last executing test programs: 3m26.467457039s ago: executing program 0 (id=132): write$dsp(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TYPE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x30, 0xd, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x4040000) 3m25.237528989s ago: executing program 0 (id=136): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe") mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0) getpgid(0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0) syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==") renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2) 3m24.273722277s ago: executing program 0 (id=139): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c0001800600060065580000100002800c0011"], 0x34}, 0x1, 0x0, 0x0, 0x8040}, 0xc000) 3m21.118283792s ago: executing program 0 (id=144): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") creat(&(0x7f0000000000)='./bus\x00', 0x89) mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000034c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0xcac) fchown(r0, r2, r3) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000000100040000000000040004000000000008000000", @ANYRES32=r3, @ANYBLOB="10000100000080df20"], 0x2c, 0x2) read$FUSE(0xffffffffffffffff, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000002240)={0x10, 0xffffffffffffffda}, 0x10) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 3m18.91953226s ago: executing program 0 (id=152): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) r3 = socket$packet(0x11, 0x2, 0x300) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}}) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb78a405e0483020b990102030109022400010000000009040000025c291d0009050900000000000009050b01"], 0x0) 3m18.893192823s ago: executing program 2 (id=153): r0 = syz_open_procfs(0xffffffffffffffff, 0x0) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000100)) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="09030000000000fdff072000adce04000280"], 0x18}, 0x1, 0xf000000}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000240), 0x3af4701e) sendfile(r4, r2, 0x0, 0x10000a007) 3m16.994159796s ago: executing program 0 (id=156): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5) sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0x3, 0x8) 3m16.993983566s ago: executing program 2 (id=157): r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000190c0)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000ec0), 0xffffffffffffffff) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r4, 0x301, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4811}, 0x0) 3m16.068585471s ago: executing program 32 (id=156): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5) sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0x3, 0x8) 3m15.909160954s ago: executing program 2 (id=159): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f00000013c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000001340)=0x10) setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000080)={r4, 0x101, 0xfffffffb}, 0x10) 3m14.429192004s ago: executing program 2 (id=161): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") creat(&(0x7f0000000000)='./bus\x00', 0x89) mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000034c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0xcac) fchown(r0, r2, r3) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000000100040000000000040004000000000008000000", @ANYRES32=r3, @ANYBLOB="10000100000080df20"], 0x2c, 0x2) read$FUSE(0xffffffffffffffff, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000002240)={0x10, 0xffffffffffffffda}, 0x10) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 3m13.803514214s ago: executing program 2 (id=162): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m13.079937723s ago: executing program 2 (id=167): ioctl$int_out(0xffffffffffffffff, 0x5460, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x2, 0x4, 0x5, 0xbaa, 0x0, 0xffffffffffffffff, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38) 3m11.87905576s ago: executing program 33 (id=167): ioctl$int_out(0xffffffffffffffff, 0x5460, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x2, 0x4, 0x5, 0xbaa, 0x0, 0xffffffffffffffff, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38) 2m30.794795676s ago: executing program 4 (id=259): socket$nl_generic(0x10, 0x3, 0x10) r0 = epoll_create1(0x0) close_range(r0, r0, 0x0) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r1, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000005440)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)='+', 0x1}], 0x1}}], 0x1, 0x400c404) sendmmsg$inet6(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x800) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d61637365630000140002800500090000000000050008000000000008000500", @ANYRES32=r3], 0x4c}}, 0x0) 2m28.862812152s ago: executing program 4 (id=263): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bind$alg(r0, &(0x7f0000000340)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58) 2m26.712525186s ago: executing program 4 (id=267): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0xb8f6e9dca0a7eb22, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x939e02dc105d5baa, 0xfff5}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000640)=""/211, 0xd3}, {&(0x7f0000003080)=""/4093, 0xffd}, {&(0x7f0000000540)=""/212, 0xd4}, {&(0x7f0000000180)=""/192, 0xc0}], 0x4}, 0x8}], 0x1, 0x0, 0x0) 2m20.626818268s ago: executing program 4 (id=278): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") socket$inet6(0xa, 0xa, 0x1fb) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) symlink(&(0x7f00000005c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='.\x02\x00') creat(&(0x7f0000000e00)='.\x02\x00', 0x106) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) mknod$loop(&(0x7f0000000a00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000, 0x1) 2m19.272995938s ago: executing program 4 (id=282): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x10000840) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x3, 0x6) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001c40)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r6, {0xfff2, 0xfff3}, {0x0, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 2m18.482176252s ago: executing program 4 (id=285): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x2, 0x4, 0x0, 0xe}, 0x10) write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f4070009010000000000fe03000100000000", 0x1c) 2m17.999509621s ago: executing program 34 (id=285): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x2, 0x4, 0x0, 0xe}, 0x10) write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f4070009010000000000fe03000100000000", 0x1c) 22.185935165s ago: executing program 3 (id=571): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc) 14.787459313s ago: executing program 3 (id=586): ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) syz_open_procfs(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001) r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="140100000000b2000500000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) dup2(r0, 0xffffffffffffffff) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0) setresuid(0xee01, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x26e1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @mcast2, 0x7}, 0x1c) 12.395269267s ago: executing program 3 (id=589): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x9, 0x51ba0380, 0x7}, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) 8.673786018s ago: executing program 1 (id=593): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f00000000c0)='ccnA\xf6gro_p\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) 7.476829975s ago: executing program 1 (id=595): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r4, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x1, @remote}, 0xa}}, 0x26) sendmmsg$inet(r4, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 6.466712377s ago: executing program 1 (id=596): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0) r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0) r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0) write(r2, &(0x7f0000000180)="01010101", 0x4) close(r2) execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0) close(r3) execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff) execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0x0) 6.415183111s ago: executing program 6 (id=597): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x19, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r4, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x24, r0, 0x1, 0x709d26, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40804}, 0x0) 6.131500644s ago: executing program 6 (id=598): socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000340)='q', 0x1) 6.131218054s ago: executing program 3 (id=599): bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="060000000400000008000000080000", @ANYRES32], 0x48) pipe(&(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 6.046204831s ago: executing program 1 (id=600): r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0xc) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x19, 0x0, 0x0) r4 = syz_open_procfs(0x0, 0x0) preadv(r4, &(0x7f00000000c0)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0x141, 0x0) recvmmsg(r3, &(0x7f000000a100), 0x0, 0x40002040, 0x0) 5.997645835s ago: executing program 5 (id=601): syz_create_resource$binfmt(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0) 5.867098486s ago: executing program 3 (id=602): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x6) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) socket(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0}) close_range(r1, 0xffffffffffffffff, 0x0) 4.983577658s ago: executing program 6 (id=603): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 4.959819389s ago: executing program 5 (id=604): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x3d7, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r5 = userfaultfd(0x80801) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100}) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f00006c0000/0x1000)=nil, 0x800000}) syz_io_uring_submit(r6, 0x0, 0x0) 4.730428108s ago: executing program 6 (id=605): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0xd, 0x0, 0x3, 0x80}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0xc, 0x0, 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 3.655965815s ago: executing program 6 (id=606): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==") syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r3, 0x6, 0x4, 0x0, &(0x7f0000001dc0)) 3.451966731s ago: executing program 5 (id=607): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105042, 0x189) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200008500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0xe, 0x0, &(0x7f0000000000)="9b352e98d1dc0621a18bc4c5a6c1", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) unlink(0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r1, 0x8b2a, &(0x7f0000000040)) r2 = open(&(0x7f0000000140)='./file2\x00', 0x101100, 0x11) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'sit0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x3f000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0xc6, 0xfffa, 0x2, 0x0, 0x9, 0x81}}, {0x4}}, {{0x1c, 0x1, {0x7, 0x5, 0x4, 0x1f5b, 0x2, 0x1, 0x49b6324}}, {0x4}}]}]}, 0x74}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', r5, 0x1, 0x40, 0x6, 0x8000, {{0x1d, 0x4, 0x0, 0x7, 0x74, 0x66, 0x0, 0x6, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, {[@rr={0x7, 0x17, 0xfe, [@remote, @multicast2, @multicast2, @multicast1, @multicast1]}, @cipso={0x86, 0x6, 0x1}, @timestamp={0x44, 0x14, 0x52, 0x0, 0x8, [0x9, 0x2000000, 0x7fffffff, 0x5]}, @ssrr={0x89, 0x1b, 0x80, [@broadcast, @loopback, @remote, @remote, @dev={0xac, 0x14, 0x14, 0xf}, @multicast1]}, @rr={0x7, 0x13, 0x3b, [@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x3e}, @private=0xa010101, @loopback]}]}}}}}) 1.902228697s ago: executing program 5 (id=608): socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$vsock_stream(r0, &(0x7f0000000000)={0x10}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 1.726221381s ago: executing program 1 (id=609): unshare(0x22020400) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) r3 = accept4$unix(r1, 0x0, 0x0, 0x0) recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000006000000180100006020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000035000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) 1.531046916s ago: executing program 5 (id=610): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet(0x2, 0x2, 0x0) getsockopt$inet_opts(r4, 0x0, 0x4, 0xfffffffffffffffe, &(0x7f0000000200)) 1.408413826s ago: executing program 3 (id=611): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) userfaultfd(0x80001) syz_open_dev$video(&(0x7f0000000100), 0x49, 0x0) r3 = socket(0x15, 0x5, 0x0) getsockopt(r3, 0x200000000114, 0x2711, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9) 158.583728ms ago: executing program 6 (id=612): syz_create_resource$binfmt(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0) 844.75µs ago: executing program 1 (id=613): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x10, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff2}, {}, {0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xffffffff, 0x0, 0x6, 0x6}}]}, {0x4, 0x3f}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20018804}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x0, 0xfff2}, {}, {0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xffffffff, 0x0, 0x6, 0x6}}]}, {0x4, 0x3f}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20018804}, 0x0) 0s ago: executing program 5 (id=614): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x13, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c0002800800074000000000080003400000001608000140000000120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.49' (ED25519) to the list of known hosts. syzkaller login: [ 66.450515][ T5772] cgroup: Unknown subsys name 'net' [ 66.609055][ T5772] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.864293][ T5772] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 69.341209][ T5786] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.349390][ T5786] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.358546][ T5786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.367543][ T5786] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.375832][ T5786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.384282][ T5786] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.391544][ T5786] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.405038][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.405096][ T5786] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.418685][ T5795] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.428427][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.436945][ T5795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.443697][ T5786] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.444950][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.459272][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.468244][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.469352][ T5795] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.482708][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.483925][ T5795] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.499548][ T5795] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.507040][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.515029][ T5795] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.515603][ T5794] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.531036][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.931429][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 70.049509][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 70.146283][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.153789][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.161377][ T5785] bridge_slave_0: entered allmulticast mode [ 70.170000][ T5785] bridge_slave_0: entered promiscuous mode [ 70.181830][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 70.200638][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.211402][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.220210][ T5785] bridge_slave_1: entered allmulticast mode [ 70.230558][ T5785] bridge_slave_1: entered promiscuous mode [ 70.294097][ T5783] chnl_net:caif_netlink_parms(): no params data found [ 70.310610][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.340840][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.377829][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.385123][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.392298][ T5784] bridge_slave_0: entered allmulticast mode [ 70.400698][ T5784] bridge_slave_0: entered promiscuous mode [ 70.414997][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.422145][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.429623][ T5784] bridge_slave_1: entered allmulticast mode [ 70.437179][ T5784] bridge_slave_1: entered promiscuous mode [ 70.498186][ T5785] team0: Port device team_slave_0 added [ 70.508193][ T5785] team0: Port device team_slave_1 added [ 70.529411][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.536979][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.544360][ T5782] bridge_slave_0: entered allmulticast mode [ 70.551033][ T5782] bridge_slave_0: entered promiscuous mode [ 70.572310][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.592069][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.599986][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.607408][ T5782] bridge_slave_1: entered allmulticast mode [ 70.615828][ T5782] bridge_slave_1: entered promiscuous mode [ 70.632433][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.664438][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.671446][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.697850][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.747581][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.754971][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.781354][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.801119][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.808587][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.816915][ T5783] bridge_slave_0: entered allmulticast mode [ 70.824266][ T5783] bridge_slave_0: entered promiscuous mode [ 70.833213][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.846843][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.865340][ T5784] team0: Port device team_slave_0 added [ 70.871600][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.878785][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.886143][ T5783] bridge_slave_1: entered allmulticast mode [ 70.892752][ T5783] bridge_slave_1: entered promiscuous mode [ 70.929597][ T5784] team0: Port device team_slave_1 added [ 70.963116][ T5782] team0: Port device team_slave_0 added [ 70.971975][ T5782] team0: Port device team_slave_1 added [ 71.000653][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.013247][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.072778][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.080014][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.106377][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.119550][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.126751][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.152930][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.166024][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.173028][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.199010][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.212733][ T5785] hsr_slave_0: entered promiscuous mode [ 71.220097][ T5785] hsr_slave_1: entered promiscuous mode [ 71.239559][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.246816][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.273187][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.301287][ T5783] team0: Port device team_slave_0 added [ 71.309898][ T5783] team0: Port device team_slave_1 added [ 71.407476][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.415235][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.445240][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.446260][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.462520][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.469658][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.469959][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.502640][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.514684][ T50] Bluetooth: hci2: command tx timeout [ 71.518925][ T5784] hsr_slave_0: entered promiscuous mode [ 71.527484][ T5784] hsr_slave_1: entered promiscuous mode [ 71.533840][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.541673][ T5784] Cannot create hsr debugfs directory [ 71.566599][ T5782] hsr_slave_0: entered promiscuous mode [ 71.572823][ T5782] hsr_slave_1: entered promiscuous mode [ 71.578969][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.587120][ T50] Bluetooth: hci1: command tx timeout [ 71.589311][ T5782] Cannot create hsr debugfs directory [ 71.592999][ T5791] Bluetooth: hci0: command tx timeout [ 71.598127][ T5795] Bluetooth: hci3: command tx timeout [ 71.735722][ T5783] hsr_slave_0: entered promiscuous mode [ 71.741983][ T5783] hsr_slave_1: entered promiscuous mode [ 71.749755][ T5783] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.757415][ T5783] Cannot create hsr debugfs directory [ 72.044770][ T5785] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.058715][ T5785] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.075589][ T5785] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.085207][ T5785] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.136255][ T5784] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 72.163248][ T5784] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 72.172666][ T5784] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 72.184472][ T5784] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 72.285125][ T5782] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 72.337810][ T5782] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 72.348684][ T5782] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 72.362171][ T5782] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 72.399763][ T5783] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 72.409351][ T5783] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 72.426803][ T5783] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 72.438147][ T5783] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 72.561860][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.617485][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.638460][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.663270][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.670725][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.695152][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.709204][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.716580][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.741642][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.785399][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.817857][ T5783] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.828366][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.835648][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.846386][ T1075] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.853623][ T1075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.875953][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.905165][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.912508][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.946148][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.953354][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.966378][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.973846][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.047729][ T3495] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.054896][ T3495] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.107059][ T5785] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.584911][ T5795] Bluetooth: hci2: command tx timeout [ 73.639405][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.666383][ T5795] Bluetooth: hci0: command tx timeout [ 73.666462][ T50] Bluetooth: hci3: command tx timeout [ 73.677529][ T5791] Bluetooth: hci1: command tx timeout [ 73.740311][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.765836][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.781109][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.801591][ T5785] veth0_vlan: entered promiscuous mode [ 73.850940][ T5785] veth1_vlan: entered promiscuous mode [ 73.906215][ T5784] veth0_vlan: entered promiscuous mode [ 73.931704][ T5783] veth0_vlan: entered promiscuous mode [ 73.955044][ T5783] veth1_vlan: entered promiscuous mode [ 73.965116][ T5784] veth1_vlan: entered promiscuous mode [ 74.000395][ T5782] veth0_vlan: entered promiscuous mode [ 74.029833][ T5785] veth0_macvtap: entered promiscuous mode [ 74.052011][ T5785] veth1_macvtap: entered promiscuous mode [ 74.060779][ T5782] veth1_vlan: entered promiscuous mode [ 74.082962][ T5783] veth0_macvtap: entered promiscuous mode [ 74.101158][ T5784] veth0_macvtap: entered promiscuous mode [ 74.111847][ T5783] veth1_macvtap: entered promiscuous mode [ 74.130446][ T5784] veth1_macvtap: entered promiscuous mode [ 74.158373][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.186989][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.210153][ T5785] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.219857][ T5785] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.229766][ T5785] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.240362][ T5785] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.252139][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.263766][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.275348][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.286159][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.297514][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.309554][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.320169][ T5782] veth0_macvtap: entered promiscuous mode [ 74.347098][ T5782] veth1_macvtap: entered promiscuous mode [ 74.359992][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.371081][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.381317][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.391984][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.403298][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.414189][ T5784] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.423042][ T5784] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.433575][ T5784] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.442694][ T5784] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.467790][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.478701][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.488904][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.499992][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.512116][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.527815][ T5783] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.538397][ T5783] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.547730][ T5783] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.557905][ T5783] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.629996][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.640885][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.652712][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.664040][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.673981][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.685059][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.697050][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.756002][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.768746][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.779348][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.790903][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.802931][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.813958][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.825347][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.850305][ T5782] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.859216][ T5782] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.868502][ T5782] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.877719][ T5782] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.904507][ T1075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.918522][ T1075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.930783][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.942744][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.005984][ T3478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.019702][ T3478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.103863][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.113125][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.197037][ T3478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.209004][ T3478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.230789][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.249933][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.351838][ T5872] syz.1.2[5872]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 75.403834][ T5872] loop1: detected capacity change from 0 to 256 [ 75.413773][ T5872] ======================================================= [ 75.413773][ T5872] WARNING: The mand mount option has been deprecated and [ 75.413773][ T5872] and is ignored by this kernel. Remove the mand [ 75.413773][ T5872] option from the mount to silence this warning. [ 75.413773][ T5872] ======================================================= [ 75.465617][ T5872] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 75.485465][ T5872] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 75.505608][ T5872] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 75.512354][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.548834][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.579626][ T3510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.594325][ T3510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.667647][ T50] Bluetooth: hci2: command tx timeout [ 75.697075][ T5876] cgroup: subsys name conflicts with all [ 75.779266][ T50] Bluetooth: hci0: command tx timeout [ 75.785876][ T50] Bluetooth: hci3: command tx timeout [ 75.791372][ T5791] Bluetooth: hci1: command tx timeout [ 76.078247][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 76.174073][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.672051][ T5893] netlink: 'syz.2.6': attribute type 10 has an invalid length. [ 77.684129][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.692669][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.743820][ T5791] Bluetooth: hci2: command tx timeout [ 77.755067][ T5893] macvlan0: entered promiscuous mode [ 77.784423][ T5894] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 77.824336][ T5791] Bluetooth: hci1: command tx timeout [ 77.829789][ T5791] Bluetooth: hci0: command tx timeout [ 77.835201][ T50] Bluetooth: hci3: command tx timeout [ 77.915558][ T5898] loop1: detected capacity change from 0 to 1024 [ 77.925433][ T5898] EXT4-fs: Ignoring removed i_version option [ 79.590467][ T5896] sched: RT throttling activated [ 80.610561][ T5893] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 80.704718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 81.626306][ T5898] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 81.638559][ T5898] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 81.639492][ T5898] EXT4-fs: failed to create workqueue [ 81.654533][ T5898] EXT4-fs (loop1): mount failed [ 81.876389][ T8] cfg80211: failed to load regulatory.db [ 82.222333][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 82.231255][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 82.378124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 82.514408][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.523327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.025640][ T5919] xt_HMARK: proto mask must be zero with L3 mode [ 86.985128][ T5944] loop0: detected capacity change from 0 to 256 [ 87.755416][ T5942] cgroup: fork rejected by pids controller in /syz1 [ 89.214192][ T5992] netlink: 16 bytes leftover after parsing attributes in process `syz.1.25'. [ 89.906762][ T6006] xt_cgroup: path and classid specified [ 90.784440][ T6022] loop0: detected capacity change from 0 to 1024 [ 90.829841][ T6022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.862980][ T6022] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.982136][ T6022] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 91.051360][ T42] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 91.119683][ T6022] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 91.151253][ T6022] EXT4-fs (loop0): This should not happen!! Data will be lost [ 91.151253][ T6022] [ 91.168521][ T6022] EXT4-fs (loop0): Total free blocks count 0 [ 91.175192][ T6022] EXT4-fs (loop0): Free/Dirty block details [ 91.181326][ T6022] EXT4-fs (loop0): free_blocks=4293918720 [ 91.192042][ T6022] EXT4-fs (loop0): dirty_blocks=64 [ 91.201301][ T6022] EXT4-fs (loop0): Block reservation details [ 91.226507][ T6022] EXT4-fs (loop0): i_reserved_data_blocks=4 [ 91.433623][ T42] usb 3-1: Using ep0 maxpacket: 8 [ 91.445923][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.446096][ T42] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 91.463617][ T42] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 91.473524][ T42] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 91.485495][ T42] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 92.233245][ T42] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 92.248834][ T42] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 92.260235][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.504709][ T42] usb 3-1: usb_control_msg returned -71 [ 92.513532][ T42] usbtmc 3-1:16.0: can't read capabilities [ 92.705363][ T42] usb 3-1: USB disconnect, device number 2 [ 92.911603][ T6043] xt_nat: multiple ranges no longer supported [ 93.749362][ T5868] IPVS: starting estimator thread 0... [ 93.953823][ T6045] IPVS: using max 16 ests per chain, 38400 per kthread [ 94.164314][ T6047] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 94.250373][ T6047] tipc: Started in network mode [ 94.264192][ T6047] tipc: Node identity 7f000001, cluster identity 4711 [ 94.301054][ T6047] tipc: Enabled bearer , priority 10 [ 95.285153][ T8] tipc: Node number set to 2130706433 [ 95.732594][ T6051] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.943339][ T6084] netlink: 'syz.0.49': attribute type 1 has an invalid length. [ 98.875596][ T6090] Driver unsupported XDP return value 0 on prog (id 21) dev N/A, expect packet loss! [ 98.999479][ T6096] loop3: detected capacity change from 0 to 128 [ 99.181202][ T6096] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 100.509910][ T5891] IPVS: starting estimator thread 0... [ 100.518675][ T6096] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 100.667340][ T6103] IPVS: using max 15 ests per chain, 36000 per kthread [ 103.327216][ T6131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.61'. [ 104.462825][ T6132] tipc: Started in network mode [ 104.588697][ T6132] tipc: Node identity ae3d0d517519, cluster identity 4711 [ 104.598119][ T6132] tipc: Enabled bearer , priority 0 [ 104.621458][ T6125] tipc: Resetting bearer [ 105.226165][ T6124] tipc: Disabling bearer [ 105.686455][ T6153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.66'. [ 106.657357][ T6161] Zero length message leads to an empty skb [ 114.599865][ T6223] sch_tbf: burst 19869 is lower than device lo mtu (65550) ! [ 115.475263][ T5774] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 115.580136][ T5774] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 116.589379][ T6243] bond0: entered promiscuous mode [ 116.846969][ T6251] loop0: detected capacity change from 0 to 128 [ 116.893583][ T6251] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 116.972171][ T6251] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 117.433269][ T6258] kvm: emulating exchange as write [ 117.452660][ T6268] netlink: 'syz.0.93': attribute type 1 has an invalid length. [ 117.475109][ T6268] mmap: syz.0.93 (6268) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 118.874412][ T6287] loop0: detected capacity change from 0 to 2048 [ 119.042477][ T5868] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 119.728466][ T6287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.829334][ T6287] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.976276][ T5868] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 120.032499][ T5868] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 120.053590][ T5868] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 120.076870][ T5868] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.220704][ T6287] fs-verity: sha512 using implementation "sha512-avx2" [ 120.238493][ T6294] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 120.259525][ T5868] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 121.255535][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.013484][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.1.107'. [ 123.828958][ T6355] vlan2: entered allmulticast mode [ 123.838988][ T6355] bridge0: port 3(vlan2) entered blocking state [ 123.851058][ T6355] bridge0: port 3(vlan2) entered disabled state [ 123.876411][ T6355] vlan2: entered promiscuous mode [ 124.182850][ T6359] loop2: detected capacity change from 0 to 4096 [ 124.434815][ T787] usb 4-1: USB disconnect, device number 2 [ 125.365173][ T27] audit: type=1326 audit(1756432178.603:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.484723][ T27] audit: type=1326 audit(1756432178.603:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.559073][ T27] audit: type=1326 audit(1756432178.613:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.677628][ T27] audit: type=1326 audit(1756432178.613:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.933907][ T27] audit: type=1326 audit(1756432178.613:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.973532][ T27] audit: type=1326 audit(1756432178.613:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 125.996273][ T27] audit: type=1326 audit(1756432178.613:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 127.060744][ T27] audit: type=1326 audit(1756432178.643:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 127.200377][ T6388] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.117'. [ 127.222900][ T27] audit: type=1326 audit(1756432178.643:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 127.258585][ T27] audit: type=1326 audit(1756432178.643:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.3.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a5b8ebe9 code=0x7ffc0000 [ 127.876803][ T6397] loop2: detected capacity change from 0 to 1024 [ 127.927438][ T6397] EXT4-fs: Ignoring removed bh option [ 127.977247][ T6397] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 128.294878][ T6397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.701202][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.180487][ T6405] tc_dump_action: action bad kind [ 129.188776][ T6405] capability: warning: `syz.2.120' uses deprecated v2 capabilities in a way that may be insecure [ 129.205219][ T6405] loop2: detected capacity change from 0 to 256 [ 129.386584][ T6405] FAT-fs (loop2): IO charset cp8 not found [ 129.589306][ T6405] capability: warning: `syz.2.120' uses 32-bit capabilities (legacy support in use) [ 129.592176][ T6408] vlan3: entered promiscuous mode [ 129.740452][ T6408] vlan3: entered allmulticast mode [ 129.756998][ T6408] hsr_slave_1: entered allmulticast mode [ 130.177378][ T6414] ptrace attach of "./syz-executor exec"[6415] was attempted by "./syz-executor exec"[6414] [ 131.175475][ T6417] netlink: 60 bytes leftover after parsing attributes in process `syz.1.124'. [ 132.868913][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.875525][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.333590][ T5868] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 133.543782][ T5868] usb 2-1: Using ep0 maxpacket: 8 [ 134.026213][ T5868] usb 2-1: unable to get BOS descriptor or descriptor too short [ 134.038199][ T5868] usb 2-1: config 0 has an invalid interface number: 88 but max is 0 [ 134.121488][ T5868] usb 2-1: config 0 has no interface number 0 [ 134.140085][ T5868] usb 2-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 134.182315][ T5868] usb 2-1: config 0 interface 88 has no altsetting 0 [ 134.206108][ T5868] usb 2-1: language id specifier not provided by device, defaulting to English [ 134.226019][ T5868] usb 2-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 134.243583][ T5868] usb 2-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 134.403593][ T5868] usb 2-1: Product: syz [ 134.409080][ T5868] usb 2-1: Manufacturer: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭ꃮ [ 134.440577][ T5868] usb 2-1: SerialNumber: syz [ 134.489864][ T5868] usb 2-1: config 0 descriptor?? [ 134.543979][ T6440] loop0: detected capacity change from 0 to 512 [ 134.558652][ T6440] EXT4-fs: Ignoring removed i_version option [ 134.792366][ T6440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 135.157106][ T6432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.173841][ T6440] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.187562][ T6440] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.241682][ T6432] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.506661][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.168757][ T6447] netlink: 28 bytes leftover after parsing attributes in process `syz.3.131'. [ 136.383175][ T6451] netlink: 'syz.2.133': attribute type 2 has an invalid length. [ 137.157640][ T5868] input: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.88/input/input5 [ 137.194832][ T5868] usb 2-1: USB disconnect, device number 2 [ 137.194846][ C1] usb_acecad 2-1:0.88: can't resubmit intr, dummy_hcd.1-1/input0, status -19 [ 137.276425][ T6460] loop0: detected capacity change from 0 to 512 [ 137.312405][ T6460] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.136: casefold flag without casefold feature [ 137.413626][ T23] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 137.417909][ T6460] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.136: couldn't read orphan inode 15 (err -117) [ 137.475426][ T6460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.618373][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 137.642241][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 48, changing to 7 [ 137.668327][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 8240, setting to 1024 [ 137.688525][ T23] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 137.703718][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.715284][ T23] usb 4-1: Product: syz [ 137.721773][ T23] usb 4-1: Manufacturer: syz [ 137.732052][ T23] usb 4-1: SerialNumber: syz [ 137.746724][ T23] usb 4-1: config 0 descriptor?? [ 137.754780][ T6460] EXT4-fs error (device loop0): __ext4_get_inode_loc:4483: comm syz.0.136: Invalid inode table block 0 in block_group 0 [ 137.780364][ T23] usb 4-1: 0:0 : invalid sync pipe. bmAttributes 01, bLength 9, bSynchAddress 30 [ 137.798733][ T6460] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 137.830664][ T6460] EXT4-fs error (device loop0): ext4_setent:3695: inode #2: comm syz.0.136: mark_inode_dirty error [ 138.213106][ T58] EXT4-fs error (device loop0): __ext4_get_inode_loc:4483: comm kworker/u4:4: Invalid inode table block 0 in block_group 0 [ 138.255960][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.168080][ T23] usb 4-1: USB disconnect, device number 3 [ 140.153258][ T6477] udevd[6477]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 140.381225][ T6485] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 140.391055][ T6485] openvswitch: netlink: Actions may not be safe on all matching packets [ 141.757727][ T6489] loop0: detected capacity change from 0 to 512 [ 141.770688][ T6490] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 141.908291][ T6489] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.970275][ T6489] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 142.191050][ T6489] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.144: corrupted inode contents [ 142.269649][ T6489] EXT4-fs error (device loop0): ext4_dirty_inode:6106: inode #2: comm syz.0.144: mark_inode_dirty error [ 142.314639][ T6489] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.144: corrupted inode contents [ 142.363386][ T6489] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.144: mark_inode_dirty error [ 142.512509][ T6501] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.144: corrupted inode contents [ 142.587894][ T6501] EXT4-fs error (device loop0): ext4_dirty_inode:6106: inode #2: comm syz.0.144: mark_inode_dirty error [ 142.697555][ T6501] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.144: corrupted inode contents [ 142.830361][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 142.830379][ T27] audit: type=1326 audit(1756432196.073:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6503 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76d98ebe9 code=0x7fc00000 [ 143.536063][ T5785] EXT4-fs