136366][ T6051] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 125.220918][ T6051] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 125.285227][ T6077] ALSA: seq fatal error: cannot create timer (-19) [ 125.304468][ T6051] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 125.374289][ T6051] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 125.454681][ T36] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 8) [ 125.563140][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.628589][ T36] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117 [ 125.696006][ T36] EXT4-fs (loop5): This should not happen!! Data will be lost [ 125.696006][ T36] [ 125.708518][ T6096] loop1: detected capacity change from 0 to 1024 [ 125.764785][ T6096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.794255][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.896831][ T6096] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2847: Unable to expand inode 13. Delete some EAs or run e2fsck. [ 125.980294][ T6102] Zero length message leads to an empty skb [ 125.993348][ T6102] syz.0.45 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 126.173953][ T5836] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.209905][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.354217][ T6102] lo speed is unknown, defaulting to 1000 [ 126.361811][ T6102] lo speed is unknown, defaulting to 1000 [ 126.479302][ T6102] lo speed is unknown, defaulting to 1000 [ 126.540672][ T6108] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.603482][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.717000][ T6102] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 126.727160][ T6114] loop4: detected capacity change from 0 to 512 [ 126.767033][ T6115] xt_CT: You must specify a L4 protocol and not use inversions on it [ 126.794257][ T6114] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 126.824512][ T6116] netlink: 28 bytes leftover after parsing attributes in process `syz.5.49'. [ 126.837374][ T6102] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 126.847784][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.966745][ T6114] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.982255][ T6114] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.017999][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 127.141279][ T6100] syz.0.45: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 127.160517][ T6100] CPU: 0 UID: 0 PID: 6100 Comm: syz.0.45 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 127.160569][ T6100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 127.160591][ T6100] Call Trace: [ 127.160603][ T6100] [ 127.160616][ T6100] dump_stack_lvl+0x16c/0x1f0 [ 127.160655][ T6102] lo speed is unknown, defaulting to 1000 [ 127.160691][ T6100] warn_alloc+0x248/0x3a0 [ 127.160736][ T6100] ? __pfx_warn_alloc+0x10/0x10 [ 127.160795][ T6100] ? xskq_create+0xfb/0x1d0 [ 127.160846][ T6100] ? srso_alias_return_thunk+0x5/0xfbef5 [ 127.160891][ T6100] ? __vmalloc_node_noprof+0xad/0xf0 [ 127.160959][ T6100] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 127.161048][ T6100] ? xskq_create+0xfb/0x1d0 [ 127.161114][ T6100] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 127.161190][ T6100] ? xskq_create+0xfb/0x1d0 [ 127.161244][ T6100] vmalloc_user_noprof+0x9e/0xe0 [ 127.161304][ T6100] ? xskq_create+0xfb/0x1d0 [ 127.161359][ T6100] xskq_create+0xfb/0x1d0 [ 127.161417][ T6100] xsk_setsockopt+0x684/0x840 [ 127.161471][ T6100] ? __pfx_xsk_setsockopt+0x10/0x10 [ 127.161521][ T6100] ? __pfx_aa_sk_perm+0x10/0x10 [ 127.161566][ T6100] ? errseq_sample+0x53/0x70 [ 127.161624][ T6100] ? srso_alias_return_thunk+0x5/0xfbef5 [ 127.161677][ T6100] ? __pfx_xsk_setsockopt+0x10/0x10 [ 127.161729][ T6100] do_sock_setsockopt+0x224/0x470 [ 127.161772][ T6100] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 127.161826][ T6100] ? srso_alias_return_thunk+0x5/0xfbef5 [ 127.161888][ T6100] __sys_setsockopt+0x1a0/0x230 [ 127.161954][ T6100] __x64_sys_setsockopt+0xbd/0x160 [ 127.162014][ T6100] ? do_syscall_64+0x91/0x4c0 [ 127.162047][ T6100] ? srso_alias_return_thunk+0x5/0xfbef5 [ 127.162090][ T6100] ? lockdep_hardirqs_on+0x7c/0x110 [ 127.162150][ T6100] do_syscall_64+0xcd/0x4c0 [ 127.162189][ T6100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.162226][ T6100] RIP: 0033:0x7f36f298e929 [ 127.162255][ T6100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.162290][ T6100] RSP: 002b:00007f36f38bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 127.162323][ T6100] RAX: ffffffffffffffda RBX: 00007f36f2bb5fa0 RCX: 00007f36f298e929 [ 127.162347][ T6100] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005 [ 127.162369][ T6100] RBP: 00007f36f2a10b39 R08: 0000000000000004 R09: 0000000000000000 [ 127.162392][ T6100] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 127.162415][ T6100] R13: 0000000000000000 R14: 00007f36f2bb5fa0 R15: 00007ffd42eb8318 [ 127.162463][ T6100] [ 127.162476][ T6100] Mem-Info: [ 127.264983][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 127.276537][ T6100] active_anon:9096 inactive_anon:0 isolated_anon:0 [ 127.276537][ T6100] active_file:1440 inactive_file:39831 isolated_file:0 [ 127.276537][ T6100] unevictable:768 dirty:711 writeback:0 [ 127.276537][ T6100] slab_reclaimable:10132 slab_unreclaimable:99421 [ 127.276537][ T6100] mapped:37509 shmem:4283 pagetables:1227 [ 127.276537][ T6100] sec_pagetables:0 bounce:0 [ 127.276537][ T6100] kernel_misc_reclaimable:0 [ 127.276537][ T6100] free:1292209 free_pcp:21208 free_cma:0 [ 127.370912][ T6102] lo speed is unknown, defaulting to 1000 [ 127.530167][ T6102] lo speed is unknown, defaulting to 1000 [ 127.547741][ T6100] Node 0 active_anon:36372kB inactive_anon:0kB active_file:5760kB inactive_file:159180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:150116kB dirty:2864kB writeback:0kB shmem:15640kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12416kB pagetables:4860kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 127.594891][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.595841][ T6102] lo speed is unknown, defaulting to 1000 [ 127.619278][ T6102] lo speed is unknown, defaulting to 1000 [ 127.630204][ T6102] lo speed is unknown, defaulting to 1000 [ 127.643765][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.655582][ T6100] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 127.701028][ T6100] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 127.793455][ T6100] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 127.799393][ T6100] Node 0 DMA32 free:1253352kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:35924kB inactive_anon:0kB active_file:5760kB inactive_file:157868kB unevictable:1536kB writepending:2864kB present:3129332kB managed:2540804kB mlocked:0kB bounce:0kB free_pcp:65912kB local_pcp:37824kB free_cma:0kB [ 127.901830][ T6100] lowmem_reserve[]: 0 0 1 1 1 [ 127.911949][ T6100] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 128.008175][ T6100] lowmem_reserve[]: 0 0 0 0 0 [ 128.036854][ T6100] Node 1 Normal free:3898952kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21176kB local_pcp:13272kB free_cma:0kB [ 128.149918][ T6100] lowmem_reserve[]: 0 0 0 0 0 [ 128.159414][ T6100] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 128.177937][ T6100] Node 0 DMA32: 2*4kB (M) 2*8kB (UM) 3*16kB (UME) 1*32kB (E) 3*64kB (UME) 6*128kB (UME) 5*256kB (UME) 3*512kB (UM) 2*1024kB (M) 4*2048kB (UME) 302*4096kB (M) = 1251112kB [ 128.228730][ T6100] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 128.288888][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.297002][ T6100] Node 1 Normal: 136*4kB (UE) 57*8kB (UME) 40*16kB (UME) 75*32kB (UME) 28*64kB (UME) 5*128kB (UM) 3*256kB (ME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3898952kB [ 128.407945][ T6139] loop1: detected capacity change from 0 to 512 [ 128.422873][ T6100] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 128.432487][ T6100] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 128.445835][ T6139] EXT4-fs: Ignoring removed nomblk_io_submit option [ 128.499090][ T6139] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 128.517531][ T6100] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 128.534136][ T6139] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102] [ 128.577970][ T6100] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 128.630589][ T6139] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80) [ 128.655437][ T6100] 42708 total pagecache pages [ 128.660189][ T6100] 0 pages in swap cache [ 128.683393][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.693624][ T6139] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features [ 128.702563][ T6100] Free swap = 124996kB [ 128.742880][ T6100] Total swap = 124996kB [ 128.779111][ T6100] 2097051 pages RAM [ 128.827292][ T6100] 0 pages HighMem/MovableOnly [ 128.844977][ T6139] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 128.888527][ T6100] 429872 pages reserved [ 128.941552][ T6100] 0 pages cma reserved [ 128.952940][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.082869][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 129.281048][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 129.281074][ T30] audit: type=1326 audit(1749796279.501:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.323097][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 129.460996][ T6153] loop4: detected capacity change from 0 to 128 [ 129.493871][ T6139] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80) [ 129.558449][ T6153] EXT4-fs: Ignoring removed nomblk_io_submit option [ 129.588571][ T30] audit: type=1326 audit(1749796279.541:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.674119][ T30] audit: type=1326 audit(1749796279.581:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.711546][ T30] audit: type=1326 audit(1749796279.581:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.740034][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.767312][ T30] audit: type=1326 audit(1749796279.581:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.776338][ T6153] EXT4-fs error (device loop4): __ext4_fill_super:5500: inode #2: comm syz.4.63: iget: checksum invalid [ 129.801777][ T30] audit: type=1326 audit(1749796279.591:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.801859][ T30] audit: type=1326 audit(1749796279.591:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.801928][ T30] audit: type=1326 audit(1749796279.591:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.801996][ T30] audit: type=1326 audit(1749796279.591:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.802065][ T30] audit: type=1326 audit(1749796279.591:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.4.