last executing test programs: 6.344250959s ago: executing program 3 (id=90): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r0, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x8000, 0x2}) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3}) 4.700374659s ago: executing program 1 (id=95): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x10009, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 4.658357462s ago: executing program 2 (id=96): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='uni_xlate=1,iocharset=iso8859-5,shortname=winnt,nonumtail=0,uni_xlate=1,utf8=0,iocharset=maccroatian,iocharset=macgaelic,allow_utime=00000000000000000000527,nfs,nonumtail=0,iocharset=cp865,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c636f6465706167653d3835352c004c87a56b54e381762bf87fb98d86d772421a964d437fff01c5e125acb191c125f8030000000000009dba05feee081e91fc61a0fef5511251"], 0x1, 0x238, &(0x7f0000000500)="$eJzs3c9qE10YB+B3krRf+rlIFq5EcEAXrkrbK2iRCmJXShbqQottQZJQsBBoFWNXXoGX5cY78AKE7nRRGJlM0rSQaov5U+rzbHJgzm/Oe5ITspo3r263m1u7ezuH779FtZpEaTVWk6OIepRi4GMAANfJzyyLo6xwuWSlNKmaAIDJuuDv/8IUSwIAJuzps+eP1zY21p+kaTWi/anTSKJ4La6v7cSbaMV2LEUtjiOyE8X44aON9aikuXrca3c7jTzZfvmlf/+17xG9/HLUoj46v5wWTuW7ncZc/N9ffzXPr0Qtbo7Or4zIR2M+7t89Vf9i1OLr69iNVmxFnh3mPyyn6YPs8493L/KK83zS7TT+680byspT/3AAAAAAAAAAAAAAAAAAAAAAALi2FtM0Tfsddbpn+u+Uj3vXF9OB+tn+PEX+vP5A3VP9dZbyJZJi/jBfiVuVqMxy7wAAAAAAAAAAAAAAAAAAAHBV7O0fNDdbre23Yx0MHusf/53/dhDlfmmtJOIK1NMbLOT1TGetOzHhtaK0f9AcnK7mZhJ/SFUndEiyEcevfG5qfkyrz98Y7y6SiJg7eTN/N7kac2P+pgAAAAAAAAAAAAAAAAAAAFM2fOh3xMXDGRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMw/P//Swy6/fAFUzPeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+AXwEAAP//QBx8JQ==") bpf$MAP_CREATE(0x0, 0x0, 0x50) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) creat(&(0x7f0000000200)='./file1\x00', 0x12e) 4.611924372s ago: executing program 3 (id=97): mknodat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) fchown(r0, 0xee01, 0x0) 4.31036131s ago: executing program 4 (id=98): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$FUSE_STATX(r0, &(0x7f00000032c0)={0x130, 0xfffffffffffffff5, 0x0, {0x0, 0x80000001, 0x0, '\x00', {0x200, 0x7, 0x7, 0x8, 0x0, 0x0, 0x8000, '\x00', 0x7fff, 0x10001, 0x9, 0x100000000, {0x2, 0x1}, {0x0, 0x80}, {0x71a, 0x6}, {0x9, 0x4}, 0x7fff, 0x9, 0x6, 0x81}}}, 0x130) fallocate(r0, 0x0, 0xa94b, 0x8001) lseek(r0, 0x2, 0x4) 3.875923939s ago: executing program 0 (id=99): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) shutdown(r0, 0x1) 3.786625924s ago: executing program 1 (id=100): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000340)='./file0\x00') rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000040)='./file0\x00') 3.723810008s ago: executing program 3 (id=101): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000640)={&(0x7f00000005c0)=[0x0], &(0x7f0000000600), 0x1, r1, 0xc0c0c0c0}) ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000680)={0xf, r2, r1}) 3.675563412s ago: executing program 4 (id=102): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0xfffffffe, 0x1, 'queue1\x00', 0x1}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000100)={0x152, @tick=0x8003, 0x0, {0x2, 0x3}, 0x42, 0x1}) 3.618982788s ago: executing program 2 (id=103): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xcbd4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x10000, 0x2cc, 0x2, 0x6, 0x3}, 0x20) 3.172181362s ago: executing program 0 (id=104): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12d25}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x85}, 0x4000000) 2.866198674s ago: executing program 1 (id=105): ioprio_set$uid(0x3, 0x0, 0x4007) io_setup(0x8, &(0x7f0000000240)=0x0) r1 = eventfd2(0x1, 0x1) io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f0000000140)={0x0, 0x0, 0x2000, 0x7, 0x4, r1, 0x0, 0x0, 0x3, 0x0, 0x5, r1}]) 2.811922224s ago: executing program 2 (id=106): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x11}, 0x5}, 0x1c) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/consoles\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x1000000003fffff) 2.736552276s ago: executing program 3 (id=107): timer_create(0x2, 0x0, &(0x7f0000044000)=0x0) timer_settime(r0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_clone(0x6306c080, 0x0, 0x0, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000f40)={{0x0, 0x989680}}, &(0x7f0000000f80)) 2.666450505s ago: executing program 4 (id=108): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 2.345464019s ago: executing program 0 (id=109): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="01", 0x1, 0xffffffffffffffff) r1 = add_key$user(&(0x7f0000000140), &(0x7f0000002840)={'syz', 0x0}, &(0x7f0000002880)="f40fc24077021c9b084c60ffc26f26db12b9e78d629870bb26edb4a5e1cc0942ed8c58ca4fe84b94a0e31ea64089ee9ca1efb52945ffebbfea11dd3d0df936a10285eccab940ab5c96cb5d81dac1ad2243d878dde6cfd6ea08d5abcb00bb35436929ddabce530b63fab525337057438cf64a506d54d5c83e3e593d1d53ad0e6a44168fe8cfc6ad98b653d80636e4ddc1f2ab58762b3494250b9557f5b606a43e50874c90143034142cd5f7bd9b4dd876b97b7feb75b9138dde818a3c6b96dd80", 0xc0, 0xfffffffffffffffb) r2 = add_key$user(&(0x7f00000000c0), &(0x7f0000001180)={'syz', 0x3}, &(0x7f00000011c0)='%8', 0x2, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000001340)={r2, r1, r0}, &(0x7f0000002940)=""/4106, 0x100a, 0x0) 2.032085493s ago: executing program 2 (id=110): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000680), 0x0, 0x5, 0x0, 0x0, r1}) 2.005752992s ago: executing program 4 (id=111): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x38}}, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4}) ioctl$sock_netdev_private(r0, 