error (device loop0): ext4_lookup:1855: inode #18: comm syz-executor: 'file0' linked to parent dir [ 143.618976][ T5785] EXT4-fs error (device loop0): ext4_lookup:1855: inode #18: comm syz-executor: 'file0' linked to parent dir [ 145.288472][ T5785] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz-executor: corrupted inode contents [ 145.310447][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.356276][ T5785] syz-executor (5785) used greatest stack depth: 20616 bytes left [ 145.673630][ T787] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 146.584796][ T787] usb 4-1: Using ep0 maxpacket: 8 [ 146.608995][ T787] usb 4-1: unable to get BOS descriptor or descriptor too short [ 146.625090][ T787] usb 4-1: config 0 has an invalid interface number: 88 but max is 0 [ 146.643569][ T787] usb 4-1: config 0 has no interface number 0 [ 146.649737][ T787] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 146.673502][ T787] usb 4-1: config 0 interface 88 has no altsetting 0 [ 146.697138][ T787] usb 4-1: language id specifier not provided by device, defaulting to English [ 146.716254][ T787] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 146.733483][ T787] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 146.752989][ T787] usb 4-1: Product: syz [ 146.757629][ T787] usb 4-1: Manufacturer: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭ꃮ [ 146.813111][ T787] usb 4-1: SerialNumber: syz [ 146.839577][ T787] usb 4-1: config 0 descriptor?? [ 146.964685][ T5791] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 147.052297][ T5791] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 147.061824][ T5791] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 147.076001][ T5791] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 147.139289][ T5791] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 147.149513][ T5791] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 147.340428][ T6529] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.778821][ T6529] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.016866][ T6550] loop2: detected capacity change from 0 to 512 [ 148.099800][ T6550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.133045][ T6550] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 148.203010][ T6550] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.161: corrupted inode contents [ 148.234358][ T6550] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #2: comm syz.2.161: mark_inode_dirty error [ 148.248682][ T6545] chnl_net:caif_netlink_parms(): no params data found [ 148.258392][ T6550] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.161: corrupted inode contents [ 148.285646][ T6550] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.161: mark_inode_dirty error [ 148.316306][ T6543] loop1: detected capacity change from 0 to 32768 [ 148.400126][ T6550] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.161: corrupted inode contents [ 148.413994][ T6550] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #2: comm syz.2.161: mark_inode_dirty error [ 148.426848][ T6550] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.161: corrupted inode contents [ 148.485635][ T6543] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 148.520569][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.545745][ T6545] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.569160][ T6545] bridge_slave_0: entered allmulticast mode [ 148.585648][ T6545] bridge_slave_0: entered promiscuous mode [ 148.598268][ T5783] EXT4-fs error (device loop2): ext4_lookup:1855: inode #18: comm syz-executor: 'file0' linked to parent dir [ 148.603507][ T27] audit: type=1800 audit(1756432201.843:31): pid=6543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.160" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 148.637247][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.647002][ T6545] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.655335][ T6545] bridge_slave_1: entered allmulticast mode [ 148.656170][ T5783] EXT4-fs error (device loop2): ext4_lookup:1855: inode #18: comm syz-executor: 'file0' linked to parent dir [ 148.663276][ T6545] bridge_slave_1: entered promiscuous mode [ 148.739530][ T6543] syz.1.160 (6543) used greatest stack depth: 18960 bytes left [ 148.808902][ T6545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.822351][ T5784] ocfs2: Unmounting device (7,1) on (node local) [ 148.917897][ T6545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.933352][ T787] input: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input6 [ 148.963359][ T787] usb 4-1: USB disconnect, device number 4 [ 149.098247][ T6545] team0: Port device team_slave_0 added [ 149.119597][ T5783] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz-executor: corrupted inode contents [ 149.121531][ T6545] team0: Port device team_slave_1 added [ 149.184900][ T5791] Bluetooth: hci2: command tx timeout [ 149.188306][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.203907][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.408837][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 149.423609][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.483817][ T6545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 149.612813][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.647290][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 149.656987][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.684050][ T6545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 149.740453][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.3.168'. [ 150.352346][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.440390][ T6545] hsr_slave_0: entered promiscuous mode [ 150.470091][ T6545] hsr_slave_1: entered promiscuous mode [ 150.493760][ T6545] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 150.501400][ T6545] Cannot create hsr debugfs directory [ 150.622175][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.974170][ T6578] dlm: no local IP address has been set [ 150.980175][ T6578] dlm: cannot start dlm midcomms -107 [ 151.293598][ T5791] Bluetooth: hci2: command tx timeout [ 151.692648][ T5795] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 151.702096][ T5795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 151.710490][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 151.720832][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 151.728639][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 151.735952][ T5795] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 151.977097][ T6586] loop3: detected capacity change from 0 to 256 [ 152.440498][ T6545] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 152.499380][ T6545] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 152.525520][ T6545] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 152.549400][ T6545] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 152.849991][ T6581] chnl_net:caif_netlink_parms(): no params data found [ 152.984519][ T6581] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.991757][ T6581] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.000481][ T6581] bridge_slave_0: entered allmulticast mode [ 153.007570][ T6581] bridge_slave_0: entered promiscuous mode [ 153.044598][ T6581] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.051773][ T6581] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.062730][ T6581] bridge_slave_1: entered allmulticast mode [ 153.069660][ T6581] bridge_slave_1: entered promiscuous mode [ 153.127289][ T6545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.158269][ T6581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.180165][ T6581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.325414][ T6581] team0: Port device team_slave_0 added [ 153.338126][ T6545] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.345317][ T5791] Bluetooth: hci2: command tx timeout [ 153.374157][ T6581] team0: Port device team_slave_1 added [ 153.403217][ T11] hsr_slave_0: left promiscuous mode [ 153.410303][ T11] hsr_slave_1: left promiscuous mode [ 153.421236][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.429150][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.438230][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.446050][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.454691][ T11] bridge_slave_1: left allmulticast mode [ 153.460367][ T11] bridge_slave_1: left promiscuous mode [ 153.468054][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.482733][ T11] bridge_slave_0: left allmulticast mode [ 153.491526][ T11] bridge_slave_0: left promiscuous mode [ 153.498983][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.539655][ T11] veth1_macvtap: left promiscuous mode [ 153.546130][ T11] veth0_macvtap: left promiscuous mode [ 153.552013][ T11] veth1_vlan: left promiscuous mode [ 153.558250][ T11] veth0_vlan: left promiscuous mode [ 153.829021][ T5791] Bluetooth: hci1: command tx timeout [ 153.918258][ T11] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 154.204903][ T11] team0 (unregistering): Port device team_slave_1 removed [ 154.249028][ T11] team0 (unregistering): Port device team_slave_0 removed [ 154.293138][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 154.340706][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 154.742645][ T11] bond0 (unregistering): Released all slaves [ 154.872953][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.880162][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.890346][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.897501][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.940374][ T6581] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.952930][ T6581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.980706][ T6581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.004426][ T6581] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.011426][ T6581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.039129][ T6581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.227769][ T6581] hsr_slave_0: entered promiscuous mode [ 155.266765][ T6581] hsr_slave_1: entered promiscuous mode [ 155.283771][ T6581] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.291566][ T6581] Cannot create hsr debugfs directory [ 155.433568][ T5791] Bluetooth: hci2: command tx timeout [ 155.599641][ T6545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.732092][ T6581] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 155.764464][ T6581] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 155.792114][ T6581] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 155.820061][ T6581] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 155.903941][ T5791] Bluetooth: hci1: command tx timeout [ 156.066114][ T6581] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.099164][ T6581] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.160918][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.168195][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.189110][ T3478] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.196359][ T3478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.287977][ T6545] veth0_vlan: entered promiscuous mode [ 156.334820][ T6545] veth1_vlan: entered promiscuous mode [ 156.405263][ T6545] veth0_macvtap: entered promiscuous mode [ 156.422959][ T6545] veth1_macvtap: entered promiscuous mode [ 156.490137][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.523472][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.551231][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.563211][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.576482][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.587458][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.599786][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.620193][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.643990][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.661357][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.674052][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.690704][ T6545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.702009][ T6545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.720782][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.742711][ T6545] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.753160][ T6545] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.762784][ T6545] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.775966][ T6545] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.955247][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.963182][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.004727][ T6581] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.051679][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.069754][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.289036][ T6679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.181'. [ 157.327928][ T6679] netlink: 12 bytes leftover after parsing attributes in process `syz.1.181'. [ 157.490859][ T6683] overlayfs: failed to get inode (-116) [ 157.534526][ T6683] overlayfs: failed to look up (bus) for ino (-116) [ 157.930297][ T6705] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 158.006487][ T5795] Bluetooth: hci1: command tx timeout [ 158.454122][ T5788] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 158.606174][ T6581] veth0_vlan: entered promiscuous mode [ 158.897119][ T5788] usb 5-1: Using ep0 maxpacket: 8 [ 158.911925][ T5788] usb 5-1: unable to get BOS descriptor or descriptor too short [ 158.932861][ T5788] usb 5-1: config 0 has an invalid interface number: 88 but max is 0 [ 158.950527][ T5788] usb 5-1: config 0 has no interface number 0 [ 158.955707][ T6581] veth1_vlan: entered promiscuous mode [ 159.013575][ T5788] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 159.031944][ T5788] usb 5-1: config 0 interface 88 has no altsetting 0 [ 159.049817][ T5788] usb 5-1: language id specifier not provided by device, defaulting to English [ 159.068377][ T5788] usb 5-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 159.083680][ T5788] usb 5-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 159.093060][ T5788] usb 5-1: Product: syz [ 159.102660][ T5788] usb 5-1: Manufacturer: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭ꃮ [ 159.277126][ T5788] usb 5-1: SerialNumber: syz [ 159.317644][ T6771] loop1: detected capacity change from 0 to 1024 [ 159.372352][ T5788] usb 5-1: config 0 descriptor?? [ 159.402629][ T6581] veth0_macvtap: entered promiscuous mode [ 159.437864][ T6581] veth1_macvtap: entered promiscuous mode [ 159.588098][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.630665][ T6771] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.690049][ T6703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 159.703823][ T6771] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.740294][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.762373][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.773377][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.784398][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.806418][ T6703] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 159.842937][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.891758][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.932221][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.969835][ T6581] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.047497][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.064842][ T5795] Bluetooth: hci1: command tx timeout [ 160.078326][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.089963][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.100917][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.119477][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.133867][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.167673][ T6581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.178454][ T6581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.197735][ T6581] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.231882][ T6581] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.276239][ T6581] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.289812][ T6581] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.302066][ T6581] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.329551][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.457117][ T6775] syz.3.178 (6775) used greatest stack depth: 17960 bytes left [ 160.598342][ T6719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.643122][ T6719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.689571][ T6768] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.704749][ T6768] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.977226][ T5788] input: 뫫憶븏勲뽔৳쁻ᝰ㹥肗䌛䢌᝿⤃⭑튢竹룖㗄Ҥ꨿㯅腺꫓莯묳䢮ゝꡧᜥ褷獸銚ᵟᲮ佫篴䀝ᯘ팭 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.88/input/input7 [ 162.147931][ C0] usb_acecad 5-1:0.88: can't resubmit intr, dummy_hcd.4-1/input0, status -1 [ 162.208195][ C0] usb_acecad 5-1:0.88: can't resubmit intr, dummy_hcd.4-1/input0, status -19 [ 162.208215][ T5788] usb 5-1: USB disconnect, device number 2 [ 169.179577][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.198'. [ 169.234085][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.198'. [ 169.258898][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.3.200'. [ 169.402242][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.3.200'. [ 169.592702][ T6885] netlink: 9275 bytes leftover after parsing attributes in process `syz.4.201'. [ 169.902900][ T6891] xt_recent: Unsupported userspace flags (000000de) [ 171.631730][ T6910] ufs: You didn't specify the type of your ufs filesystem [ 171.631730][ T6910] [ 171.631730][ T6910] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 171.631730][ T6910] [ 171.631730][ T6910] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 172.059707][ T6911] netlink: 24 bytes leftover after parsing attributes in process `syz.1.204'. [ 172.076890][ T6910] ufs: ufstype=old is supported read-only [ 172.090032][ T6910] ufs: ufs_fill_super(): bad magic number [ 172.372428][ T6915] mmap: syz.5.206 (6915): VmData 45780992 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 174.334341][ T967] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 174.539666][ T967] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 174.566965][ T967] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 174.582100][ T967] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 174.730590][ T967] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 174.758198][ T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.797568][ T967] usb 2-1: Product: syz [ 174.802001][ T967] usb 2-1: Manufacturer: syz [ 174.840330][ T967] usb 2-1: SerialNumber: syz [ 175.138379][ T967] usb 2-1: config 0 descriptor?? [ 175.287949][ T6933] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 175.446268][ T967] usb 2-1: ucan: probing device on interface #0 [ 175.486617][ T967] usb 2-1: ucan: invalid EP count (1) [ 175.492095][ T967] usb 2-1: ucan: probe failed; try to update the device firmware [ 175.605081][ T6947] netlink: 120 bytes leftover after parsing attributes in process `syz.5.215'. [ 175.945892][ T6955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'. [ 176.296874][ T6964] ufs: You didn't specify the type of your ufs filesystem [ 176.296874][ T6964] [ 176.296874][ T6964] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 176.296874][ T6964] [ 176.296874][ T6964] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 176.328784][ T6964] ufs: ufstype=old is supported read-only [ 176.664010][ T6966] netlink: 24 bytes leftover after parsing attributes in process `syz.5.217'. [ 176.684225][ T6964] ufs: ufs_fill_super(): bad magic number [ 177.109410][ T6969] syz.4.218 uses obsolete (PF_INET,SOCK_PACKET) [ 177.182722][ T5868] usb 2-1: USB disconnect, device number 3 [ 178.415806][ T6987] netlink: 'syz.5.222': attribute type 5 has an invalid length. [ 178.482534][ T6989] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.223'. [ 178.853824][ T7000] netdevsim netdevsim4 : renamed from netdevsim0 (while UP) [ 181.499824][ T7034] misc userio: No port type given on /dev/userio [ 182.222781][ T7034] netlink: 4 bytes leftover after parsing attributes in process `syz.3.231'. [ 182.724932][ T7042] delete_channel: no stack [ 182.744603][ T27] audit: type=1326 audit(1756432235.993:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 182.816376][ T27] audit: type=1326 audit(1756432236.013:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 182.872065][ T27] audit: type=1326 audit(1756432236.023:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.011173][ T27] audit: type=1326 audit(1756432236.023:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.112315][ T27] audit: type=1326 audit(1756432236.023:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.135804][ T27] audit: type=1326 audit(1756432236.033:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.158108][ T27] audit: type=1326 audit(1756432236.033:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.180544][ T27] audit: type=1326 audit(1756432236.033:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.204304][ T27] audit: type=1326 audit(1756432236.033:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 183.620315][ T27] audit: type=1326 audit(1756432236.043:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.5.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 186.702813][ T7086] netlink: 'syz.3.244': attribute type 1 has an invalid length. [ 187.745068][ T7090] lo speed is unknown, defaulting to 1000 [ 187.828041][ T7095] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 187.875998][ T7098] veth3: entered promiscuous mode [ 187.884470][ T7098] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 187.920162][ T7101] bridge2: entered allmulticast mode [ 187.946395][ T7090] lo speed is unknown, defaulting to 1000 [ 187.980060][ T7090] lo speed is unknown, defaulting to 1000 [ 187.999311][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.3.249'. [ 188.001567][ T7090] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 188.016981][ T7112] netlink: 12 bytes leftover after parsing attributes in process `syz.3.249'. [ 188.038832][ T7090] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 188.107929][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.3.249'. [ 188.217660][ T7090] lo speed is unknown, defaulting to 1000 [ 188.225279][ T5788] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 188.241579][ T7090] lo speed is unknown, defaulting to 1000 [ 188.250809][ T7090] lo speed is unknown, defaulting to 1000 [ 188.261145][ T7090] lo speed is unknown, defaulting to 1000 [ 188.276236][ T7090] lo speed is unknown, defaulting to 1000 [ 188.405112][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.5.251'. [ 188.587274][ T5788] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 188.762134][ T5788] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 188.973772][ T5788] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 189.121373][ T5788] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.219177][ T7110] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 189.260880][ T5788] usb 5-1: Quirk or no altest; falling back to MIDI 1.0 [ 189.337741][ T7127] misc userio: No port type given on /dev/userio [ 189.413614][ T7127] netlink: 4 bytes leftover after parsing attributes in process `syz.5.254'. [ 190.285978][ T7110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.312811][ T7110] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.550475][ T7137] loop1: detected capacity change from 0 to 1024 [ 190.559706][ T7137] EXT4-fs: Ignoring removed orlov option [ 190.608422][ T7137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.734203][ T7142] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 190.742079][ T7142] IPv6: NLM_F_CREATE should be set when creating new route [ 190.759322][ T7142] lo: entered allmulticast mode [ 190.810297][ T7142] tunl0: entered allmulticast mode [ 191.119270][ T7142] gre0: entered allmulticast mode [ 191.571169][ T5788] usb 5-1: USB disconnect, device number 3 [ 191.714283][ T7142] gretap0: entered allmulticast mode [ 191.770906][ T7142] erspan0: entered allmulticast mode [ 191.815036][ T7142] ip_vti0: entered allmulticast mode [ 191.859357][ T7142] ip6_vti0: entered allmulticast mode [ 191.897203][ T7142] sit0: entered allmulticast mode [ 191.963113][ T7142] ip6tnl0: entered allmulticast mode [ 191.995130][ T7142] ip6gre0: entered allmulticast mode [ 192.024825][ T7142] ip6gretap0: entered allmulticast mode [ 192.059652][ T7142] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.069103][ T7142] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.079179][ T7142] bridge0: entered allmulticast mode [ 192.113333][ T7142] vcan0: entered allmulticast mode [ 192.127884][ T7142] bond0: entered allmulticast mode [ 192.133122][ T7142] bond_slave_0: entered allmulticast mode [ 192.139237][ T7142] bond_slave_1: entered allmulticast mode [ 192.157282][ T7142] team0: entered allmulticast mode [ 192.162740][ T7142] team_slave_0: entered allmulticast mode [ 192.168959][ T7142] team_slave_1: entered allmulticast mode [ 192.188907][ T7142] dummy0: entered allmulticast mode [ 192.213169][ T7142] nlmon0: entered allmulticast mode [ 192.224414][ T7142] caif0: entered allmulticast mode [ 192.230905][ T7142] batadv0: entered allmulticast mode [ 192.252130][ T7142] vxcan0: entered allmulticast mode [ 192.260235][ T7142] vxcan1: entered allmulticast mode [ 192.269634][ T7142] veth0: entered allmulticast mode [ 192.288361][ T7142] veth1: entered allmulticast mode [ 192.305651][ T7142] wg0: entered allmulticast mode [ 192.315364][ T7142] wg1: entered allmulticast mode [ 192.330189][ T7142] wg2: entered allmulticast mode [ 192.345686][ T7142] veth0_to_bridge: entered allmulticast mode [ 192.381719][ T7142] veth1_to_bridge: entered allmulticast mode [ 192.413157][ T7142] veth0_to_bond: entered allmulticast mode [ 192.436900][ T7142] veth1_to_bond: entered allmulticast mode [ 192.457269][ T7142] veth0_to_team: entered allmulticast mode [ 192.484730][ T7142] veth1_to_team: entered allmulticast mode [ 192.520450][ T7142] veth0_to_batadv: entered allmulticast mode [ 192.538659][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.559252][ T7142] batadv_slave_0: entered allmulticast mode [ 192.570850][ T7142] veth1_to_batadv: entered allmulticast mode [ 192.596916][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.619837][ T7142] batadv_slave_1: entered allmulticast mode [ 192.656263][ T7142] xfrm0: entered allmulticast mode [ 192.674380][ T7142] veth0_to_hsr: entered allmulticast mode [ 192.690722][ T7142] hsr_slave_0: entered allmulticast mode [ 192.716094][ T7142] veth1_to_hsr: entered allmulticast mode [ 192.748041][ T7142] hsr_slave_1: entered allmulticast mode [ 192.771002][ T7142] hsr0: entered allmulticast mode [ 192.789858][ T7142] veth1_vlan: entered allmulticast mode [ 192.804340][ T7142] veth0_vlan: entered allmulticast mode [ 192.849946][ T7142] vlan0: entered allmulticast mode [ 192.860732][ T7142] vlan1: entered allmulticast mode [ 192.868320][ T7142] macvlan0: entered allmulticast mode [ 192.889425][ T7142] macvlan1: entered allmulticast mode [ 192.904876][ T7142] ipvlan0: entered allmulticast mode [ 192.911236][ T7142] veth1_macvtap: entered allmulticast mode [ 192.933002][ T7142] veth0_macvtap: entered allmulticast mode [ 192.956298][ T7142] macvtap0: entered allmulticast mode [ 192.977571][ T7142] macsec0: entered allmulticast mode [ 192.997368][ T7142] geneve0: entered allmulticast mode [ 193.015077][ T7142] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.028867][ T7142] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.038309][ T7142] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.047861][ T7142] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.059284][ T7142] geneve1: entered allmulticast mode [ 193.079631][ T7142] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 193.098384][ T7142] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 193.117236][ T7142] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 193.134056][ T7142] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 193.168683][ T7142] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 193.187697][ T7142] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 193.206429][ T7142] bridge1: entered allmulticast mode [ 193.219614][ T7142] bond1: entered allmulticast mode [ 193.228195][ T7142] ip6gretap1: entered allmulticast mode [ 193.234303][ T7142] veth3: entered allmulticast mode [ 193.243193][ T7142] veth2: entered allmulticast mode [ 193.249418][ T7142] veth3: left promiscuous mode [ 193.259272][ T7147] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-:/": -EINTR [ 193.398064][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.242235][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.264429][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.746106][ T7185] process 'syz.5.264' launched '/dev/fd/6' with NULL argv: empty string added [ 196.561462][ T7195] syzkaller0: entered promiscuous mode [ 196.581742][ T7195] syzkaller0: entered allmulticast mode [ 197.351080][ T5795] Bluetooth: hci3: command 0x0406 tx timeout [ 197.357565][ T5795] Bluetooth: hci0: command 0x0406 tx timeout [ 201.667347][ T7203] lo speed is unknown, defaulting to 1000 [ 201.672136][ T7243] netlink: 'syz.1.275': attribute type 9 has an invalid length. [ 201.919264][ T7250] loop4: detected capacity change from 0 to 2048 [ 202.066994][ T7250] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 202.474070][ T7250] loop4: detected capacity change from 2048 to 64 [ 203.224751][ T7274] netlink: 8 bytes leftover after parsing attributes in process `syz.3.283'. [ 203.295381][ T6545] syz-executor: attempt to access beyond end of device [ 203.295381][ T6545] loop4: rw=2049, sector=128, nr_sectors = 1 limit=64 [ 203.359580][ T6545] Buffer I/O error on dev loop4, logical block 128, lost sync page write [ 204.017703][ T6768] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.154376][ T6768] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.324826][ T6768] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.507433][ T6768] netdevsim netdevsim4  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.927223][ T5795] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 205.938483][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 205.948684][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 205.960345][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 205.968239][ T5795] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 205.976048][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 