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 129.958900][ T6153] EXT4-fs (loop4): get root inode failed [ 130.012215][ T6153] EXT4-fs (loop4): mount failed [ 130.017821][ T5836] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.231369][ T6159] netlink: 32 bytes leftover after parsing attributes in process `syz.2.65'. [ 130.376576][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 130.754234][ T6168] fuseblk: Bad value for 'fd' [ 130.832830][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.003091][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 131.162969][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 131.390710][ T6172] loop3: detected capacity change from 0 to 512 [ 131.402822][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 131.651798][ T6172] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.728920][ T6172] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 132.167263][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.323405][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 133.332157][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 133.340840][ T0] NOHZ tick-stop error: local softirq work is pending, handler #210!!! [ 133.724300][ T6208] loop5: detected capacity change from 0 to 512 [ 134.575393][ T6208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.658050][ T6208] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 134.812641][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 134.860811][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.869094][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.897021][ T30] audit: type=1800 audit(1749796285.031:89): pid=6208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.80" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 134.961238][ T6220] bridge0: entered allmulticast mode [ 135.043502][ T6222] bridge_slave_1: left allmulticast mode [ 135.081816][ T6222] bridge_slave_1: left promiscuous mode [ 135.093320][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.161711][ T6222] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.237823][ T6222] bridge_slave_0: left allmulticast mode [ 135.244311][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.253164][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.261730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.270719][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.304390][ T6222] bridge_slave_0: left promiscuous mode [ 135.346798][ T6222] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.381051][ T30] audit: type=1326 audit(1749796285.581:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 135.565323][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.595741][ T30] audit: type=1326 audit(1749796285.591:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 135.712425][ T30] audit: type=1326 audit(1749796285.631:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6221 comm="syz.0.85" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x0 [ 135.862786][ T30] audit: type=1326 audit(1749796285.711:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 135.928181][ T6233] loop3: detected capacity change from 0 to 2048 [ 135.995095][ T6233] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.001822][ T30] audit: type=1326 audit(1749796285.711:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 136.032386][ T30] audit: type=1326 audit(1749796285.711:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 136.064811][ T30] audit: type=1326 audit(1749796285.711:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 136.087660][ T30] audit: type=1326 audit(1749796285.711:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 136.111918][ T30] audit: type=1326 audit(1749796285.721:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 136.156969][ T6239] loop4: detected capacity change from 0 to 512 [ 136.209706][ T6239] ext4: Unknown parameter 'permit_directio' [ 136.428772][ T6239] loop4: detected capacity change from 0 to 512 [ 136.478237][ T6239] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 136.599736][ T6239] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 136.618763][ T6239] System zones: 0-2, 18-18, 34-34 [ 136.697495][ T6239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.726795][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.811707][ T6239] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.996865][ T6239] netlink: 24 bytes leftover after parsing attributes in process `syz.4.91'. [ 137.279222][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.617410][ T6259] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 137.909181][ T6267] overlayfs: failed to resolve './file1': -2 [ 138.369124][ T6268] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 138.380783][ T6268] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 138.399327][ T6268] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 138.411938][ T6268] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 138.420587][ T6268] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 138.427679][ T6268] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 138.649916][ T6286] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.657763][ T6286] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.666860][ T6281] Driver unsupported XDP return value 0 on prog (id 53) dev N/A, expect packet loss! [ 138.724205][ T6286] bridge0: entered allmulticast mode [ 138.951072][ T6287] bridge_slave_1: left allmulticast mode [ 139.013344][ T6287] bridge_slave_1: left promiscuous mode [ 139.040160][ T6287] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.126905][ T6287] bridge_slave_0: left allmulticast mode [ 139.181019][ T6287] bridge_slave_0: left promiscuous mode [ 139.206861][ T6287] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.443087][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 140.443126][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 140.449171][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 140.455241][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout [ 140.455308][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 140.461396][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.520161][ T6335] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 141.520161][ T6335] program syz.0.122 not setting count and/or reply_len properly [ 142.456010][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.462546][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.911622][ T6356] overlayfs: failed to resolve './file1': -2 [ 143.315558][ T6357] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 143.321903][ T6357] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 143.328512][ T6357] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 143.334693][ T6357] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 143.340925][ T6357] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 143.347514][ T6357] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 143.802211][ T30] kauditd_printk_skb: 87 callbacks suppressed [ 143.802238][ T30] audit: type=1326 audit(1749796294.021:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="syz.3.131" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f70f8e929 code=0x0 [ 144.456626][ T6378] serio: Serial port ptm0 [ 144.913450][ T6389] loop1: detected capacity change from 0 to 512 [ 144.962129][ T6389] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 144.992852][ T6389] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 145.113211][ T6389] EXT4-fs (loop1): 1 orphan inode deleted [ 145.119038][ T6389] EXT4-fs (loop1): 1 truncate cleaned up [ 145.198098][ T6389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.284382][ T6389] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 145.311168][ T6389] EXT4-fs (loop1): Remounting filesystem read-only [ 145.330198][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 145.336558][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 145.409138][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout [ 145.415500][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 145.421564][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.427851][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 145.639991][ T6400] fuseblk: Bad value for 'fd' [ 146.277738][ T5836] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.615131][ T6408] overlayfs: failed to resolve './file1': -2 [ 147.083840][ T6406] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 147.091005][ T6406] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.098374][ T6406] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.104563][ T6406] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.110707][ T6406] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 147.116932][ T6406] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 148.236395][ T6397] infiniband syz!: set active [ 148.241887][ T6397] infiniband syz!: added team_slave_0 [ 148.256907][ T6397] syz!: rxe_create_cq: returned err = -12 [ 148.274355][ T6397] infiniband syz!: Couldn't create ib_mad CQ [ 148.290942][ T6397] infiniband syz!: Couldn't open port 1 [ 148.425355][ T6397] RDS/IB: syz!: added [ 148.444402][ T6397] smc: adding ib device syz! with port count 1 [ 148.482999][ T6397] smc: ib device syz! port 1 has pnetid [ 148.896186][ T30] audit: type=1326 audit(1749796299.111:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.2.154" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f37c418e929 code=0x0 [ 149.166851][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 149.173150][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 149.179290][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.188775][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.196480][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.202544][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.656187][ T6438] loop0: detected capacity change from 0 to 128 [ 149.998550][ T6440] loop2: detected capacity change from 0 to 128 [ 150.544231][ T6449] process 'syz.0.161' launched '/dev/fd/6' with NULL argv: empty string added [ 153.812115][ T6465] lo speed is unknown, defaulting to 1000 [ 154.099498][ T30] audit: type=1326 audit(1749796304.311:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.170" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x0 [ 159.422874][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz.0.178'. [ 159.482924][ T30] audit: type=1326 audit(1749796309.701:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6522 comm="syz.3.185" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f70f8e929 code=0x0 [ 159.546636][ T6516] loop0: detected capacity change from 0 to 8192 [ 159.584636][ T6527] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus [ 159.683345][ T6516] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 159.737102][ T6516] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 159.751609][ T6516] loop0: p2 p3 p4 [ 159.755534][ T6516] loop0: partition table partially beyond EOD, truncated [ 159.763824][ T6516] loop0: p2 start 452985600 is beyond EOD, truncated [ 159.779578][ T6516] loop0: p3 size 33554432 extends beyond EOD, truncated [ 159.799312][ T6516] loop0: p4 start 8388607 is beyond EOD, truncated [ 160.621340][ T5838] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 160.635480][ T5838] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 160.651096][ T5838] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 160.665378][ T5838] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 160.680670][ T5838] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 161.271638][ T6524] IPVS: Error joining to the multicast group [ 162.762974][ T5845] Bluetooth: hci6: command tx timeout [ 164.843104][ T5845] Bluetooth: hci6: command tx timeout [ 165.023972][ T6540] lo speed is unknown, defaulting to 1000 [ 166.016258][ T30] audit: type=1326 audit(1749796316.241:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.199" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x0 [ 166.178627][ T6540] chnl_net:caif_netlink_parms(): no params data found [ 166.409802][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.634856][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.761602][ T6540] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.785448][ T6540] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.807395][ T30] audit: type=1326 audit(1749796317.021:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f36f29858e7 code=0x7ffc0000 [ 166.813004][ T6540] bridge_slave_0: entered allmulticast mode [ 166.846051][ T30] audit: type=1326 audit(1749796317.021:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f36f292ab19 code=0x7ffc0000 [ 166.886045][ T6540] bridge_slave_0: entered promiscuous mode [ 166.923439][ T5845] Bluetooth: hci6: command tx timeout [ 166.937723][ T6540] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.954316][ T6540] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.971980][ T6540] bridge_slave_1: entered allmulticast mode [ 166.981558][ T6540] bridge_slave_1: entered promiscuous mode [ 167.012849][ T30] audit: type=1326 audit(1749796317.021:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f36f29858e7 code=0x7ffc0000 [ 167.102552][ T30] audit: type=1326 audit(1749796317.021:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f36f292ab19 code=0x7ffc0000 [ 167.290599][ T30] audit: type=1326 audit(1749796317.021:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 167.339129][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.175829][ T30] audit: type=1326 audit(1749796317.061:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 168.205045][ T30] audit: type=1326 audit(1749796317.061:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 168.227947][ T30] audit: type=1326 audit(1749796317.061:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 168.284554][ T30] audit: type=1326 audit(1749796317.061:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.0.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f36f29858e7 code=0x7ffc0000 [ 169.535529][ T5845] Bluetooth: hci6: command tx timeout [ 169.633088][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.729012][ T6630] overlayfs: failed to resolve './file1': -2 [ 169.735242][ T6540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.753247][ T6628] input: syz0 as /devices/virtual/input/input7 [ 169.777832][ T6540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.071880][ T6630] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 170.136600][ T6630] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 170.186965][ T6630] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 170.200606][ T6540] team0: Port device team_slave_0 added [ 170.262974][ T6540] team0: Port device team_slave_1 added [ 170.284846][ T6630] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 170.356217][ T6630] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 170.485194][ T6630] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 170.583399][ T6630] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 170.887923][ T6630] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 171.078267][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.155148][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.232915][ T6540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.357389][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.365263][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.433120][ T6540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.122962][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.203020][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.209298][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.293308][ T6654] loop0: detected capacity change from 0 to 1024 [ 172.342527][ T6654] EXT4-fs (loop0): Unsupported encryption level 8 [ 172.365626][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 172.371752][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 172.830008][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 173.739994][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 173.740020][ T30] audit: type=1326 audit(1749796323.961:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 173.776266][ T30] audit: type=1326 audit(1749796323.961:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 173.818965][ T30] audit: type=1326 audit(1749796323.991:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 173.850328][ T30] audit: type=1326 audit(1749796323.991:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 173.973867][ T30] audit: type=1326 audit(1749796323.991:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.002308][ T6674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'. [ 174.026948][ T6674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'. [ 174.033144][ T30] audit: type=1326 audit(1749796323.991:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.066618][ T30] audit: type=1326 audit(1749796323.991:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.156702][ T30] audit: type=1326 audit(1749796323.991:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.233543][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.273552][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.288971][ T12] bond0 (unregistering): Released all slaves [ 174.437192][ T30] audit: type=1326 audit(1749796324.661:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.684532][ T30] audit: type=1326 audit(1749796324.661:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 174.977786][ T6691] loop3: detected capacity change from 0 to 512 [ 175.016468][ T6691] EXT4-fs: Ignoring removed bh option [ 175.085946][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 175.375677][ T6691] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 175.410687][ T6691] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 176.180432][ T6691] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 176.261674][ T6691] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 176.310109][ T6691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.347548][ T6540] hsr_slave_0: entered promiscuous mode [ 176.376564][ T6540] hsr_slave_1: entered promiscuous mode [ 176.398813][ T6540] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.554229][ T6540] Cannot create hsr debugfs directory [ 176.758733][ T6706] loop1: detected capacity change from 0 to 2048 [ 176.856404][ T6706] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.870018][ T6712] overlayfs: failed to resolve './file1': -2 [ 176.907112][ T6708] netlink: 'syz.0.238': attribute type 39 has an invalid length. [ 176.954741][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.160794][ T6708] veth0_macvtap: left promiscuous mode [ 177.177205][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 177.784710][ T6718] 9pnet: Could not find request transport: f [ 177.971693][ T6712] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 178.049242][ T6712] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 178.133093][ T6712] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 178.139273][ T6712] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 178.168035][ T6712] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 178.198058][ T6712] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 178.290625][ T5836] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.791635][ T6728] loop1: detected capacity change from 0 to 256 [ 179.039062][ T12] hsr_slave_0: left promiscuous mode [ 179.071988][ T12] hsr_slave_1: left promiscuous mode [ 179.302208][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 179.353987][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 179.355615][ T6728] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.671066][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 179.679558][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 179.760241][ T12] veth1_macvtap: left promiscuous mode [ 179.912266][ T12] veth0_macvtap: left promiscuous mode [ 180.103621][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.122826][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 180.124804][ T12] veth1_vlan: left promiscuous mode [ 180.205863][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 180.212488][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 180.218809][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.225445][ T5838] Bluetooth: hci6: command 0x0c1a tx timeout [ 180.312187][ T12] veth0_vlan: left promiscuous mode [ 183.306365][ T12] team0 (unregistering): Port device team_slave_1 removed [ 183.877784][ T12] team0 (unregistering): Port device team_slave_0 removed [ 183.930345][ T6401] smc: removing ib device syz! [ 184.332170][ T6775] siw: device registration error -23 [ 186.031963][ T6782] loop3: detected capacity change from 0 to 1024 [ 186.122176][ T6782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.711707][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.503483][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.264'. [ 188.579346][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.264'. [ 188.998633][ T6813] netlink: 4 bytes leftover after parsing attributes in process `syz.3.264'. [ 189.010252][ T6813] netlink: 20 bytes leftover after parsing attributes in process `syz.3.264'. [ 191.104966][ T6540] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 191.259788][ T6540] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 192.426963][ T6540] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 192.660796][ T6809] lo speed is unknown, defaulting to 1000 [ 192.669784][ T6540] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 194.974054][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.278'. [ 195.148031][ T6868] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.225015][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.278'. [ 195.426418][ T6872] input: syz0 as /devices/virtual/input/input8 [ 195.652083][ T6868] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.951609][ T6868] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.007778][ T6877] overlayfs: failed to resolve './file1': -2 [ 196.099894][ T6868] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.225604][ T6540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.342499][ T6868] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.371704][ T6540] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.402993][ T6868] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.435840][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.443143][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.494710][ T6868] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.530253][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.537577][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.547762][ T6877] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 196.554130][ T6877] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 196.560299][ T6877] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 196.566759][ T6877] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 196.573098][ T6877] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 196.580285][ T6877] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 197.008477][ T6868] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.123472][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 198.603914][ T5840] Bluetooth: hci6: command 0x0c1a tx timeout [ 198.610161][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 198.616323][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 198.622460][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 198.628598][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 198.821885][ T6915] netlink: 28 bytes leftover after parsing attributes in process `syz.2.292'. [ 198.962882][ T6918] input: syz0 as /devices/virtual/input/input9 [ 199.293496][ T6540] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.384308][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 199.384333][ T30] audit: type=1326 audit(1749796349.611:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 199.510614][ T6922] siw: device registration error -23 [ 199.544985][ T30] audit: type=1326 audit(1749796349.651:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 199.732876][ T30] audit: type=1326 audit(1749796349.671:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 199.824623][ T30] audit: type=1326 audit(1749796349.671:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.087482][ T6937] overlayfs: failed to resolve './file1': -2 [ 200.137775][ T30] audit: type=1326 audit(1749796349.671:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.173125][ T30] audit: type=1326 audit(1749796349.671:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.209356][ T30] audit: type=1326 audit(1749796349.671:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.290147][ T30] audit: type=1326 audit(1749796349.671:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.391915][ T30] audit: type=1326 audit(1749796349.671:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.450219][ T30] audit: type=1326 audit(1749796349.671:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6925 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 200.513427][ T6920] syz.3.294: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 200.537099][ T6920] CPU: 1 UID: 0 PID: 6920 Comm: syz.3.294 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 200.537155][ T6920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 200.537179][ T6920] Call Trace: [ 200.537191][ T6920] [ 200.537205][ T6920] dump_stack_lvl+0x16c/0x1f0 [ 200.537278][ T6920] warn_alloc+0x248/0x3a0 [ 200.537326][ T6920] ? __pfx_warn_alloc+0x10/0x10 [ 200.537391][ T6920] ? xskq_create+0xfb/0x1d0 [ 200.537448][ T6920] ? srso_alias_return_thunk+0x5/0xfbef5 [ 200.537497][ T6920] ? __vmalloc_node_noprof+0xad/0xf0 [ 200.537572][ T6920] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 200.537662][ T6920] ? xskq_create+0xfb/0x1d0 [ 200.537734][ T6920] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 200.537821][ T6920] ? xskq_create+0xfb/0x1d0 [ 200.537877][ T6920] vmalloc_user_noprof+0x9e/0xe0 [ 200.537937][ T6920] ? xskq_create+0xfb/0x1d0 [ 200.537997][ T6920] xskq_create+0xfb/0x1d0 [ 200.538056][ T6920] xsk_setsockopt+0x684/0x840 [ 200.538111][ T6920] ? __pfx_xsk_setsockopt+0x10/0x10 [ 200.538164][ T6920] ? __pfx_aa_sk_perm+0x10/0x10 [ 200.538210][ T6920] ? errseq_sample+0x53/0x70 [ 200.538269][ T6920] ? srso_alias_return_thunk+0x5/0xfbef5 [ 200.538324][ T6920] ? __pfx_xsk_setsockopt+0x10/0x10 [ 200.538377][ T6920] do_sock_setsockopt+0x224/0x470 [ 200.538421][ T6920] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 200.538476][ T6920] ? srso_alias_return_thunk+0x5/0xfbef5 [ 200.538538][ T6920] __sys_setsockopt+0x1a0/0x230 [ 200.538606][ T6920] __x64_sys_setsockopt+0xbd/0x160 [ 200.538664][ T6920] ? do_syscall_64+0x91/0x4c0 [ 200.538699][ T6920] ? srso_alias_return_thunk+0x5/0xfbef5 [ 200.538742][ T6920] ? lockdep_hardirqs_on+0x7c/0x110 [ 200.538817][ T6920] do_syscall_64+0xcd/0x4c0 [ 200.538859][ T6920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.538897][ T6920] RIP: 0033:0x7f2f70f8e929 [ 200.538926][ T6920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.538960][ T6920] RSP: 002b:00007f2f71e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 200.538995][ T6920] RAX: ffffffffffffffda RBX: 00007f2f711b5fa0 RCX: 00007f2f70f8e929 [ 200.539020][ T6920] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005 [ 200.539041][ T6920] RBP: 00007f2f71010b39 R08: 0000000000000004 R09: 0000000000000000 [ 200.539064][ T6920] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 200.539087][ T6920] R13: 0000000000000000 R14: 00007f2f711b5fa0 R15: 00007ffe5e65fc58 [ 200.539139][ T6920] [ 200.540976][ T6920] Mem-Info: [ 200.797835][ T6937] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 200.804078][ T6937] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 200.810164][ T6937] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 200.816319][ T6937] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 200.822399][ T6937] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 200.828529][ T6937] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 200.867159][ T6920] active_anon:10510 inactive_anon:0 isolated_anon:0 [ 200.867159][ T6920] active_file:1708 inactive_file:39860 isolated_file:0 [ 200.867159][ T6920] unevictable:768 dirty:34 writeback:0 [ 200.867159][ T6920] slab_reclaimable:10394 slab_unreclaimable:98429 [ 200.867159][ T6920] mapped:37477 shmem:7100 pagetables:1177 [ 200.867159][ T6920] sec_pagetables:0 bounce:0 [ 200.867159][ T6920] kernel_misc_reclaimable:0 [ 200.867159][ T6920] free:1282677 free_pcp:18314 free_cma:0 [ 200.950307][ T6920] Node 0 active_anon:37740kB inactive_anon:0kB active_file:6832kB inactive_file:159240kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:149908kB dirty:136kB writeback:0kB shmem:22664kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12344kB pagetables:4596kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 201.008931][ T6920] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 201.043835][ T6920] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 201.161680][ T6920] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 201.184368][ T6920] Node 0 DMA32 free:1215556kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30392kB inactive_anon:0kB active_file:6832kB inactive_file:157928kB unevictable:1536kB writepending:136kB present:3129332kB managed:2540804kB mlocked:0kB bounce:0kB free_pcp:65020kB local_pcp:4760kB free_cma:0kB [ 201.270187][ T6949] loop0: detected capacity change from 0 to 512 [ 201.278325][ T6920] lowmem_reserve[]: 0 0 1 1 1 [ 201.287227][ T6920] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 201.328600][ T6920] lowmem_reserve[]: 0 0 0 0 0 [ 201.342382][ T6920] Node 1 Normal free:3899772kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20640kB local_pcp:7840kB free_cma:0kB [ 201.392579][ T6920] lowmem_reserve[]: 0 [ 201.407420][ T6949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.438354][ T6920] 0 0 0 0 [ 201.442340][ T6920] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 201.473405][ T6949] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.522868][ T6920] Node 0 DMA32: 1*4kB (U) 2*8kB (ME) 1*16kB (M) 1*32kB (E) 130*64kB (UM) 99*128kB (UM) 108*256kB (UME) 53*512kB (UM) 19*1024kB (UME) 5*2048kB (UM) 271*4096kB (M) = 1215556kB [ 201.740361][ T6920] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 201.793846][ T6920] Node 1 Normal: 197*4kB (UE) 57*8kB (UME) 40*16kB (UME) 85*32kB (UME) 32*64kB (UME) 5*128kB (UM) 3*256kB (ME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3899772kB [ 201.857185][ T6920] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 201.889619][ T6540] veth0_vlan: entered promiscuous mode [ 201.939908][ T6540] veth1_vlan: entered promiscuous mode [ 201.991431][ T6920] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 202.019681][ T6920] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 202.044477][ T6920] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 202.054634][ T6920] 46522 total pagecache pages [ 202.076987][ T6920] 0 pages in swap cache [ 202.081247][ T6920] Free swap = 124996kB [ 202.109159][ T6920] Total swap = 124996kB [ 202.129012][ T6540] veth0_macvtap: entered promiscuous mode [ 202.132832][ T6920] 2097051 pages RAM [ 202.148091][ T6958] loop1: detected capacity change from 0 to 8192 [ 202.165956][ T6540] veth1_macvtap: entered promiscuous mode [ 202.171463][ T6920] 0 pages HighMem/MovableOnly [ 202.207351][ T6920] 429872 pages reserved [ 202.219396][ T6920] 0 pages cma reserved [ 202.232439][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.285947][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.293395][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 202.446208][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.489780][ T6540] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.575202][ T6540] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.628965][ T6540] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.637873][ T6540] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.922891][ T5840] Bluetooth: hci6: command 0x0c1a tx timeout [ 202.929006][ T5838] Bluetooth: hci5: command 0x0c1a tx timeout [ 202.929079][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout [ 202.935066][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 202.947272][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 203.034569][ T6975] input: syz0 as /devices/virtual/input/input10 [ 203.893907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.907205][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.178433][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.192058][ T6988] loop3: detected capacity change from 0 to 512 [ 204.204707][ T6988] EXT4-fs: Ignoring removed nomblk_io_submit option [ 204.239121][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.336851][ T6970] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 204.360066][ T6988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.404012][ T6970] FAT-fs (loop1): Filesystem has been set read-only [ 204.413083][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.415881][ T6988] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 204.423621][ T6970] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 204.446186][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.559383][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 204.559408][ T30] audit: type=1800 audit(1749796354.781:312): pid=6988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.311" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 204.861498][ T6996] overlayfs: failed to resolve './file1': -2 [ 204.868036][ T30] audit: type=1800 