206.195544][ T7319] netlink: 4 bytes leftover after parsing attributes in process `syz.1.293'. [ 206.456913][ T7314] lo speed is unknown, defaulting to 1000 [ 208.063623][ T5791] Bluetooth: hci2: command tx timeout [ 208.927156][ T7314] chnl_net:caif_netlink_parms(): no params data found [ 209.505181][ T7374] 0: reclassify loop, rule prio 0, protocol 800 [ 209.581867][ T6768] hsr_slave_0: left promiscuous mode [ 209.649756][ T6768] hsr_slave_1: left promiscuous mode [ 209.755612][ T6768] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.763363][ T6768] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.819900][ T6768] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.844549][ T6768] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.874384][ T6768] bridge_slave_1: left allmulticast mode [ 209.880139][ T6768] bridge_slave_1: left promiscuous mode [ 209.889273][ T6768] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.899142][ T6768] bridge_slave_0: left allmulticast mode [ 209.905686][ T6768] bridge_slave_0: left promiscuous mode [ 209.911584][ T6768] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.953319][ T6768] veth1_macvtap: left promiscuous mode [ 209.959169][ T6768] veth0_macvtap: left promiscuous mode [ 210.126658][ T6768] veth1_vlan: left promiscuous mode [ 210.154902][ T5791] Bluetooth: hci2: command tx timeout [ 210.176458][ T6768] veth0_vlan: left promiscuous mode [ 211.272209][ T6768] team0 (unregistering): Port device team_slave_1 removed [ 211.314837][ T6768] team0 (unregistering): Port device team_slave_0 removed [ 211.361490][ T6768] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 211.407835][ T6768] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 211.866421][ T6768] bond0 (unregistering): Released all slaves [ 212.228312][ T5791] Bluetooth: hci2: command tx timeout [ 212.258337][ T7314] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.266356][ T7314] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.276066][ T7314] bridge_slave_0: entered allmulticast mode [ 212.280371][ T7407] netlink: 'syz.3.309': attribute type 11 has an invalid length. [ 212.283589][ T7314] bridge_slave_0: entered promiscuous mode [ 212.290899][ T7403] sctp: [Deprecated]: syz.1.315 (pid 7403) Use of int in max_burst socket option. [ 212.290899][ T7403] Use struct sctp_assoc_value instead [ 212.298604][ T7314] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.319497][ T7314] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.328619][ T7314] bridge_slave_1: entered allmulticast mode [ 212.342156][ T7314] bridge_slave_1: entered promiscuous mode [ 212.721638][ T7415] loop1: detected capacity change from 0 to 256 [ 212.787910][ T7415] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 212.809731][ T7314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.820763][ T7415] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 212.856046][ T7314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.094963][ T7421] loop3: detected capacity change from 0 to 128 [ 213.158965][ T7421] EXT4-fs (loop3): Test dummy encryption mode enabled [ 213.188666][ T7314] team0: Port device team_slave_0 added [ 213.262925][ T7421] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 213.278418][ T7314] team0: Port device team_slave_1 added [ 213.319971][ T7421] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 213.350965][ T7430] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0 [ 213.361243][ T7426] IPVS: stopping backup sync thread 7430 ... [ 213.373971][ C0] 0: reclassify loop, rule prio 0, protocol 800 [ 213.452417][ T7314] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.474115][ C0] 0: reclassify loop, rule prio 0, protocol 800 [ 213.484788][ T7314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.562962][ T7314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.625669][ T7314] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.632689][ T7314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.673804][ C0] 0: reclassify loop, rule prio 0, protocol 800 [ 213.727724][ T7421] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 213.742932][ T7314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.283943][ T5795] Bluetooth: hci2: command tx timeout [ 215.628263][ T967] 0: reclassify loop, rule prio 0, protocol 800 [ 216.005950][ T7314] hsr_slave_0: entered promiscuous mode [ 216.031615][ T7314] hsr_slave_1: entered promiscuous mode [ 216.078719][ T7314] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.108493][ T7314] Cannot create hsr debugfs directory [ 216.344790][ T7447] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 216.515643][ T5782] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 216.857418][ T7314] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 216.884944][ T7314] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 216.907489][ T7314] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 216.928009][ T7314] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 217.478791][ T7314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.658100][ T7485] loop3: detected capacity change from 0 to 1024 [ 218.387252][ T7314] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.569523][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.576811][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.668299][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.675583][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.307620][ T7514] loop5: detected capacity change from 0 to 512 [ 221.970416][ T7314] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 222.405984][ T7314] veth0_vlan: entered promiscuous mode [ 222.455606][ T7314] veth1_vlan: entered promiscuous mode [ 222.482578][ T967] 0: reclassify loop, rule prio 0, protocol 800 [ 222.654651][ T7314] veth0_macvtap: entered promiscuous mode [ 222.689026][ T7314] veth1_macvtap: entered promiscuous mode [ 222.755259][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.792232][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.828008][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.864556][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.918845][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.930090][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.956867][ T7314] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.977128][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.011906][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.023965][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.036913][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.047231][ T7314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.059620][ T7314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.072843][ T7314] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 223.151504][ T7314] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.169026][ T7314] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.181479][ T7314] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.190541][ T7314] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.340775][ T7558] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.376969][ T7558] bridge_slave_1: left allmulticast mode [ 223.397406][ T7558] bridge_slave_1: left promiscuous mode [ 223.404217][ T7558] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.433738][ T7558] bond0: (slave bond_slave_0): Releasing backup interface [ 223.470577][ T7558] bond0: (slave bond_slave_1): Releasing backup interface [ 223.586721][ T7558] team0: Port device team_slave_0 removed [ 223.643691][ T7558] team0: Port device team_slave_1 removed [ 223.680043][ T7558] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.708775][ T7558] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.728470][ T7558] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.742789][ T7558] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.790581][ T7558] vlan2: left promiscuous mode [ 223.809250][ T7558] bridge_slave_0: left promiscuous mode [ 223.825282][ T7558] bridge0: port 3(vlan2) entered disabled state [ 224.051950][ T6729] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.133690][ T6729] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.215384][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.238687][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.498573][ T7585] loop3: detected capacity change from 0 to 512 [ 224.523017][ T7585] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 224.537465][ T7585] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 224.560459][ T7585] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 224.573919][ T7585] System zones: 1-12 [ 224.585428][ T7585] EXT4-fs (loop3): 1 truncate cleaned up [ 224.594226][ T7585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 224.634403][ T5791] Bluetooth: hci3: unexpected event for opcode 0x2006 [ 224.704130][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.006703][ T7600] dvmrp0: entered allmulticast mode [ 225.102324][ T7600] dvmrp0: left allmulticast mode [ 226.308885][ T5791] Bluetooth: hci1: link tx timeout [ 226.315346][ T5791] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 227.552633][ T7629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.346'. [ 227.651771][ T7629] team0: entered promiscuous mode [ 227.692523][ T7635] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org. [ 227.698744][ T7629] team_slave_0: entered promiscuous mode [ 227.724328][ T7629] team_slave_1: entered promiscuous mode [ 227.724350][ T7637] netlink: 'syz.6.349': attribute type 11 has an invalid length. [ 227.731540][ T7629] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 227.761758][ T7629] team0: left promiscuous mode [ 227.773637][ T7629] team_slave_0: left promiscuous mode [ 227.784282][ T7629] team_slave_1: left promiscuous mode [ 227.874722][ T7151] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 228.063552][ T7151] usb 2-1: Using ep0 maxpacket: 16 [ 228.073351][ T7151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.086811][ T7151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.114289][ T7151] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 228.128284][ T7151] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 228.140834][ T7151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.154701][ T7151] usb 2-1: config 0 descriptor?? [ 228.383719][ T5795] Bluetooth: hci1: command 0x0406 tx timeout [ 228.587896][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.597259][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.605389][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.613032][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.621396][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.629102][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.636550][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.644153][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.651596][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.660445][ T7151] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 228.674392][ T7151] microsoft 0003:045E:07DA.0002: No inputs registered, leaving [ 228.707122][ T7151] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 228.739115][ T7151] microsoft 0003:045E:07DA.0002: no inputs found [ 228.749648][ T7151] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway [ 228.824224][ T7151] usb 2-1: USB disconnect, device number 4 [ 228.888644][ T7660] fido_id[7660]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 229.865288][ T7675] loop3: detected capacity change from 0 to 256 [ 229.880381][ T7675] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 229.916066][ T7675] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 230.144684][ C0] 0: reclassify loop, rule prio 0, protocol 800 [ 230.180613][ T7680] kernel profiling enabled (shift: 6) [ 231.613032][ T7690] loop1: detected capacity change from 0 to 512 [ 232.065806][ T5868] 0: reclassify loop, rule prio 0, protocol 800 [ 234.687046][ T7736] loop3: detected capacity change from 0 to 512 [ 234.848015][ T7736] __quota_error: 15 callbacks suppressed [ 234.848034][ T7736] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 234.944295][ T7736] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 234.963019][ T7746] loop6: detected capacity change from 0 to 128 [ 234.975618][ T7736] EXT4-fs (loop3): mount failed [ 235.041962][ T7746] EXT4-fs (loop6): Test dummy encryption mode enabled [ 235.086854][ T7746] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 235.187849][ T7746] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 237.231162][ T7757] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 237.339309][ T7314] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 237.353927][ T7775] tipc: Enabled bearer , priority 0 [ 237.370714][ T7775] syzkaller0: entered promiscuous mode [ 237.376546][ T7775] syzkaller0: entered allmulticast mode [ 237.431809][ T7775] tipc: Resetting bearer [ 237.473906][ T7773] tipc: Resetting bearer [ 237.572108][ T7773] tipc: Disabling bearer [ 237.829796][ T6760] 0: reclassify loop, rule prio 0, protocol 800 [ 237.915130][ T7782] lo speed is unknown, defaulting to 1000 [ 242.256019][ T5774] IPVS: starting estimator thread 0... [ 242.364203][ T7846] IPVS: using max 17 ests per chain, 40800 per kthread [ 243.584283][ T12] 0: reclassify loop, rule prio 0, protocol 800 [ 245.407449][ T7905] netlink: 36 bytes leftover after parsing attributes in process `syz.6.397'. [ 246.529338][ T7907] netlink: 16 bytes leftover after parsing attributes in process `syz.1.398'. [ 246.684828][ T7912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'. [ 247.032837][ T7922] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 247.040698][ T7922] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 247.048426][ T7922] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 247.063651][ T7922] Error parsing options; rc = [-22] [ 248.822353][ T7935] loop3: detected capacity change from 0 to 2048 [ 248.853348][ T7945] 0: reclassify loop, rule prio 0, protocol 800 [ 248.880461][ T7938] bridge_slave_0: left allmulticast mode [ 248.882901][ T7935] loop3: p1 < > p3 [ 248.895858][ T7935] loop3: p3 size 134217728 extends beyond EOD, truncated [ 248.907503][ T7938] bridge_slave_0: left promiscuous mode [ 248.931064][ T7938] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.958531][ T7938] bridge_slave_1: left allmulticast mode [ 248.968688][ T7938] bridge_slave_1: left promiscuous mode [ 248.989918][ T7938] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.022456][ T7938] bond0: (slave bond_slave_0): Releasing backup interface [ 249.080013][ T7938] bond0: (slave bond_slave_1): Releasing backup interface [ 249.151204][ T7938] team0: Port device team_slave_0 removed [ 249.205720][ T7938] team0: Port device team_slave_1 removed [ 249.225343][ T7938] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 249.272078][ T7938] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 249.299311][ T7938] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 249.321774][ T7938] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 249.344423][ T12] 0: reclassify loop, rule prio 0, protocol 800 [ 249.886236][ T7962] netlink: 'syz.3.410': attribute type 10 has an invalid length. [ 249.899676][ T7962] dummy0: left allmulticast mode [ 250.010781][ T7962] dummy0: entered allmulticast mode [ 250.022629][ T7962] team0: Port device dummy0 added [ 250.030710][ T7956] lo speed is unknown, defaulting to 1000 [ 250.040287][ T7965] netlink: 'syz.3.410': attribute type 10 has an invalid length. [ 250.062529][ T7965] dummy0: left allmulticast mode [ 250.105904][ T7965] team0: Port device dummy0 removed [ 250.137338][ T7965] dummy0: entered allmulticast mode [ 250.150089][ T7965] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 252.248477][ T7995] vlan5: entered promiscuous mode [ 252.253880][ T7995] bond0: entered promiscuous mode [ 252.261108][ T7995] vlan5: entered allmulticast mode [ 252.267170][ T7995] bond0: entered allmulticast mode [ 253.415302][ T27] audit: type=1800 audit(1756432306.653:57): pid=7997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.419" name="bus" dev="ramfs" ino=14806 res=0 errno=0 [ 254.570564][ T6757] 0: reclassify loop, rule prio 0, protocol 800 [ 254.782472][ T8006] lo speed is unknown, defaulting to 1000 [ 255.749771][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.756422][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.680479][ T8051] loop5: detected capacity change from 0 to 1024 [ 257.766520][ T8051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.777853][ T8038] lo speed is unknown, defaulting to 1000 [ 257.823729][ T8051] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.870609][ T8051] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.718437][ T8078] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 258.726284][ T8078] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 258.734130][ T8078] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 258.747918][ T8078] Error parsing options; rc = [-22] [ 259.420617][ T8074] lo speed is unknown, defaulting to 1000 [ 260.224183][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 260.386553][ T8059] loop3: detected capacity change from 0 to 32768 [ 260.570223][ T8059] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 262.078568][ T5782] ocfs2: Unmounting device (7,3) on (node local) [ 262.658775][ T8113] loop1: detected capacity change from 0 to 2048 [ 262.669379][ T8113] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 262.695091][ T8113] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 263.490142][ T8129] netlink: 16 bytes leftover after parsing attributes in process `syz.5.443'. [ 263.543835][ T8135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.442'. [ 263.578572][ T8137] netlink: 12 bytes leftover after parsing attributes in process `syz.5.443'. [ 263.760130][ T8140] loop6: detected capacity change from 0 to 512 [ 263.869555][ T5775] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 264.143539][ T5891] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 264.410288][ T5891] usb 2-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=a9.25 [ 264.423545][ T5891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.449317][ T5891] usb 2-1: Product: syz [ 264.480929][ T8154] vlan2: entered promiscuous mode [ 264.491982][ T5891] usb 2-1: Manufacturer: syz [ 264.513840][ T5891] usb 2-1: SerialNumber: syz [ 264.528905][ T8154] bond0: entered promiscuous mode [ 264.553949][ T8154] bond_slave_0: entered promiscuous mode [ 264.580448][ T8154] bond_slave_1: entered promiscuous mode [ 264.591320][ T5891] usb 2-1: config 0 descriptor?? [ 264.643726][ T8154] dummy0: entered promiscuous mode [ 264.649403][ T8154] vlan2: entered allmulticast mode [ 265.354768][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 265.423208][ T8160] IPVS: Error joining to the multicast group [ 265.575511][ T5788] usb 2-1: USB disconnect, device number 5 [ 269.039527][ T8201] netlink: 4 bytes leftover after parsing attributes in process `syz.6.458'. [ 270.253246][ T8217] vlan0: entered promiscuous mode [ 270.259206][ T8217] bond0: entered promiscuous mode [ 270.357996][ T8217] vlan0: entered allmulticast mode [ 270.363791][ T8217] bond0: entered allmulticast mode [ 271.197110][ T6728] 0: reclassify loop, rule prio 0, protocol 800 [ 273.748078][ T5791] Bluetooth: hci1: command 0x0406 tx timeout [ 273.968664][ T8274] loop3: detected capacity change from 0 to 512 [ 276.244625][ T8274] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 276.330924][ T8274] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 276.509186][ T8274] EXT4-fs (loop3): 1 truncate cleaned up [ 276.521572][ T8274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.003077][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 277.102442][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.447449][ T8309] loop1: detected capacity change from 0 to 512 [ 279.497319][ T8309] EXT4-fs: Ignoring removed nomblk_io_submit option [ 279.545440][ T8309] ext4: Unknown parameter 'smackfsdef' [ 279.641185][ T5775] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 281.810648][ T8345] loop1: detected capacity change from 0 to 256 [ 282.642710][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 282.853219][ T8345] FAT-fs (loop1): Directory bread(block 64) failed [ 282.860118][ T8345] FAT-fs (loop1): Directory bread(block 65) failed [ 282.867810][ T8345] FAT-fs (loop1): Directory bread(block 66) failed [ 282.874789][ T8345] FAT-fs (loop1): Directory bread(block 67) failed [ 282.882052][ T8345] FAT-fs (loop1): Directory bread(block 68) failed [ 282.888787][ T8345] FAT-fs (loop1): Directory bread(block 69) failed [ 282.896370][ T8345] FAT-fs (loop1): Directory bread(block 70) failed [ 282.903117][ T8345] FAT-fs (loop1): Directory bread(block 71) failed [ 282.910421][ T8345] FAT-fs (loop1): Directory bread(block 72) failed [ 282.917227][ T8345] FAT-fs (loop1): Directory bread(block 73) failed [ 284.005275][ T8352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.485'. [ 284.055710][ T8352] bridge0: entered promiscuous mode [ 284.082728][ T8352] macvtap1: entered promiscuous mode [ 284.091681][ T8352] macvtap1: entered allmulticast mode [ 284.103997][ T8352] bridge0: entered allmulticast mode [ 284.140145][ T8359] fuseblk: Bad value for 'fd' [ 284.171493][ T8355] bridge0: left allmulticast mode [ 284.207837][ T8355] bridge0: left promiscuous mode [ 288.467480][ T6757] 0: reclassify loop, rule prio 0, protocol 800 [ 289.369073][ T8412] netlink: 20 bytes leftover after parsing attributes in process `syz.6.494'. [ 291.641292][ T5891] 0: reclassify loop, rule prio 0, protocol 800 [ 292.069881][ T8443] netlink: 4 bytes leftover after parsing attributes in process `syz.5.504'. [ 292.088406][ T8443] netlink: 12 bytes leftover after parsing attributes in process `syz.5.504'. [ 294.304676][ T6760] 0: reclassify loop, rule prio 0, protocol 800 [ 294.630166][ T8468] netlink: 'syz.6.508': attribute type 10 has an invalid length. [ 294.638241][ T8468] netlink: 40 bytes leftover after parsing attributes in process `syz.6.508'. [ 294.668879][ T8468] batman_adv: batadv0: Adding interface: virt_wifi0 [ 294.675651][ T8468] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 294.703232][ T8468] batman_adv: batadv0: Interface activated: virt_wifi0 [ 295.185492][ T8470] netlink: 'syz.5.509': attribute type 9 has an invalid length. [ 295.601842][ T8479] netlink: 'syz.3.512': attribute type 21 has an invalid length. [ 295.675382][ T8479] netlink: 'syz.3.512': attribute type 39 has an invalid length. [ 297.762050][ T8498] netlink: 4 bytes leftover after parsing attributes in process `syz.6.516'. [ 299.915317][ T6768] 0: reclassify loop, rule prio 0, protocol 800 [ 300.683958][ T8511] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 301.714204][ T8517] loop5: detected capacity change from 0 to 4096 [ 302.719076][ T8525] loop6: detected capacity change from 0 to 256 [ 303.151229][ T8525] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 303.310522][ T8525] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 303.492486][ T27] audit: type=1800 audit(1756432356.733:58): pid=8525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.532" name="file2" dev="loop6" ino=1048638 res=0 errno=0 [ 303.578978][ T5891] IPVS: starting estimator thread 0... [ 303.703913][ T8531] IPVS: using max 19 ests per chain, 45600 per kthread [ 303.754370][ T8535] netlink: 4 bytes leftover after parsing attributes in process `syz.6.526'. [ 303.792355][ T8535] bridge0: entered promiscuous mode [ 303.799839][ T8535] macvtap1: entered promiscuous mode [ 303.821695][ T8535] macvtap1: entered allmulticast mode [ 303.844529][ T8535] bridge0: entered allmulticast mode [ 303.879873][ T8537] bridge0: left allmulticast mode [ 303.892204][ T8537] bridge0: left promiscuous mode [ 303.987264][ T8538] loop5: detected capacity change from 0 to 512 [ 304.024653][ T8538] EXT4-fs: Ignoring removed nomblk_io_submit option [ 304.031438][ T8538] ext4: Unknown parameter 'smackfsdef' [ 304.442436][ T8548] "syz.3.529" (8548) uses obsolete ecb(arc4) skcipher [ 305.687770][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 306.292058][ T8560] loop5: detected capacity change from 0 to 164 [ 306.954586][ C0] 0: reclassify loop, rule prio 0, protocol 800 [ 307.180219][ T8569] loop6: detected capacity change from 0 to 512 [ 307.219410][ T8569] EXT4-fs: Ignoring removed nomblk_io_submit option [ 307.261068][ T8569] ext4: Unknown parameter 'smackfsdef' [ 307.727510][ T5777] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 309.395207][ T8591] netlink: 4 bytes leftover after parsing attributes in process `syz.1.541'. [ 309.602999][ T8590] loop6: detected capacity change from 0 to 40427 [ 309.631703][ T8590] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x7ffff [ 309.640381][ T8590] F2FS-fs (loop6): Image doesn't support compression [ 309.647133][ T8590] F2FS-fs (loop6): Image doesn't support compression [ 309.654063][ T8590] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x4 [ 309.665606][ T8590] F2FS-fs (loop6): invalid crc value [ 309.782362][ T8590] F2FS-fs (loop6): Found nat_bits in checkpoint [ 309.813276][ T8590] F2FS-fs (loop6): Start checkpoint disabled! [ 309.868490][ T8591] netlink: 12 bytes leftover after parsing attributes in process `syz.1.541'. [ 310.062774][ T8590] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 311.069264][ T8608] loop1: detected capacity change from 0 to 1764 [ 311.731795][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 312.071265][ T6729] kworker/u4:15: attempt to access beyond end of device [ 312.071265][ T6729] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 312.118744][ T6729] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 312.133282][ T6729] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 312.140595][ T6729] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 312.318239][ T8619] netlink: 12 bytes leftover after parsing attributes in process `syz.5.552'. [ 314.561356][ T8636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.555'. [ 314.582107][ T8636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.555'. [ 314.753924][ T8641] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.563'. [ 314.763246][ T8641] netlink: 24 bytes leftover after parsing attributes in process `syz.1.563'. [ 315.164019][ T8645] vlan2: entered allmulticast mode [ 315.176632][ T8645] bridge_slave_0: entered allmulticast mode [ 315.192117][ T8633] loop5: detected capacity change from 0 to 32768 [ 315.391277][ T8633] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 316.233575][ T8633] XFS (loop5): Ending clean mount [ 316.346554][ T8633] XFS (loop5): Quotacheck needed: Please wait. [ 316.420966][ T8663] sctp: [Deprecated]: syz.6.562 (pid 8663) Use of int in max_burst socket option. [ 316.420966][ T8663] Use struct sctp_assoc_value instead [ 316.534189][ T8663] netlink: 'syz.6.562': attribute type 4 has an invalid length. [ 316.931138][ T8633] XFS (loop5): Quotacheck: Done. [ 317.199493][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.210006][ T6768] 0: reclassify loop, rule prio 0, protocol 800 [ 317.223746][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.680021][ T6581] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 319.984782][ T8690] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 319.984782][ T8690] program syz.6.570 not setting count and/or reply_len properly [ 320.123754][ T8690] netlink: 'syz.6.570': attribute type 10 has an invalid length. [ 320.175279][ T27] audit: type=1326 audit(1756432373.423:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.223940][ T8690] team0: Port device dummy0 added [ 320.279034][ T27] audit: type=1326 audit(1756432373.453:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.325234][ T27] audit: type=1326 audit(1756432373.503:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.412852][ T27] audit: type=1326 audit(1756432373.503:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.548840][ T27] audit: type=1326 audit(1756432373.513:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.629504][ T27] audit: type=1326 audit(1756432373.513:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.691353][ T27] audit: type=1326 audit(1756432373.513:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.742430][ T27] audit: type=1326 audit(1756432373.523:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.782462][ T27] audit: type=1326 audit(1756432373.603:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 320.822898][ T27] audit: type=1326 audit(1756432373.603:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 323.388671][ T6760] 0: reclassify loop, rule prio 0, protocol 800 [ 326.106517][ T8733] sctp: [Deprecated]: syz.5.588 (pid 8733) Use of struct sctp_assoc_value in delayed_ack socket option. [ 326.106517][ T8733] Use struct sctp_sack_info instead [ 328.122602][ T8746] loop5: detected capacity change from 0 to 40427 [ 328.236865][ T8746] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 328.244858][ T8746] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 328.261193][ T8746] F2FS-fs (loop5): invalid crc value [ 328.366975][ T8746] F2FS-fs (loop5): Found nat_bits in checkpoint [ 328.469790][ T8746] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 328.477152][ T8746] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 329.734739][ T27] audit: type=1800 audit(1756432382.203:69): pid=8757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.585" name="file1" dev="loop5" ino=10 res=0 errno=0 [ 329.757394][ T5791] Bluetooth: hci2: command 0x0406 tx timeout [ 329.797213][ T1075] 0: reclassify loop, rule prio 0, protocol 800 [ 331.164693][ T8769] bridge0: entered allmulticast mode [ 331.170619][ T6729] kworker/u4:15: attempt to access beyond end of device [ 331.170619][ T6729] loop5: rw=1, sector=77824, nr_sectors = 2088 limit=40427 [ 331.362631][ T6729] kworker/u4:15: attempt to access beyond end of device [ 331.362631][ T6729] loop5: rw=1, sector=79912, nr_sectors = 2008 limit=40427 [ 333.912632][ T6729] kworker/u4:15: attempt to access beyond end of device [ 333.912632][ T6729] loop5: rw=1, sector=49152, nr_sectors = 4096 limit=40427 [ 334.708719][ T6729] kworker/u4:15: attempt to access beyond end of device [ 334.708719][ T6729] loop5: rw=1, sector=57344, nr_sectors = 1744 limit=40427 [ 335.133735][ T6719] 0: reclassify loop, rule prio 0, protocol 800 [ 336.134956][ T8792] tipc: Started in network mode [ 336.153910][ T8792] tipc: Node identity 6, cluster identity 4711 [ 336.170557][ T8792] tipc: Node number set to 6 [ 336.246818][ T8796] Bluetooth: MGMT ver 1.22 [ 336.307312][ T27] audit: type=1326 audit(1756432389.543:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 336.401474][ T27] audit: type=1326 audit(1756432389.543:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.056615][ T8810] "syz.6.598" (8810) uses obsolete ecb(arc4) skcipher [ 337.214982][ T27] audit: type=1326 audit(1756432389.543:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.322466][ T27] audit: type=1326 audit(1756432389.543:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.434599][ T27] audit: type=1326 audit(1756432389.543:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.505630][ T27] audit: type=1326 audit(1756432389.543:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.550311][ T27] audit: type=1326 audit(1756432389.543:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.623843][ T27] audit: type=1326 audit(1756432389.543:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.772322][ T27] audit: type=1326 audit(1756432389.543:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 337.960448][ T27] audit: type=1326 audit(1756432389.543:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.5.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c998ebe9 code=0x7ffc0000 [ 339.062236][ T8829] loop6: detected capacity change from 0 to 128 [ 340.273691][ T8830] warning: `syz.5.607' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 340.704256][ T6760] 0: reclassify loop, rule prio 0, protocol 800 [ 342.540101][ T5891] IPVS: starting estimator thread 0... [ 342.727900][ C1] ------------[ cut here ]------------ [ 342.733955][ C1] WARNING: CPU: 1 PID: 8849 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600 [ 342.744080][ C1] Modules linked in: [ 342.748023][ C1] CPU: 1 PID: 8849 Comm: syz.6.612 Not tainted syzkaller #0 [ 342.755390][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 342.765556][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 342.771939][ C1] Code: 24 4c 89 e7 e8 0e 88 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 19 65 97 f7 0f 0b e9 f6 f7 ff ff e8 0d 65 97 f7 <0f> 0b e9 48 fb ff ff e8 01 65 97 f7 48 c7 c7 a0 09 24 8e 4c 89 e6 [ 342.791682][ C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246 [ 342.797844][ C1] RAX: ffffffff89ee2a93 RBX: ffffffff89ee1896 RCX: ffff88807e5b0000 [ 342.805909][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 342.813967][ C1] RBP: 0000000000000000 R08: ffff88807e5b0000 R09: 0000000000000003 [ 342.821977][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888057c1e3c0 [ 342.825838][ T1075] ------------[ cut here ]------------ [ 342.830050][ C1] R13: dffffc0000000000 R14: ffff888057c1e8b0 R15: ffff888069b8dc24 [ 342.830086][ C1] FS: 00007f8b1b1946c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 342.830106][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.830120][ C1] CR2: 0000200000205030 CR3: 0000000058edd000 CR4: 00000000003506e0 [ 342.830141][ C1] Call Trace: [ 342.830150][ C1] [ 342.830163][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 342.830208][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 342.830242][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 342.830284][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 342.830318][ C1] __iterate_interfaces+0x243/0x500 [ 342.830342][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 342.830366][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 342.830401][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 342.830426][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 342.830456][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 342.830483][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 342.830514][ C1] ? hw_scan_work+0xf40/0xf40 [ 342.830546][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 342.830566][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 342.830592][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 342.836497][ T1075] WARNING: CPU: 0 PID: 1075 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 342.844380][ C1] handle_softirqs+0x280/0x820 [ 342.853406][ T1075] Modules linked in: [ 342.859956][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 342.867949][ T1075] [ 342.871210][ C1] ? do_softirq+0x180/0x180 [ 342.874070][ T1075] CPU: 0 PID: 1075 Comm: kworker/u4:6 Not tainted syzkaller #0 [ 342.879616][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 342.885084][ T1075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 342.885100][ T1075] Workqueue: phy13 ieee80211_csa_finalize_work [ 342.892275][ C1] __irq_exit_rcu+0xc7/0x190 [ 342.897968][ T1075] [ 342.903033][ C1] ? irq_exit_rcu+0x20/0x20 [ 342.909363][ T1075] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 342.916547][ C1] irq_exit_rcu+0x9/0x20 [ 342.916568][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.916595][ C1] [ 342.916604][ C1] [ 342.916614][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.916634][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 342.916667][ C1] Code: 74 05 e8 ca 51 14 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 42 ca e3 f6 65 8b 05 b3 18 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 342.916684][ C1] RSP: 0018:ffffc9000c62f580 EFLAGS: 00000206 [ 342.916707][ C1] RAX: 0dfac7ff11a2f000 RBX: 0000000000000a02 RCX: 0dfac7ff11a2f000 [ 342.916724][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaaba20 RDI: 0000000000000001 [ 342.922940][ T1075] Code: 48 89 df e8 1a 06 ea f7 e9 dc fc ff ff e8 f0 bf 92 f7 eb 24 e8 e9 bf 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 d8 bf 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ca bf 92 f7 48 8b 7c 24 08 4c 8b 7c [ 342.929984][ C1] RBP: ffffc9000c62f618 R08: ffffffff90da55af R09: 1ffffffff21b4ab5 [ 342.930000][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ab6 R12: dffffc0000000000 [ 342.936042][ T1075] RSP: 0018:ffffc9000457f9c0 EFLAGS: 00010293 [ 342.940688][ C1] R13: 1ffff1100541eb46 R14: ffff88802a0f59d0 R15: 1ffff920018c5eb0 [ 342.945493][ T1075] [ 342.950521][ C1] ? _raw_spin_unlock+0x40/0x40 [ 342.956586][ T1075] RAX: ffffffff89f2cbce RBX: 0000000000000001 RCX: ffff888023820000 [ 342.961705][ C1] __skb_try_recv_datagram+0x17d/0x4d0 [ 342.972633][ T1075] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 342.977491][ C1] ? sock_load_diag_module+0x140/0x140 [ 342.981294][ T1075] RBP: dffffc0000000000 R08: ffff888057c1d5af R09: 1ffff1100af83ab5 [ 342.986190][ C1] __unix_dgram_recvmsg+0x2d5/0xd60 [ 342.986230][ C1] ? unix_unhash+0x10/0x10 [ 342.988527][ T1075] R10: dffffc0000000000 R11: ffffed100af83ab6 R12: 0000000000000001 [ 342.993063][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 343.000604][ T1075] R13: ffff888057c1e5d9 R14: ffff888076c92c70 R15: ffff888076c92ce8 [ 343.005821][ C1] ? exc_page_fault+0x8f/0x110 [ 343.015910][ T1075] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 343.022068][ C1] ? mark_lock+0x94/0x320 [ 343.026690][ T1075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 343.028991][ C1] ? unix_dgram_recvmsg+0xad/0xd0 [ 343.033506][ T1075] CR2: 0000001b2fe1fff8 CR3: 0000000058edd000 CR4: 00000000003506f0 [ 343.040776][ C1] ? unix_dgram_sendmsg+0x1720/0x1720 [ 343.040803][ C1] sock_recvmsg_nosec+0x82/0xd0 [ 343.040830][ C1] ____sys_recvmsg+0x49b/0x5b0 [ 343.040870][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 343.040915][ C1] ? import_iovec+0x73/0xa0 [ 343.040946][ C1] ___sys_recvmsg+0x1b6/0x510 [ 343.040980][ C1] ? __sys_recvmsg+0x270/0x270 [ 343.041030][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 343.041061][ C1] ? __might_fault+0xc6/0x120 [ 343.041080][ C1] ? __might_fault+0xaa/0x120 [ 343.041103][ C1] do_recvmmsg+0x360/0x7d0 [ 343.041140][ C1] ? __sys_recvmmsg+0x280/0x280 [ 343.041180][ C1] ? vma_end_read+0x18/0x170 [ 343.041211][ C1] ? _raw_spin_unlock+0x40/0x40 [ 343.041250][ C1] __x64_sys_recvmmsg+0x191/0x240 [ 343.041282][ C1] ? do_recvmmsg+0x7d0/0x7d0 [ 343.045789][ T1075] Call Trace: [ 343.051428][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 343.054386][ T1075] [ 343.054413][ T1075] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 343.057592][ C1] do_syscall_64+0x55/0xb0 [ 343.063687][ T1075] ieee80211_csa_finalize+0x59a/0xf00 [ 343.070172][ C1] ? clear_bhb_loop+0x40/0x90 [ 343.089827][ T1075] ? mutex_lock_nested+0x20/0x20 [ 343.095888][ C1] ? clear_bhb_loop+0x40/0x90 [ 343.103914][ T1075] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 343.111861][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 343.131981][ T1075] ? ieee80211_csa_finalize_work+0x140/0x140 [ 343.139829][ C1] RIP: 0033:0x7f8b1a38ebe9 [ 343.139851][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.139869][ C1] RSP: 002b:00007f8b1b194038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 343.139895][ C1] RAX: ffffffffffffffda RBX: 00007f8b1a5b6090 RCX: 00007f8b1a38ebe9 [ 343.139910][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 343.139925][ C1] RBP: 00007f8b1a411e19 R08: 0000000000000000 R09: 0000000000000000 [ 343.139940][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 343.139954][ C1] R13: 00007f8b1a5b6128 R14: 00007f8b1a5b6090 R15: 00007ffc20c476e8 [ 343.139986][ C1] [ 343.139997][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 343.140008][ C1] CPU: 1 PID: 8849 Comm: syz.6.612 Not tainted syzkaller #0 [ 343.140027][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 343.140038][ C1] Call Trace: [ 343.140045][ C1] [ 343.140052][ C1] dump_stack_lvl+0x16c/0x230 [ 343.140080][ C1] ? show_regs_print_info+0x20/0x20 [ 343.140103][ C1] ? load_image+0x3b0/0x3b0 [ 343.140137][ C1] panic+0x2c0/0x710 [ 343.140169][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 343.140213][ C1] __warn+0x2e0/0x470 [ 343.140237][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140268][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140296][ C1] report_bug+0x2be/0x4f0 [ 343.140319][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140345][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140369][ C1] ? __ieee80211_beacon_get+0x1235/0x1600 [ 343.140402][ C1] handle_bug+0xcf/0x120 [ 343.140423][ C1] exc_invalid_op+0x1a/0x50 [ 343.140443][ C1] asm_exc_invalid_op+0x1a/0x20 [ 343.140466][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 343.140490][ C1] Code: 24 4c 89 e7 e8 0e 88 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 19 65 97 f7 0f 0b e9 f6 f7 ff ff e8 0d 65 97 f7 <0f> 0b e9 48 fb ff ff e8 01 65 97 f7 48 c7 c7 a0 09 24 8e 4c 89 e6 [ 343.140505][ C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246 [ 343.140520][ C1] RAX: ffffffff89ee2a93 RBX: ffffffff89ee1896 RCX: ffff88807e5b0000 [ 343.140534][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 343.140545][ C1] RBP: 0000000000000000 R08: ffff88807e5b0000 R09: 0000000000000003 [ 343.140556][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888057c1e3c0 [ 343.140567][ C1] R13: dffffc0000000000 R14: ffff888057c1e8b0 R15: ffff888069b8dc24 [ 343.140584][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 343.140610][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140639][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 343.140666][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 343.140697][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 343.140726][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 343.140761][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 343.140789][ C1] __iterate_interfaces+0x243/0x500 [ 343.140809][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 343.140828][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 343.140851][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 343.140871][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 343.140895][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 343.140916][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 343.140942][ C1] ? hw_scan_work+0xf40/0xf40 [ 343.140968][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 343.140986][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 343.141014][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 343.141036][ C1] handle_softirqs+0x280/0x820 [ 343.141057][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 343.141080][ C1] ? do_softirq+0x180/0x180 [ 343.141101][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 343.141126][ C1] __irq_exit_rcu+0xc7/0x190 [ 343.141142][ C1] ? irq_exit_rcu+0x20/0x20 [ 343.141166][ C1] irq_exit_rcu+0x9/0x20 [ 343.141181][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 343.141203][ C1] [ 343.141209][ C1] [ 343.141216][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 343.141232][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 343.141257][ C1] Code: 74 05 e8 ca 51 14 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 42 ca e3 f6 65 8b 05 b3 18 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 343.141271][ C1] RSP: 0018:ffffc9000c62f580 EFLAGS: 00000206 [ 343.141285][ C1] RAX: 0dfac7ff11a2f000 RBX: 0000000000000a02 RCX: 0dfac7ff11a2f000 [ 343.141298][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaaba20 RDI: 0000000000000001 [ 343.141309][ C1] RBP: ffffc9000c62f618 R08: ffffffff90da55af R09: 1ffffffff21b4ab5 [ 343.141322][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ab6 R12: dffffc0000000000 [ 343.141334][ C1] R13: 1ffff1100541eb46 R14: ffff88802a0f59d0 R15: 1ffff920018c5eb0 [ 343.141364][ C1] ? _raw_spin_unlock+0x40/0x40 [ 343.141405][ C1] __skb_try_recv_datagram+0x17d/0x4d0 [ 343.141433][ C1] ? sock_load_diag_module+0x140/0x140 [ 343.141463][ C1] __unix_dgram_recvmsg+0x2d5/0xd60 [ 343.141496][ C1] ? unix_unhash+0x10/0x10 [ 343.141517][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 343.141541][ C1] ? exc_page_fault+0x8f/0x110 [ 343.141570][ C1] ? mark_lock+0x94/0x320 [ 343.141587][ C1] ? unix_dgram_recvmsg+0xad/0xd0 [ 343.141608][ C1] ? unix_dgram_sendmsg+0x1720/0x1720 [ 343.141630][ C1] sock_recvmsg_nosec+0x82/0xd0 [ 343.141654][ C1] ____sys_recvmsg+0x49b/0x5b0 [ 343.141688][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 343.141725][ C1] ? import_iovec+0x73/0xa0 [ 343.141752][ C1] ___sys_recvmsg+0x1b6/0x510 [ 343.141780][ C1] ? __sys_recvmsg+0x270/0x270 [ 343.141823][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 343.141848][ C1] ? __might_fault+0xc6/0x120 [ 343.141863][ C1] ? __might_fault+0xaa/0x120 [ 343.141881][ C1] do_recvmmsg+0x360/0x7d0 [ 343.141912][ C1] ? __sys_recvmmsg+0x280/0x280 [ 343.141945][ C1] ? vma_end_read+0x18/0x170 [ 343.141970][ C1] ? _raw_spin_unlock+0x40/0x40 [ 343.142001][ C1] __x64_sys_recvmmsg+0x191/0x240 [ 343.142027][ C1] ? do_recvmmsg+0x7d0/0x7d0 [ 343.142053][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 343.142078][ C1] do_syscall_64+0x55/0xb0 [ 343.142096][ C1] ? clear_bhb_loop+0x40/0x90 [ 343.142111][ C1] ? clear_bhb_loop+0x40/0x90 [ 343.142129][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 343.142152][ C1] RIP: 0033:0x7f8b1a38ebe9 [ 343.142165][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.142179][ C1] RSP: 002b:00007f8b1b194038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 343.142196][ C1] RAX: ffffffffffffffda RBX: 00007f8b1a5b6090 RCX: 00007f8b1a38ebe9 [ 343.142208][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 343.142220][ C1] RBP: 00007f8b1a411e19 R08: 0000000000000000 R09: 0000000000000000 [ 343.142231][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 343.142242][ C1] R13: 00007f8b1a5b6128 R14: 00007f8b1a5b6090 R15: 00007ffc20c476e8 [ 343.142269][ C1] [ 343.148566][ C1] Kernel Offset: disabled