audit(1749796354.791:313): pid=6988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.311" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 204.913031][ T30] audit: type=1800 audit(1749796354.791:314): pid=6988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.311" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 205.131442][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.279014][ T7014] xt_CT: You must specify a L4 protocol and not use inversions on it [ 205.283526][ T7014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.318'. [ 205.373851][ T30] audit: type=1326 audit(1749796355.601:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f70f8e929 code=0x7ffc0000 [ 205.397725][ T6996] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 205.404136][ T6996] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 205.410294][ T6996] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 205.416482][ T6996] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 205.422745][ T6996] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 205.428975][ T6996] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 205.602765][ T30] audit: type=1326 audit(1749796355.631:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f2f70f8e929 code=0x7ffc0000 [ 205.652920][ T30] audit: type=1326 audit(1749796355.631:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f70f8e929 code=0x7ffc0000 [ 205.702736][ T30] audit: type=1326 audit(1749796355.631:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f70f8e929 code=0x7ffc0000 [ 206.409451][ T7036] input: syz0 as /devices/virtual/input/input11 [ 206.507385][ T7032] futex_wake_op: syz.6.322 tries to shift op by -1; fix this program [ 207.003142][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 207.482971][ T5847] Bluetooth: hci6: command 0x0c1a tx timeout [ 207.489208][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 207.495410][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 207.503097][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 207.512433][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 209.297821][ T7057] loop0: detected capacity change from 0 to 512 [ 209.317940][ T7057] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 209.400886][ T7066] bond0: (slave bond_slave_0): Releasing backup interface [ 209.443829][ T7065] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 209.462037][ T7057] EXT4-fs (loop0): 1 truncate cleaned up [ 209.470696][ T7057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.530836][ T7073] xt_CT: You must specify a L4 protocol and not use inversions on it [ 209.539407][ T7066] bond0: (slave bond_slave_1): Releasing backup interface [ 209.570318][ T7073] netlink: 28 bytes leftover after parsing attributes in process `syz.2.334'. [ 209.581292][ T7071] netlink: 'syz.1.332': attribute type 10 has an invalid length. [ 209.631891][ T7066] team0: Port device team_slave_0 removed [ 209.670802][ T7066] team0: Port device team_slave_1 removed [ 209.699435][ T7066] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.714524][ T7066] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.730616][ T7066] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.750963][ T7066] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.022320][ T7057] tipc: Started in network mode [ 210.041412][ T7057] tipc: Node identity 5add557b2767, cluster identity 4711 [ 210.071823][ T7057] tipc: Enabled bearer , priority 0 [ 210.133405][ T7075] syzkaller0: MTU too low for tipc bearer [ 210.156762][ T7075] tipc: Disabling bearer [ 210.247383][ T7070] overlayfs: failed to resolve './file1': -2 [ 210.395213][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.456792][ T7070] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 210.463253][ T7070] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 210.470756][ T7070] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 210.477240][ T7070] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 210.483470][ T7070] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 210.489614][ T7070] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 211.002189][ T7095] input: syz0 as /devices/virtual/input/input12 [ 212.512793][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 212.532866][ T5847] Bluetooth: hci6: command 0x0c1a tx timeout [ 212.539192][ T5847] Bluetooth: hci5: command 0x0c1a tx timeout [ 212.545655][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 212.551789][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout [ 212.558038][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 215.516997][ T7133] lo speed is unknown, defaulting to 1000 [ 217.511570][ T7140] input: syz0 as /devices/virtual/input/input13 [ 218.195685][ T7153] loop2: detected capacity change from 0 to 512 [ 218.212878][ T30] audit: type=1326 audit(1749796368.411:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.241526][ T7153] ext4: Unknown parameter 'appraise' [ 218.275792][ T30] audit: type=1326 audit(1749796368.441:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.349610][ T7153] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 218.365635][ T30] audit: type=1326 audit(1749796368.481:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.424734][ T30] audit: type=1326 audit(1749796368.481:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.511837][ T30] audit: type=1326 audit(1749796368.481:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.580796][ T30] audit: type=1326 audit(1749796368.481:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.674644][ T30] audit: type=1326 audit(1749796368.481:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.709568][ T30] audit: type=1326 audit(1749796368.481:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.777587][ T30] audit: type=1326 audit(1749796368.481:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 218.845592][ T30] audit: type=1326 audit(1749796368.481:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.1.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0d98e929 code=0x7ffc0000 [ 220.617782][ T7188] overlayfs: failed to resolve './file1': -2 [ 220.821728][ T7193] loop2: detected capacity change from 0 to 512 [ 220.931313][ T7193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.975730][ T7193] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.108968][ T7193] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.374: corrupted inode contents [ 221.210059][ T7193] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.374: mark_inode_dirty error [ 221.230783][ T7188] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 221.237134][ T7188] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 221.244006][ T7188] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 221.250229][ T7188] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 221.256478][ T7188] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 221.262879][ T7188] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 221.340464][ T7193] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.374: corrupted inode contents [ 221.508409][ T7193] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.374: mark_inode_dirty error [ 221.650749][ T7207] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 222.762983][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 222.805838][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.937333][ T7223] overlayfs: failed to resolve './file1': -2 [ 224.042791][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 224.048917][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 224.052969][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout [ 224.054991][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 224.060984][ T5847] Bluetooth: hci5: command 0x0c1a tx timeout [ 225.537173][ T7252] overlayfs: failed to resolve './file1': -2 [ 226.091280][ T7252] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 226.098479][ T7252] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 226.104686][ T7252] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 226.110837][ T7252] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 226.117235][ T7252] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 226.123416][ T7252] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 226.466175][ T7274] overlayfs: failed to resolve './file1': -2 [ 227.732701][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 227.899092][ T43] lo speed is unknown, defaulting to 1000 [ 228.212783][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 228.218925][ T5840] Bluetooth: hci6: command 0x0c1a tx timeout [ 228.226777][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 228.233071][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 228.239317][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 228.713338][ T7292] siw: device registration error -23 [ 229.207558][ T7311] overlayfs: failed to resolve './file1': -2 [ 229.773648][ T7313] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 229.779907][ T7313] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 229.786301][ T7313] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 229.792510][ T7313] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 229.798755][ T7313] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 229.805379][ T7313] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 229.886814][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 229.886842][ T30] audit: type=1326 audit(1749796380.101:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.070309][ T7289] syz.3.407: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/ [ 230.070522][ T30] audit: type=1326 audit(1749796380.141:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.112924][ T7289] ,mems_allowed=0-1 [ 230.116865][ T7289] CPU: 0 UID: 0 PID: 7289 Comm: syz.3.407 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 230.116915][ T7289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 230.116937][ T7289] Call Trace: [ 230.116950][ T7289] [ 230.116965][ T7289] dump_stack_lvl+0x16c/0x1f0 [ 230.117036][ T7289] warn_alloc+0x248/0x3a0 [ 230.117112][ T7289] ? __pfx_warn_alloc+0x10/0x10 [ 230.117177][ T7289] ? xskq_create+0xfb/0x1d0 [ 230.117230][ T7289] ? srso_alias_return_thunk+0x5/0xfbef5 [ 230.117276][ T7289] ? __vmalloc_node_noprof+0xad/0xf0 [ 230.117345][ T7289] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 230.117423][ T7289] ? xskq_create+0xfb/0x1d0 [ 230.117490][ T7289] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 230.117579][ T7289] ? xskq_create+0xfb/0x1d0 [ 230.117634][ T7289] vmalloc_user_noprof+0x9e/0xe0 [ 230.117693][ T7289] ? xskq_create+0xfb/0x1d0 [ 230.117749][ T7289] xskq_create+0xfb/0x1d0 [ 230.117808][ T7289] xsk_setsockopt+0x684/0x840 [ 230.117862][ T7289] ? __pfx_xsk_setsockopt+0x10/0x10 [ 230.117914][ T7289] ? __pfx_aa_sk_perm+0x10/0x10 [ 230.117960][ T7289] ? errseq_sample+0x53/0x70 [ 230.118019][ T7289] ? srso_alias_return_thunk+0x5/0xfbef5 [ 230.118080][ T7289] ? __pfx_xsk_setsockopt+0x10/0x10 [ 230.118133][ T7289] do_sock_setsockopt+0x224/0x470 [ 230.118178][ T7289] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 230.118232][ T7289] ? srso_alias_return_thunk+0x5/0xfbef5 [ 230.118294][ T7289] __sys_setsockopt+0x1a0/0x230 [ 230.118362][ T7289] __x64_sys_setsockopt+0xbd/0x160 [ 230.118419][ T7289] ? do_syscall_64+0x91/0x4c0 [ 230.118452][ T7289] ? srso_alias_return_thunk+0x5/0xfbef5 [ 230.118497][ T7289] ? lockdep_hardirqs_on+0x7c/0x110 [ 230.118558][ T7289] do_syscall_64+0xcd/0x4c0 [ 230.118597][ T7289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.118635][ T7289] RIP: 0033:0x7f2f70f8e929 [ 230.118664][ T7289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.118699][ T7289] RSP: 002b:00007f2f71e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 230.118733][ T7289] RAX: ffffffffffffffda RBX: 00007f2f711b5fa0 RCX: 00007f2f70f8e929 [ 230.118758][ T7289] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005 [ 230.118781][ T7289] RBP: 00007f2f71010b39 R08: 0000000000000004 R09: 0000000000000000 [ 230.118804][ T7289] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 230.118827][ T7289] R13: 0000000000000000 R14: 00007f2f711b5fa0 R15: 00007ffe5e65fc58 [ 230.118876][ T7289] [ 230.118890][ T7289] Mem-Info: [ 230.344976][ T30] audit: type=1326 audit(1749796380.141:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345060][ T30] audit: type=1326 audit(1749796380.141:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345131][ T30] audit: type=1326 audit(1749796380.161:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345207][ T30] audit: type=1326 audit(1749796380.161:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345280][ T30] audit: type=1326 audit(1749796380.171:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345354][ T30] audit: type=1326 audit(1749796380.171:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345427][ T30] audit: type=1326 audit(1749796380.171:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.345501][ T30] audit: type=1326 audit(1749796380.171:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.6.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 230.587878][ T7327] netlink: 8 bytes leftover after parsing attributes in process `syz.0.420'. [ 230.619380][ T7289] active_anon:7611 inactive_anon:0 isolated_anon:0 [ 230.619380][ T7289] active_file:1725 inactive_file:39874 isolated_file:0 [ 230.619380][ T7289] unevictable:768 dirty:255 writeback:0 [ 230.619380][ T7289] slab_reclaimable:10622 slab_unreclaimable:99994 [ 230.619380][ T7289] mapped:37644 shmem:4270 pagetables:1186 [ 230.619380][ T7289] sec_pagetables:0 bounce:0 [ 230.619380][ T7289] kernel_misc_reclaimable:0 [ 230.619380][ T7289] free:1273513 free_pcp:28501 free_cma:0 [ 230.628050][ T7327] bond1: entered promiscuous mode [ 230.673027][ T7327] bond1: entered allmulticast mode [ 230.678962][ T7327] 8021q: adding VLAN 0 to HW filter on device bond1 [ 230.712266][ T7289] Node 0 active_anon:30544kB inactive_anon:0kB active_file:6900kB inactive_file:159296kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:150576kB dirty:1020kB writeback:0kB shmem:15544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12424kB pagetables:4732kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 230.749139][ T7289] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 230.781380][ T7289] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 230.882456][ T7289] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 230.898182][ T7289] Node 0 DMA32 free:1178700kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:37296kB inactive_anon:0kB active_file:6900kB inactive_file:157984kB unevictable:1736kB writepending:1020kB present:3129332kB managed:2540804kB mlocked:200kB bounce:0kB free_pcp:86864kB local_pcp:32464kB free_cma:0kB [ 231.054723][ T7289] lowmem_reserve[]: 0 0 1 1 1 [ 231.060133][ T7289] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 231.607703][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 231.688908][ T7289] lowmem_reserve[]: 0 0 0 0 0 [ 231.721340][ T7289] Node 1 Normal free:3899772kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20640kB local_pcp:7840kB free_cma:0kB [ 231.807936][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 231.814363][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 231.821244][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 231.827453][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 231.883241][ T5847] Bluetooth: hci6: command 0x0c1a tx timeout [ 231.933496][ T7289] lowmem_reserve[]: 0 0 0 0 0 [ 231.961922][ T7289] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 232.044583][ T7289] Node 0 DMA32: 14*4kB (M) 8*8kB (M) 124*16kB (UM) 50*32kB (ME) 60*64kB (ME) 31*128kB (M) 64*256kB (UME) 40*512kB (UME) 20*1024kB (UM) 4*2048kB (UM) 272*4096kB (UM) = 1191160kB [ 232.112678][ T7289] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 232.169970][ T7289] Node 1 Normal: 197*4kB (UE) 57*8kB (UME) 40*16kB (UME) 85*32kB (UME) 32*64kB (UME) 5*128kB (UM) 3*256kB (ME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3899772kB [ 232.457282][ T7289] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 232.513017][ T7289] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 232.533418][ T7289] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 232.603938][ T7289] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 232.620006][ T7289] 48740 total pagecache pages [ 232.625143][ T7289] 0 pages in swap cache [ 232.629339][ T7289] Free swap = 124996kB [ 232.637221][ T7289] Total swap = 124996kB [ 232.641438][ T7289] 2097051 pages RAM [ 232.645991][ T7289] 0 pages HighMem/MovableOnly [ 232.650713][ T7289] 429872 pages reserved [ 232.654988][ T7289] 0 pages cma reserved [ 233.361285][ T7357] loop0: detected capacity change from 0 to 512 [ 234.060751][ T7371] overlayfs: failed to resolve './file1': -2 [ 234.442385][ T7372] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 234.448813][ T7372] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 234.455277][ T7372] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 234.461426][ T7372] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 234.467612][ T7372] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 234.473861][ T7372] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 234.891490][ T7376] $Hÿ: renamed from bond0 (while UP) [ 236.286332][ T7376] $Hÿ: entered promiscuous mode [ 236.350497][ T7357] fscrypt: Error allocating hmac(sha512): -2 [ 236.433178][ T7376] bond_slave_0: entered promiscuous mode [ 236.439172][ T7376] bond_slave_1: entered promiscuous mode [ 236.551751][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 236.557976][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 236.564169][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 236.570268][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 236.576457][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 236.585166][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 237.880522][ T7406] siw: device registration error -23 [ 240.038374][ T7419] overlayfs: failed to resolve './file1': -2 [ 245.848117][ T7474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 245.938557][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.476'. [ 246.094029][ T7477] siw: device registration error -23 [ 246.875538][ T7476] syz.1.476 (7476) used greatest stack depth: 19800 bytes left [ 250.430902][ T7519] netlink: 8 bytes leftover after parsing attributes in process `syz.2.491'. [ 251.873617][ T7538] overlayfs: failed to resolve './file1': -2 [ 252.375018][ T7538] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 252.381278][ T7538] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 252.387572][ T7538] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 252.393728][ T7538] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 252.399964][ T7538] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 252.406194][ T7538] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 253.203386][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 253.203442][ T30] audit: type=1326 audit(1749796403.371:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 253.676206][ T30] audit: type=1326 audit(1749796403.471:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 253.818996][ T7563] netlink: 516 bytes leftover after parsing attributes in process `syz.4.507'. [ 253.829197][ T7554] siw: device registration error -23 [ 253.868447][ T30] audit: type=1326 audit(1749796403.501:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 253.902723][ T30] audit: type=1326 audit(1749796403.511:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 254.020549][ T30] audit: type=1326 audit(1749796403.541:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 254.043137][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 254.110155][ T30] audit: type=1326 audit(1749796403.581:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 254.377913][ T30] audit: type=1326 audit(1749796403.591:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 254.401591][ T30] audit: type=1326 audit(1749796403.631:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x7ffc0000 [ 254.424134][ T30] audit: type=1326 audit(1749796403.961:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.4.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 254.462157][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 254.462380][ T5847] Bluetooth: hci5: command 0x0c1a tx timeout [ 254.472913][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 254.475063][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout [ 254.480832][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 254.497513][ T30] audit: type=1326 audit(1749796403.961:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.4.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153a78e929 code=0x7ffc0000 [ 254.542486][ T7550] syz.2.503: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 254.560723][ T7550] CPU: 0 UID: 0 PID: 7550 Comm: syz.2.503 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 254.560775][ T7550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 254.560797][ T7550] Call Trace: [ 254.560811][ T7550] [ 254.560823][ T7550] dump_stack_lvl+0x16c/0x1f0 [ 254.560887][ T7550] warn_alloc+0x248/0x3a0 [ 254.560928][ T7550] ? __pfx_warn_alloc+0x10/0x10 [ 254.560983][ T7550] ? xskq_create+0xfb/0x1d0 [ 254.561032][ T7550] ? srso_alias_return_thunk+0x5/0xfbef5 [ 254.561074][ T7550] ? __vmalloc_node_noprof+0xad/0xf0 [ 254.561143][ T7550] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 254.561214][ T7550] ? xskq_create+0xfb/0x1d0 [ 254.561276][ T7550] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 254.561347][ T7550] ? xskq_create+0xfb/0x1d0 [ 254.561397][ T7550] vmalloc_user_noprof+0x9e/0xe0 [ 254.561452][ T7550] ? xskq_create+0xfb/0x1d0 [ 254.561504][ T7550] xskq_create+0xfb/0x1d0 [ 254.561558][ T7550] xsk_setsockopt+0x684/0x840 [ 254.561608][ T7550] ? __pfx_xsk_setsockopt+0x10/0x10 [ 254.561656][ T7550] ? __pfx_aa_sk_perm+0x10/0x10 [ 254.561698][ T7550] ? errseq_sample+0x53/0x70 [ 254.561752][ T7550] ? srso_alias_return_thunk+0x5/0xfbef5 [ 254.561801][ T7550] ? __pfx_xsk_setsockopt+0x10/0x10 [ 254.561849][ T7550] do_sock_setsockopt+0x224/0x470 [ 254.561890][ T7550] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 254.561939][ T7550] ? srso_alias_return_thunk+0x5/0xfbef5 [ 254.561996][ T7550] __sys_setsockopt+0x1a0/0x230 [ 254.562058][ T7550] __x64_sys_setsockopt+0xbd/0x160 [ 254.562118][ T7550] ? do_syscall_64+0x91/0x4c0 [ 254.562149][ T7550] ? srso_alias_return_thunk+0x5/0xfbef5 [ 254.562190][ T7550] ? lockdep_hardirqs_on+0x7c/0x110 [ 254.562246][ T7550] do_syscall_64+0xcd/0x4c0 [ 254.562282][ T7550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.562317][ T7550] RIP: 0033:0x7f37c418e929 [ 254.562343][ T7550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.562376][ T7550] RSP: 002b:00007f37c4f8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 254.562407][ T7550] RAX: ffffffffffffffda RBX: 00007f37c43b5fa0 RCX: 00007f37c418e929 [ 254.562430][ T7550] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005 [ 254.562450][ T7550] RBP: 00007f37c4210b39 R08: 0000000000000004 R09: 0000000000000000 [ 254.562471][ T7550] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 254.562492][ T7550] R13: 0000000000000000 R14: 00007f37c43b5fa0 R15: 00007ffc50db29b8 [ 254.562535][ T7550] [ 254.562558][ T7550] Mem-Info: [ 254.894246][ T7550] active_anon:7624 inactive_anon:0 isolated_anon:0 [ 254.894246][ T7550] active_file:1742 inactive_file:39886 isolated_file:0 [ 254.894246][ T7550] unevictable:768 dirty:162 writeback:0 [ 254.894246][ T7550] slab_reclaimable:10636 slab_unreclaimable:100190 [ 254.894246][ T7550] mapped:37534 shmem:4248 pagetables:1162 [ 254.894246][ T7550] sec_pagetables:0 bounce:0 [ 254.894246][ T7550] kernel_misc_reclaimable:0 [ 254.894246][ T7550] free:1277165 free_pcp:24847 free_cma:0 [ 255.020592][ T7550] Node 0 active_anon:30504kB inactive_anon:0kB active_file:6968kB inactive_file:159352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138748kB dirty:656kB writeback:0kB shmem:15456kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12404kB pagetables:4632kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 255.073349][ T7550] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 255.177296][ T7550] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 255.211144][ T7583] 9pnet_fd: Insufficient options for proto=fd [ 255.262875][ T7550] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 255.269079][ T7550] Node 0 DMA32 free:1193252kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28416kB inactive_anon:0kB active_file:6968kB inactive_file:158040kB unevictable:1536kB writepending:660kB present:3129332kB managed:2540804kB mlocked:0kB bounce:0kB free_pcp:82176kB local_pcp:36796kB free_cma:0kB [ 255.344567][ T7550] lowmem_reserve[]: 0 0 1 1 1 [ 255.360165][ T7550] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 255.439653][ T7550] lowmem_reserve[]: 0 0 0 0 0 [ 255.450354][ T7550] Node 1 Normal free:3900284kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20128kB local_pcp:12800kB free_cma:0kB [ 255.537784][ T7550] lowmem_reserve[]: 0 0 0 0 0 [ 255.570396][ T7550] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 255.616313][ T7550] Node 0 DMA32: 1*4kB (M) 1*8kB (M) 2*16kB (ME) 3*32kB (UE) 23*64kB (UME) 83*128kB (UM) 67*256kB (UM) 17*512kB (UME) 19*1024kB (UM) 8*2048kB (UM) 272*4096kB (UM) = 1188044kB [ 255.689025][ T7550] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 255.735867][ T7550] Node 1 Normal: 197*4kB (UE) 57*8kB (UME) 40*16kB (UME) 99*32kB (UME) 33*64kB (UME) 5*128kB (UM) 3*256kB (ME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3900284kB [ 255.851645][ T7550] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.922784][ T7550] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 255.951279][ T7550] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.999574][ T7550] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 256.032875][ T7550] 44478 total pagecache pages [ 256.047486][ T7550] 0 pages in swap cache [ 256.076149][ T7550] Free swap = 124996kB [ 256.080500][ T7550] Total swap = 124996kB [ 256.103430][ T7550] 2097051 pages RAM [ 256.112751][ T7550] 0 pages HighMem/MovableOnly [ 256.131984][ T7550] 429872 pages reserved [ 256.142009][ T7550] 0 pages cma reserved [ 256.638161][ T7605] ALSA: seq fatal error: cannot create timer (-19) [ 256.779815][ T7588] overlayfs: failed to resolve './file1': -2 [ 256.975448][ T7588] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 256.984031][ T7588] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 257.033048][ T7588] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 257.049648][ T7588] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 257.073053][ T7588] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 257.099420][ T7588] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 257.405216][ T7620] 9pnet_fd: Insufficient options for proto=fd [ 257.436348][ T7621] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'. [ 258.989618][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 259.002859][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 259.085484][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 259.091692][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout [ 259.097921][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 259.162753][ T5840] Bluetooth: hci6: command 0x0c1a tx timeout [ 259.730149][ T7665] loop0: detected capacity change from 0 to 512 [ 259.754948][ T7665] EXT4-fs: Ignoring removed mblk_io_submit option [ 259.767951][ T7665] ext4: Unknown parameter 'seclabel' [ 260.239633][ T7675] overlayfs: failed to resolve './file1': -2 [ 260.319001][ T7681] loop6: detected capacity change from 0 to 1024 [ 260.375995][ T7681] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 260.383855][ T7674] lo speed is unknown, defaulting to 1000 [ 260.424450][ T7681] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 260.539057][ T7681] JBD2: no valid journal superblock found [ 260.560033][ T7681] EXT4-fs (loop6): Could not load journal inode [ 260.706089][ T7675] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 260.712966][ T7675] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 260.719106][ T7675] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 260.725381][ T7675] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 260.731487][ T7675] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 260.737733][ T7675] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 260.930099][ T7689] overlayfs: missing 'lowerdir' [ 261.534977][ T7700] netlink: 4 bytes leftover after parsing attributes in process `syz.3.560'. [ 261.966921][ T7710] loop2: detected capacity change from 0 to 164 [ 262.000319][ T7710] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 262.029241][ T7710] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 262.091072][ T7710] Symlink component flag not implemented [ 262.203187][ T7710] Symlink component flag not implemented [ 262.234205][ T7717] Symlink component flag not implemented (7) [ 262.352880][ T7717] Symlink component flag not implemented (116) [ 262.373226][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 262.932660][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout [ 262.938896][ T5852] Bluetooth: hci6: command 0x0c1a tx timeout [ 262.945169][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 262.945259][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 262.951370][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 263.248384][ T7732] overlayfs: missing 'lowerdir' [ 265.333353][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.449652][ T7769] loop0: detected capacity change from 0 to 512 [ 265.462735][ T7769] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 265.481996][ T7769] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.585: invalid block [ 265.526646][ T7769] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #11: comm syz.0.585: invalid indirect mapped block 4294967295 (level 1) [ 265.547178][ T7769] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #11: comm syz.0.585: invalid indirect mapped block 4294967295 (level 1) [ 265.568456][ T7769] EXT4-fs (loop0): 2 truncates cleaned up [ 265.576769][ T7769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.598405][ T7769] EXT4-fs error (device loop0): ext4_get_parent:1833: inode #11: comm syz.0.585: bad parent inode number: 3 [ 265.635610][ T7773] overlayfs: missing 'lowerdir' [ 266.180144][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.150388][ T7796] input: syz0 as /devices/virtual/input/input14 [ 267.992851][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 267.992882][ T30] audit: type=1326 audit(1749796418.201:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.062167][ T30] audit: type=1326 audit(1749796418.211:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.098049][ T30] audit: type=1326 audit(1749796418.241:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.139809][ T30] audit: type=1326 audit(1749796418.241:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.170521][ T7816] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 268.241122][ T7816] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 268.242623][ T30] audit: type=1326 audit(1749796418.241:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.342014][ T7818] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 268.452967][ T30] audit: type=1326 audit(1749796418.251:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.512115][ T30] audit: type=1326 audit(1749796418.251:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.558214][ T30] audit: type=1326 audit(1749796418.251:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 268.619222][ T30] audit: type=1326 audit(1749796418.251:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 269.260758][ T30] audit: type=1326 audit(1749796418.251:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7810 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1265f8e929 code=0x7ffc0000 [ 269.657357][ T7833] binder: 7826:7833 ioctl c0306201 0 returned -14 [ 271.240150][ T7845] sctp: failed to load transform for md5: -2 [ 271.608212][ T7864] loop2: detected capacity change from 0 to 512 [ 271.690535][ T7864] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 271.755180][ T7864] EXT4-fs (loop2): orphan cleanup on readonly fs [ 271.897340][ T7864] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.615: corrupted inode contents [ 271.969394][ T7864] EXT4-fs (loop2): Remounting filesystem read-only [ 271.989007][ T7864] EXT4-fs (loop2): 1 truncate cleaned up [ 272.007288][ T6666] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 272.070982][ T6666] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 272.098120][ T6666] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 272.132307][ T7864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 272.168035][ T7879] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 272.214012][ T7879] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 272.656298][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.170840][ T7905] overlayfs: failed to resolve './file1': -2 [ 274.837018][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 274.837040][ T30] audit: type=1326 audit(1749796425.061:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.626" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f36f298e929 code=0x0 [ 275.263420][ T7906] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 275.270857][ T7906] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 275.277399][ T7906] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 275.283668][ T7906] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 275.290947][ T7906] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 275.297124][ T7906] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 276.307299][ T7919] loop0: detected capacity change from 0 to 164 [ 277.208863][ T7919] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 277.262932][ T7919] mmap: syz.0.632 (7919) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 277.332938][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 277.341663][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 277.347764][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 277.402794][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 277.409147][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout [ 277.415339][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 277.667042][ T7927] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 278.596096][ T7936] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 278.649159][ T7936] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 280.774434][ T7952] syz.6.643 uses obsolete (PF_INET,SOCK_PACKET) [ 281.396769][ T7963] binder: BINDER_SET_CONTEXT_MGR already set [ 281.410544][ T7963] binder: 7955:7963 ioctl 4018620d 200000000040 returned -16 [ 282.764826][ T7967] binder: 7955:7967 ioctl c0306201 0 returned -14 [ 282.907841][ T7971] loop6: detected capacity change from 0 to 1024 [ 283.756115][ T7971] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.965290][ T7986] overlayfs: missing 'lowerdir' [ 284.154057][ T7989] loop8: detected capacity change from 0 to 16384 [ 284.237366][ T6540] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.553526][ T7990] loop8: detected capacity change from 16384 to 16298 [ 284.667421][ T7990] [ 284.669827][ T7990] ====================================================== [ 284.676866][ T7990] WARNING: possible circular locking dependency detected [ 284.683920][ T7990] 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 Not tainted [ 284.691058][ T7990] ------------------------------------------------------ [ 284.698112][ T7990] syz.2.655/7990 is trying to acquire lock: [ 284.704029][ T7990] ffffffff908b47a8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_env+0xb36/0x1870 [ 284.713880][ T7990] [ 284.713880][ T7990] but task is already holding lock: [ 284.721353][ T7990] ffff8880264b58b0 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 284.732705][ T7990] [ 284.732705][ T7990] which lock already depends on the new lock. [ 284.732705][ T7990] [ 284.743137][ T7990] [ 284.743137][ T7990] the existing dependency chain (in reverse order) is: [ 284.752162][ T7990] [ 284.752162][ T7990] -> #2 (&q->q_usage_counter(io)#25){++++}-{0:0}: [ 284.760814][ T7990] blk_alloc_queue+0x619/0x760 [ 284.766131][ T7990] blk_mq_alloc_queue+0x175/0x290 [ 284.771709][ T7990] __blk_mq_alloc_disk+0x29/0x120 [ 284.777298][ T7990] loop_add+0x49e/0xb70 [ 284.782015][ T7990] loop_init+0x164/0x270 [ 284.786832][ T7990] do_one_initcall+0x123/0x6e0 [ 284.792153][ T7990] kernel_init_freeable+0x5c2/0x900 [ 284.797920][ T7990] kernel_init+0x1c/0x2b0 [ 284.802808][ T7990] ret_from_fork+0x5d7/0x6f0 [ 284.807962][ T7990] ret_from_fork_asm+0x1a/0x30 [ 284.813280][ T7990] [ 284.813280][ T7990] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 284.820537][ T7990] fs_reclaim_acquire+0x102/0x150 [ 284.826131][ T7990] kmem_cache_alloc_node_noprof+0x57/0x3b0 [ 284.832493][ T7990] __alloc_skb+0x2b2/0x380 [ 284.837483][ T7990] alloc_uevent_skb+0x7d/0x210 [ 284.842803][ T7990] kobject_uevent_env+0xca4/0x1870 [ 284.848468][ T7990] kobject_synth_uevent+0x7d4/0x8a0 [ 284.854218][ T7990] bus_uevent_store+0x3d/0x90 [ 284.859447][ T7990] bus_attr_store+0x74/0xb0 [ 284.864499][ T7990] sysfs_kf_write+0xf2/0x150 [ 284.869641][ T7990] kernfs_fop_write_iter+0x354/0x510 [ 284.875494][ T7990] vfs_write+0x6c7/0x1150 [ 284.880368][ T7990] ksys_write+0x12a/0x250 [ 284.885244][ T7990] do_syscall_64+0xcd/0x4c0 [ 284.890292][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.896747][ T7990] [ 284.896747][ T7990] -> #0 (uevent_sock_mutex){+.+.}-{4:4}: [ 284.904606][ T7990] __lock_acquire+0x126f/0x1c90 [ 284.910020][ T7990] lock_acquire+0x179/0x350 [ 284.915182][ T7990] __mutex_lock+0x199/0xb90 [ 284.920251][ T7990] kobject_uevent_env+0xb36/0x1870 [ 284.925937][ T7990] set_capacity_and_notify+0x1ca/0x240 [ 284.931951][ T7990] loop_set_status+0x94c/0xb90 [ 284.937267][ T7990] loop_set_status_old+0x162/0x1d0 [ 284.942939][ T7990] lo_ioctl+0xb3f/0x2760 [ 284.947754][ T7990] blkdev_ioctl+0x277/0x6d0 [ 284.952816][ T7990] __x64_sys_ioctl+0x18e/0x210 [ 284.958177][ T7990] do_syscall_64+0xcd/0x4c0 [ 284.963221][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.969666][ T7990] [ 284.969666][ T7990] other info that might help us debug this: [ 284.969666][ T7990] [ 284.979911][ T7990] Chain exists of: [ 284.979911][ T7990] uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#25 [ 284.979911][ T7990] [ 284.993719][ T7990] Possible unsafe locking scenario: [ 284.993719][ T7990] [ 285.001178][ T7990] CPU0 CPU1 [ 285.006549][ T7990] ---- ---- [ 285.011917][ T7990] lock(&q->q_usage_counter(io)#25); [ 285.017340][ T7990] lock(fs_reclaim); [ 285.023891][ T7990] lock(&q->q_usage_counter(io)#25); [ 285.031829][ T7990] lock(uevent_sock_mutex); [ 285.036445][ T7990] [ 285.036445][ T7990] *** DEADLOCK *** [ 285.036445][ T7990] [ 285.044603][ T7990] 3 locks held by syz.2.655/7990: [ 285.049635][ T7990] #0: ffff8880265b2400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2c/0xb90 [ 285.059215][ T7990] #1: ffff8880264b58b0 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 285.071066][ T7990] #2: ffff8880264b58e8 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 285.083104][ T7990] [ 285.083104][ T7990] stack backtrace: [ 285.089016][ T7990] CPU: 1 UID: 0 PID: 7990 Comm: syz.2.655 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 285.089061][ T7990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 285.089082][ T7990] Call Trace: [ 285.089102][ T7990] [ 285.089115][ T7990] dump_stack_lvl+0x116/0x1f0 [ 285.089193][ T7990] print_circular_bug+0x275/0x350 [ 285.089248][ T7990] check_noncircular+0x14c/0x170 [ 285.089306][ T7990] __lock_acquire+0x126f/0x1c90 [ 285.089368][ T7990] lock_acquire+0x179/0x350 [ 285.089419][ T7990] ? kobject_uevent_env+0xb36/0x1870 [ 285.089462][ T7990] ? __pfx___might_resched+0x10/0x10 [ 285.089510][ T7990] __mutex_lock+0x199/0xb90 [ 285.089543][ T7990] ? kobject_uevent_env+0xb36/0x1870 [ 285.089583][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.089628][ T7990] ? kobject_uevent_env+0xb36/0x1870 [ 285.089672][ T7990] ? __pfx___mutex_lock+0x10/0x10 [ 285.089704][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.089753][ T7990] ? class_dir_child_ns_type+0xd/0x60 [ 285.089792][ T7990] ? kobject_uevent_env+0xb36/0x1870 [ 285.089833][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.089873][ T7990] kobject_uevent_env+0xb36/0x1870 [ 285.089918][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.089965][ T7990] set_capacity_and_notify+0x1ca/0x240 [ 285.090011][ T7990] ? __pfx_set_capacity_and_notify+0x10/0x10 [ 285.090056][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090102][ T7990] ? __asan_memcpy+0x3c/0x60 [ 285.090136][ T7990] loop_set_status+0x94c/0xb90 [ 285.090184][ T7990] loop_set_status_old+0x162/0x1d0 [ 285.090226][ T7990] ? __pfx_loop_set_status_old+0x10/0x10 [ 285.090268][ T7990] ? __lock_acquire+0x622/0x1c90 [ 285.090331][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090372][ T7990] ? find_held_lock+0x2b/0x80 [ 285.090413][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090474][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090515][ T7990] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.090555][ T7990] lo_ioctl+0xb3f/0x2760 [ 285.090595][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090637][ T7990] ? __lock_acquire+0xb8a/0x1c90 [ 285.090691][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.090732][ T7990] ? kasan_save_stack+0x42/0x60 [ 285.090768][ T7990] ? kasan_save_stack+0x33/0x60 [ 285.090802][ T7990] ? kasan_save_track+0x14/0x30 [ 285.090837][ T7990] ? kasan_save_free_info+0x3b/0x60 [ 285.090888][ T7990] ? __kasan_slab_free+0x51/0x70 [ 285.090925][ T7990] ? kfree+0x2b4/0x4d0 [ 285.090977][ T7990] ? tomoyo_path_number_perm+0x470/0x580 [ 285.091016][ T7990] ? security_file_ioctl+0x9b/0x240 [ 285.091056][ T7990] ? __x64_sys_ioctl+0xb7/0x210 [ 285.091120][ T7990] ? do_syscall_64+0xcd/0x4c0 [ 285.091152][ T7990] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.091193][ T7990] ? __pfx_lo_ioctl+0x10/0x10 [ 285.091249][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091292][ T7990] ? kasan_quarantine_put+0x10a/0x240 [ 285.091327][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091367][ T7990] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.091422][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091465][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091506][ T7990] ? find_held_lock+0x2b/0x80 [ 285.091547][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091592][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091633][ T7990] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.091673][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091714][ T7990] ? blkdev_common_ioctl+0x1dd/0x2480 [ 285.091753][ T7990] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 285.091792][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.091833][ T7990] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.091873][ T7990] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 285.091914][ T7990] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 285.091984][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.092025][ T7990] ? find_held_lock+0x2b/0x80 [ 285.092063][ T7990] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.092111][ T7990] ? __pfx_lo_ioctl+0x10/0x10 [ 285.092152][ T7990] blkdev_ioctl+0x277/0x6d0 [ 285.092191][ T7990] ? __pfx_blkdev_ioctl+0x10/0x10 [ 285.092234][ T7990] ? __pfx_blkdev_ioctl+0x10/0x10 [ 285.092275][ T7990] __x64_sys_ioctl+0x18e/0x210 [ 285.092332][ T7990] do_syscall_64+0xcd/0x4c0 [ 285.092366][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.092401][ T7990] RIP: 0033:0x7f37c418e929 [ 285.092428][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.092462][ T7990] RSP: 002b:00007f37c4f69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.092494][ T7990] RAX: ffffffffffffffda RBX: 00007f37c43b6080 RCX: 00007f37c418e929 [ 285.092517][ T7990] RDX: 00002000000001c0 RSI: 0000000000004c02 RDI: 0000000000000004 [ 285.092538][ T7990] RBP: 00007f37c4210b39 R08: 0000000000000000 R09: 0000000000000000 [ 285.092560][ T7990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.092582][ T7990] R13: 0000000000000001 R14: 00007f37c43b6080 R15: 00007ffc50db29b8 [ 285.092615][ T7990]