0x89f2, &(0x7f0000000000)) 1.963011504s ago: executing program 1 (id=112): unshare(0x400) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x18}) fallocate(r0, 0x41, 0x0, 0x3fe) 1.62040737s ago: executing program 0 (id=113): recvmmsg(0xffffffffffffffff, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000017c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000004900)=""/130, 0x82}], 0x6}, 0x3ff}], 0x1, 0x2, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) recvmmsg(r0, &(0x7f00000002c0), 0x220, 0x100, 0x0) 1.328711468s ago: executing program 4 (id=114): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x5, 0x60ff, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3acf1ec7ae70bb24"}}, 0x48}}, 0x0) 1.198633034s ago: executing program 1 (id=115): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1}) ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000000)={0x18}) 989.196255ms ago: executing program 3 (id=116): syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file1\x00', 0x39000, &(0x7f0000000280)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/FH50/9GTqJCAqqp7ypiIPbdaAjNKKBUS4sITjmWY2dtrEzVpNwCwJvuuimf9cVRAhCdBEEYhddhRLeddGdd15kV0lEJ+Y0N5tapk7y/brYHvZ8P4fv+bPD9h1s+vjda9GwY4TNlFTXV0l1u+RktkqapVoW5OTI9ZH3+85duHg6EAx2nFXtDHT7/KradGC09+bwobHUjvMvm17XyXjzpekZ/9T47vE909+7r0YcjTgai6fU1L54PGX22Zb233eihuoZ2zIdSyMxx0qW9MN2PJHIqBnrb2xIJC3HUTOW0aiV0VRcU8mMmlfMSEwNw9DGBsHKhtOPAst3Q89nXVdmUu9cty4nruvmX6zfxOmhwubOv+sWnf87lZ4SNlHRTb1exB5Kh9KhwnOhHwhLRGyxpFW88k3y14j7eMSdu1Tyjzf8I8HJo2/fqGqzDNrZ+Xw2HfKU5n3idT2FTEGh7jwV7PBpQWn+P2kozvvFK7vK5/1l87VyuKUob4hXJi9LXGyZGD34Zapr6MFCftCneqIruCT/v/QvHqZnnyt0fgAAAAAAAAAAWAtDfyq7fm/kB9weUNXGJf1CvtzvA0vX51vLrs/XyN6ayu47AAAAAADbhZMZiJq2bSX/ssh/lV+P7fx7xZNbvz94f+fKY1raPBPtH3KJrbBff1B87dkS0ygtZH71abXBnnV+pywWn9ZlO1Xz81t+zMnejy9W3U7tL8dnOWMbf1cCAAAAsBEWP/S3STb8Kp3tOXav0nMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGC7WcNfjk08LNfSfLHzablWpfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgJT8CAAD//wva0Pw=") r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x3, 0x0, @remote, 0x5}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 855.437764ms ago: executing program 0 (id=117): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x6, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0) 786.019908ms ago: executing program 2 (id=118): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x2c, r2, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) 555.351339ms ago: executing program 4 (id=119): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r0, &(0x7f0000000000)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e20, @loopback}}}, 0x84) 307.41533ms ago: executing program 1 (id=120): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x2ac, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x298, 0x1, [@m_gact={0x1ac, 0x17, 0x0, 0x0, {{0x9}, {0x4}, {0x17d, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca11cc86255d345cc97e3e5a060faa5892b6b343ae47592ed09d5829b187941331c8c321997cbc0395a6658c85915c1468ea768127b402af42155e96f11ef5f95a4118370c736689c029238b89e6a7a47d06e553b3f1968de8d30df98c713bd5d1"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0x30, 0x12, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_bpf={0x2c, 0xa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x8c, 0x2, 0x0, 0x0, {{0xb}, {0x60, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x5, 0x2, 0x2, 0x141, 0x7f}}, @TCA_DEF_PARMS={0x18, 0x2, {0x19, 0x2, 0x6, 0x50, 0x5}}, @TCA_DEF_DATA={0x9, 0x3, '&[-(\x00'}, @TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x101, 0x1, 0x7, 0x187e, 0xb}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x2ac}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 156.226863ms ago: executing program 0 (id=121): r0 = syz_io_uring_setup(0xd79, &(0x7f0000000480)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000001500)=0x0, &(0x7f0000003580)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_CONNECT={0x10, 0x50, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x64f7, 0x32aa, 0xc, 0x0, 0x0) 53.426723ms ago: executing program 3 (id=122): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000054b9000000000000000000808500000041000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 0s ago: executing program 2 (id=123): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x6], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x3], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.50' (ED25519) to the list of known hosts. [ 203.843232][ T5777] cgroup: Unknown subsys name 'net' [ 203.978407][ T5777] cgroup: Unknown subsys name 'cpuset' [ 203.998860][ T5777] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 229.916145][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.923138][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.382382][ T5777] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 261.398907][ T5800] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 261.411170][ T5800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 261.459546][ T5800] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 261.575126][ T5805] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 261.584169][ T5805] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 261.593580][ T5805] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 261.607571][ T5805] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 261.618523][ T5805] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 261.626567][ T5805] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 261.684442][ T5800] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 261.878891][ T5805] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 261.899959][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 261.910188][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 261.924274][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 261.934147][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 261.944705][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 261.954532][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 261.972582][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 261.984194][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 262.022885][ T5814] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 262.053186][ T5814] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 262.097661][ T5800] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 262.135958][ T5800] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 262.239458][ T5800] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 262.277070][ T5800] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 262.769724][ T5803] chnl_net:caif_netlink_parms(): no params data found [ 263.657218][ T5805] Bluetooth: hci1: command tx timeout [ 263.739313][ T5805] Bluetooth: hci0: command tx timeout [ 263.759455][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.767159][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.774990][ T5803] bridge_slave_0: entered allmulticast mode [ 263.787897][ T5803] bridge_slave_0: entered promiscuous mode [ 263.827431][ T5799] chnl_net:caif_netlink_parms(): no params data found [ 263.851862][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.860613][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.868512][ T5803] bridge_slave_1: entered allmulticast mode [ 263.878456][ T5803] bridge_slave_1: entered promiscuous mode [ 264.067534][ T5805] Bluetooth: hci3: command tx timeout [ 264.089375][ T5809] chnl_net:caif_netlink_parms(): no params data found [ 264.137055][ T5805] Bluetooth: hci2: command tx timeout [ 264.204827][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.218109][ T5813] chnl_net:caif_netlink_parms(): no params data found [ 264.250853][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.458704][ T5805] Bluetooth: hci4: command tx timeout [ 264.605912][ T5803] team0: Port device team_slave_0 added [ 264.670589][ T5803] team0: Port device team_slave_1 added [ 264.935245][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 264.944425][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.971083][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 265.089104][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 265.096352][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.123040][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.139347][ T5799] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.147076][ T5799] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.154780][ T5799] bridge_slave_0: entered allmulticast mode [ 265.169237][ T5799] bridge_slave_0: entered promiscuous mode [ 265.184815][ T5808] chnl_net:caif_netlink_parms(): no params data found [ 265.206513][ T5799] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.214468][ T5799] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.222451][ T5799] bridge_slave_1: entered allmulticast mode [ 265.232124][ T5799] bridge_slave_1: entered promiscuous mode [ 265.455803][ T5809] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.464179][ T5809] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.473499][ T5809] bridge_slave_0: entered allmulticast mode [ 265.483459][ T5809] bridge_slave_0: entered promiscuous mode [ 265.513009][ T5799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.555612][ T5799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.613335][ T5809] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.621559][ T5809] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.629464][ T5809] bridge_slave_1: entered allmulticast mode [ 265.638995][ T5809] bridge_slave_1: entered promiscuous mode [ 265.742203][ T5805] Bluetooth: hci1: command tx timeout [ 265.817224][ T5805] Bluetooth: hci0: command tx timeout [ 266.064254][ T5803] hsr_slave_0: entered promiscuous mode [ 266.074667][ T5803] hsr_slave_1: entered promiscuous mode [ 266.085460][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.093438][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.101265][ T5813] bridge_slave_0: entered allmulticast mode [ 266.110883][ T5813] bridge_slave_0: entered promiscuous mode [ 266.133176][ T5809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.143560][ T5805] Bluetooth: hci3: command tx timeout [ 266.157055][ T5799] team0: Port device team_slave_0 added [ 266.172051][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.179968][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.188391][ T5813] bridge_slave_1: entered allmulticast mode [ 266.198546][ T5813] bridge_slave_1: entered promiscuous mode [ 266.220017][ T5809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.238890][ T5805] Bluetooth: hci2: command tx timeout [ 266.245581][ T5799] team0: Port device team_slave_1 added [ 266.537087][ T5805] Bluetooth: hci4: command tx timeout [ 266.664020][ T5809] team0: Port device team_slave_0 added [ 266.682821][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.747839][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.755041][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.781657][ T5799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.804065][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.822129][ T5809] team0: Port device team_slave_1 added [ 266.830337][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.838297][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.845890][ T5808] bridge_slave_0: entered allmulticast mode [ 266.855832][ T5808] bridge_slave_0: entered promiscuous mode [ 266.883837][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.891858][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.899697][ T5808] bridge_slave_1: entered allmulticast mode [ 266.909449][ T5808] bridge_slave_1: entered promiscuous mode [ 266.921319][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.928628][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.955181][ T5799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.216054][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.223393][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.249980][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.359928][ T5813] team0: Port device team_slave_0 added [ 267.370829][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.378268][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.404817][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.481877][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.500007][ T5813] team0: Port device team_slave_1 added [ 267.593012][ T5799] hsr_slave_0: entered promiscuous mode [ 267.603182][ T5799] hsr_slave_1: entered promiscuous mode [ 267.612130][ T5799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.620442][ T5799] Cannot create hsr debugfs directory [ 267.637070][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.730365][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.737733][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.764282][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.817623][ T5805] Bluetooth: hci1: command tx timeout [ 267.897027][ T5805] Bluetooth: hci0: command tx timeout [ 267.923665][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.931070][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.957586][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.053927][ T5808] team0: Port device team_slave_0 added [ 268.115156][ T5809] hsr_slave_0: entered promiscuous mode [ 268.125480][ T5809] hsr_slave_1: entered promiscuous mode [ 268.134848][ T5809] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 268.142858][ T5809] Cannot create hsr debugfs directory [ 268.190182][ T5808] team0: Port device team_slave_1 added [ 268.217072][ T5805] Bluetooth: hci3: command tx timeout [ 268.296943][ T5805] Bluetooth: hci2: command tx timeout [ 268.512423][ T5813] hsr_slave_0: entered promiscuous mode [ 268.522344][ T5813] hsr_slave_1: entered promiscuous mode [ 268.531321][ T5813] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 268.539231][ T5813] Cannot create hsr debugfs directory [ 268.583604][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.592221][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.619961][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.630589][ T5805] Bluetooth: hci4: command tx timeout [ 268.748565][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.755713][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.782311][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 269.164910][ T5803] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 269.241160][ T5808] hsr_slave_0: entered promiscuous mode [ 269.251662][ T5808] hsr_slave_1: entered promiscuous mode [ 269.260825][ T5808] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.268962][ T5808] Cannot create hsr debugfs directory [ 269.296628][ T5803] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 269.422866][ T5803] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 269.532648][ T5803] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 269.906958][ T5805] Bluetooth: hci1: command tx timeout [ 269.977697][ T5805] Bluetooth: hci0: command tx timeout [ 270.082894][ T5799] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 270.178395][ T5799] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 270.226001][ T5799] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 270.263921][ T5799] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 270.302578][ T5805] Bluetooth: hci3: command tx timeout [ 270.377748][ T5805] Bluetooth: hci2: command tx timeout [ 270.461403][ T5809] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 270.536483][ T5809] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 270.606322][ T5809] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 270.684408][ T5809] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 270.701371][ T5805] Bluetooth: hci4: command tx timeout [ 270.876373][ T5813] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 270.934770][ T5813] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 270.999278][ T5813] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 271.051037][ T5813] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 271.205068][ T5808] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 271.244367][ T5808] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 271.313112][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.328859][ T5808] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 271.383091][ T5808] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 271.596479][ T5803] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.719101][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.726851][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.840503][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.848173][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.080141][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.283455][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.323312][ T5799] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.438470][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.446121][ T4295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.566527][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.593295][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.607462][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.615079][ T4295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.717334][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.724953][ T4295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.846311][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.904149][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.911846][ T4295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.968696][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.069668][ T5799] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 273.081468][ T5799] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 273.142726][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.150436][ T4295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.182969][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.190669][ T4295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.337453][ T5808] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.433747][ T5809] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 273.490500][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.498204][ T4295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.715091][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.722943][ T4295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 275.106273][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.380348][ T5799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.641753][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.924948][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.125482][ T5799] veth0_vlan: entered promiscuous mode [ 276.278034][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.296604][ T5799] veth1_vlan: entered promiscuous mode [ 276.386332][ T5809] veth0_vlan: entered promiscuous mode [ 276.608068][ T5809] veth1_vlan: entered promiscuous mode [ 276.641009][ T5813] veth0_vlan: entered promiscuous mode [ 276.764689][ T5813] veth1_vlan: entered promiscuous mode [ 276.785732][ T5799] veth0_macvtap: entered promiscuous mode [ 276.929070][ T5799] veth1_macvtap: entered promiscuous mode [ 277.057809][ T5809] veth0_macvtap: entered promiscuous mode [ 277.073646][ T5808] veth0_vlan: entered promiscuous mode [ 277.176811][ T5809] veth1_macvtap: entered promiscuous mode [ 277.208623][ T5813] veth0_macvtap: entered promiscuous mode [ 277.237322][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 277.246604][ T5808] veth1_vlan: entered promiscuous mode [ 277.309232][ T5813] veth1_macvtap: entered promiscuous mode [ 277.338873][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 277.445274][ T5799] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.456903][ T5799] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.465991][ T5799] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.475382][ T5799] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.592052][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 277.683535][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 277.711140][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 277.795296][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 277.829450][ T5809] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.838690][ T5809] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.847970][ T5809] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.857094][ T5809] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.896799][ T5808] veth0_macvtap: entered promiscuous mode [ 277.933199][ T5808] veth1_macvtap: entered promiscuous mode [ 278.011546][ T5813] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.020930][ T5813] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.030221][ T5813] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.040693][ T5813] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.161715][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 278.286438][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 278.328633][ T5803] veth0_vlan: entered promiscuous mode [ 278.374183][ T5808] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.387457][ T5808] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.396537][ T5808] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.408206][ T5808] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.435032][ T5803] veth1_vlan: entered promiscuous mode [ 278.848317][ T5803] veth0_macvtap: entered promiscuous mode [ 278.988109][ T5803] veth1_macvtap: entered promiscuous mode [ 279.221572][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 279.332099][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 279.416061][ T5803] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.427931][ T5803] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.438756][ T5803] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.448775][ T5803] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.094731][ T4590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.104762][ T4590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.294123][ T4295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.303354][ T4295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.328792][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.339340][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.615795][ T4295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.624053][ T4295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.680376][ T4590] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.688656][ T4590] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.837665][ T4590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.845696][ T4590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.957236][ T4590] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.965372][ T4590] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.006282][ T5809] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 286.125395][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.134259][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.915676][ T5981] loop2: detected capacity change from 0 to 2048 [ 286.977433][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.985664][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.157948][ T5984] netlink: 'syz.3.4': attribute type 7 has an invalid length. [ 287.171691][ T5987] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 287.288222][ T4590] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.296526][ T4590] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.317829][ T30] audit: type=1800 audit(1749255278.437:2): pid=5981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 287.359222][ T5981] NILFS (loop2): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3) [ 287.371474][ T5981] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=16) [ 287.567331][ T5981] Remounting filesystem read-only [ 287.572862][ T5981] NILFS (loop2): error -5 truncating bmap (ino=16) [ 288.038520][ T5996] netlink: 'syz.3.7': attribute type 2 has an invalid length. [ 288.046415][ T5996] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7'. [ 288.438679][ T5809] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 288.963262][ T5998] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.973437][ T5998] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.300098][ T5998] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 289.331529][ T5998] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 289.783568][ T5998] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.795364][ T5998] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.810121][ T5998] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.821239][ T5998] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.074884][ T6013] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 290.769637][ T6020] loop0: detected capacity change from 0 to 512 [ 290.856021][ T6020] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 290.870312][ T6020] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 290.974955][ T6020] EXT4-fs error (device loop0): __ext4_iget:5379: inode #11: block 16777237: comm syz.0.17: invalid block [ 291.097705][ T6020] EXT4-fs (loop0): Remounting filesystem read-only [ 291.107556][ T6020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.368131][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.375062][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.569164][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.825387][ T6036] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 291.943873][ T6039] loop1: detected capacity change from 0 to 256 [ 292.206254][ T6039] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 293.333011][ T6054] loop4: detected capacity change from 0 to 1024 [ 293.374823][ T6057] loop1: detected capacity change from 0 to 128 [ 293.478403][ T6058] pim6reg: entered allmulticast mode [ 293.513927][ T6054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 293.636271][ T6054] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.29: bg 0: block 88: padding at end of block bitmap is not set [ 293.679492][ T30] audit: type=1800 audit(1749255284.797:3): pid=6057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.30" name="file1" dev="loop1" ino=1048600 res=0 errno=0 [ 293.712856][ T6062] loop2: detected capacity change from 0 to 7 [ 293.729421][ T6054] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 293.802227][ T6062] Dev loop2: unable to read RDB block 7 [ 293.808532][ T6062] loop2: unable to read partition table [ 293.907378][ T6065] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 293.959306][ T6062] loop2: partition table beyond EOD, truncated [ 293.965976][ T6062] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 294.310277][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.876686][ T6071] loop0: detected capacity change from 0 to 1024 [ 295.086363][ T6071] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 295.459083][ T6078] netlink: 'syz.2.41': attribute type 10 has an invalid length. [ 295.529197][ T6078] team0: Port device macvlan0 added [ 295.819497][ T6083] loop4: detected capacity change from 0 to 64 [ 295.891344][ T6083] ======================================================= [ 295.891344][ T6083] WARNING: The mand mount option has been deprecated and [ 295.891344][ T6083] and is ignored by this kernel. Remove the mand [ 295.891344][ T6083] option from the mount to silence this warning. [ 295.891344][ T6083] ======================================================= [ 296.136376][ T30] audit: type=1800 audit(1749255287.257:4): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.42" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 296.517948][ T6087] netlink: 'syz.1.45': attribute type 9 has an invalid length. [ 296.544005][ T6087] bond_slave_0: entered promiscuous mode [ 296.550269][ T6087] bond_slave_1: entered promiscuous mode [ 296.561741][ T6087] macvlan2: entered promiscuous mode [ 296.569055][ T6087] bond0: entered promiscuous mode [ 296.583462][ T6087] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 296.714800][ T6090] netlink: 208 bytes leftover after parsing attributes in process `syz.0.44'. [ 298.069178][ T6095] loop3: detected capacity change from 0 to 40427 [ 298.097084][ T5853] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 298.189798][ T6095] F2FS-fs (loop3): invalid crc value [ 298.582199][ T6095] F2FS-fs (loop3): Start checkpoint disabled! [ 298.597901][ T6095] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 298.997009][ T5853] usb 5-1: Using ep0 maxpacket: 32 [ 299.045162][ T5853] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 299.057482][ T5853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.071530][ T6100] loop0: detected capacity change from 0 to 40427 [ 299.092708][ T6100] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 299.102824][ T6100] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 299.115921][ T6100] F2FS-fs (loop0): invalid crc value [ 299.240636][ T5853] usb 5-1: config 0 descriptor?? [ 299.556585][ T6100] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 299.564165][ T6100] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 299.598553][ T5853] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 299.644171][ T5853] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 299.728005][ T5853] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 299.739875][ T5853] usb 5-1: media controller created [ 299.871686][ T5853] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 300.272472][ T5853] az6027: usb out operation failed. (-71) [ 300.288641][ T5853] az6027: usb out operation failed. (-71) [ 300.294768][ T5853] stb0899_attach: Driver disabled by Kconfig [ 300.306009][ T5853] az6027: no front-end attached [ 300.306009][ T5853] [ 300.341789][ T5853] az6027: usb out operation failed. (-71) [ 300.352411][ T5853] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 300.364695][ T5853] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5 [ 300.490966][ T5853] dvb-usb: schedule remote query interval to 400 msecs. [ 300.498644][ T5853] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 300.732543][ T5853] usb 5-1: USB disconnect, device number 2 [ 301.256079][ T5853] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 301.408795][ T6116] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 301.428175][ T6116] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 301.767057][ T5120] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 301.789433][ T6121] process 'syz.4.58' launched '/dev/fd/3' with NULL argv: empty string added [ 302.031399][ T5120] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 302.041013][ T5120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.059516][ T6125] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 302.070546][ T6125] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 302.212307][ T5120] usb 3-1: config 0 descriptor?? [ 302.327248][ T5120] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 302.761734][ T5120] gspca_cpia1: usb_control_msg 03, error -32 [ 302.827561][ T5120] cpia1 3-1:0.0: unexpected state after lo power cmd: 00 [ 302.854402][ T6129] loop3: detected capacity change from 0 to 512 [ 302.987238][ T5120] gspca_cpia1: usb_control_msg 01, error -71 [ 302.993522][ T5120] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0) [ 303.083184][ T5120] usb 3-1: USB disconnect, device number 2 [ 303.139937][ T6129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.153387][ T6129] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 303.254498][ T6133] loop0: detected capacity change from 0 to 1024 [ 303.296652][ T6133] EXT4-fs: Ignoring removed nobh option [ 303.303077][ T6133] EXT4-fs: Ignoring removed bh option [ 303.542082][ T6133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 303.824756][ T6133] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 303.839704][ T6141] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) ! [ 303.957982][ T6133] EXT4-fs (loop0): Remounting filesystem read-only [ 303.977373][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.519781][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.747506][ T6150] sch_tbf: peakrate 6 is lower than or equals to rate 120 ! [ 305.973328][ T6164] loop4: detected capacity change from 0 to 512 [ 306.068674][ T6164] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 306.164968][ T6157] loop0: detected capacity change from 0 to 4096 [ 307.618786][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 308.028352][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 308.100881][ T6180] loop0: detected capacity change from 0 to 40427 [ 308.162829][ T6180] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288) [ 308.172172][ T6180] F2FS-fs (loop0): Invalid uid value -1 [ 308.437827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 308.446469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 308.628219][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 308.677855][ T6175] loop4: detected capacity change from 0 to 4096 [ 308.722929][ T6184] loop1: detected capacity change from 0 to 64 [ 309.046415][ T6186] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 309.272873][ T30] audit: type=1800 audit(1749255300.367:5): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.80" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 309.437767][ T5853] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 309.611513][ T5813] hfs: node 4:3 still has 1 user(s)! [ 309.668504][ T5853] usb 1-1: Using ep0 maxpacket: 8 [ 309.747878][ T5853] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 309.757593][ T5853] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.765997][ T5853] usb 1-1: Product: syz [ 309.774036][ T5853] usb 1-1: Manufacturer: syz [ 309.780016][ T5853] usb 1-1: SerialNumber: syz [ 309.963927][ T5853] usb 1-1: config 0 descriptor?? [ 309.989685][ T5853] gspca_main: se401-2.14.0 probing 047d:5003 [ 310.445218][ T5853] gspca_se401: Frame size: 31091x12922 bayer [ 310.452204][ T5853] gspca_se401: Frame size: 0x0 1/16th janggu [ 310.459138][ T5853] gspca_se401: Frame size: 20x0 bayer [ 310.715179][ T5853] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6 [ 310.910774][ T5853] usb 1-1: USB disconnect, device number 2 [ 311.989387][ T6214] warning: `syz.1.95' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 312.045571][ T6217] loop2: detected capacity change from 0 to 256 [ 312.157033][ T6217] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 312.668459][ T2986] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 315.633377][ T6260] loop3: detected capacity change from 0 to 128 [ 316.495446][ T6274] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 316.824246][ T35] ===================================================== [ 316.831698][ T35] BUG: KMSAN: uninit-value in xas_load+0xd20/0xd70 [ 316.844961][ T35] xas_load+0xd20/0xd70 [ 316.849537][ T35] xas_find+0x2c8/0xd40 [ 316.853937][ T35] xa_find+0x15a/0x2a0 [ 316.858825][ T35] io_unregister_zcrx_ifqs+0x75/0x1d0 [ 316.864487][ T35] io_ring_ctx_free+0x61/0x740 [ 316.869634][ T35] io_ring_exit_work+0xdec/0xe20 [ 316.874837][ T35] process_scheduled_works+0xb8e/0x1d80 [ 316.880797][ T35] worker_thread+0xedf/0x1590 [ 316.885731][ T35] kthread+0xd5c/0xf00 [ 316.890319][ T35] ret_from_fork+0x1e3/0x310 [ 316.895127][ T35] ret_from_fork_asm+0x1a/0x30 [ 316.900383][ T35] [ 316.902826][ T35] Uninit was stored to memory at: [ 316.908257][ T35] xa_find+0x26c/0x2a0 [ 316.912568][ T35] io_unregister_zcrx_ifqs+0x75/0x1d0 [ 316.918417][ T35] io_ring_ctx_free+0x61/0x740 [ 316.923423][ T35] io_ring_exit_work+0xdec/0xe20 [ 316.928733][ T35] process_scheduled_works+0xb8e/0x1d80 [ 316.939439][ T35] worker_thread+0xedf/0x1590 [ 316.944388][ T35] kthread+0xd5c/0xf00 [ 316.952990][ T35] ret_from_fork+0x1e3/0x310 [ 316.958112][ T35] ret_from_fork_asm+0x1a/0x30 [ 316.963144][ T35] [ 316.965603][ T35] Local variable id created at: [ 316.970788][ T35] io_unregister_zcrx_ifqs+0x3d/0x1d0 [ 316.976402][ T35] io_ring_ctx_free+0x61/0x740 [ 316.981681][ T35] [ 316.984180][ T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(undef) [ 316.996362][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 317.006880][ T35] Workqueue: iou_exit io_ring_exit_work [ 317.012752][ T35] ===================================================== [ 317.021121][ T35] Disabling lock debugging due to kernel taint [ 317.027989][ T35] Kernel panic - not syncing: kmsan.panic set ... [ 317.034616][ T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G B 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(undef) [ 317.048196][ T35] Tainted: [B]=BAD_PAGE [ 317.052490][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 317.062731][ T35] Workqueue: iou_exit io_ring_exit_work [ 317.068548][ T35] Call Trace: [ 317.071977][ T35] [ 317.075049][ T35] __dump_stack+0x26/0x30 [ 317.079617][ T35] dump_stack_lvl+0x53/0x270 [ 317.084470][ T35] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 317.090584][ T35] dump_stack+0x1e/0x25 [ 317.094978][ T35] panic+0x4bd/0xd50 [ 317.099156][ T35] kmsan_report+0x31c/0x320 [ 317.103900][ T35] ? __msan_warning+0x1b/0x30 [ 317.108801][ T35] ? xas_load+0xd20/0xd70 [ 317.113332][ T35] ? xas_find+0x2c8/0xd40 [ 317.117865][ T35] ? xa_find+0x15a/0x2a0 [ 317.122335][ T35] ? io_unregister_zcrx_ifqs+0x75/0x1d0 [ 317.128096][ T35] ? io_ring_ctx_free+0x61/0x740 [ 317.133253][ T35] ? io_ring_exit_work+0xdec/0xe20 [ 317.138594][ T35] ? process_scheduled_works+0xb8e/0x1d80 [ 317.144604][ T35] ? worker_thread+0xedf/0x1590 [ 317.149724][ T35] ? kthread+0xd5c/0xf00 [ 317.154173][ T35] ? ret_from_fork+0x1e3/0x310 [ 317.159134][ T35] ? ret_from_fork_asm+0x1a/0x30 [ 317.164362][ T35] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 317.170383][ T35] ? stack_depot_save_flags+0x60f/0x7b0 [ 317.176197][ T35] ? stack_depot_save+0x12/0x20 [ 317.181245][ T35] ? kmsan_internal_chain_origin+0xb6/0xd0 [ 317.187278][ T35] ? kmsan_internal_chain_origin+0x5d/0xd0 [ 317.193320][ T35] ? __msan_chain_origin+0xc3/0x140 [ 317.198744][ T35] ? xa_find+0x26c/0x2a0 [ 317.203198][ T35] ? io_unregister_zcrx_ifqs+0x75/0x1d0 [ 317.208972][ T35] ? io_ring_ctx_free+0x61/0x740 [ 317.214136][ T35] ? io_ring_exit_work+0xdec/0xe20 [ 317.219456][ T35] ? process_scheduled_works+0xb8e/0x1d80 [ 317.225419][ T35] ? worker_thread+0xedf/0x1590 [ 317.230511][ T35] ? kthread+0xd5c/0xf00 [ 317.234954][ T35] ? ret_from_fork+0x1e3/0x310 [ 317.239911][ T35] ? ret_from_fork_asm+0x1a/0x30 [ 317.245098][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 317.250529][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.256299][ T35] __msan_warning+0x1b/0x30 [ 317.261030][ T35] xas_load+0xd20/0xd70 [ 317.265395][ T35] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 317.271725][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 317.277108][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.282866][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.288677][ T35] xas_find+0x2c8/0xd40 [ 317.293052][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 317.298405][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 317.303768][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.309553][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.315327][ T35] xa_find+0x15a/0x2a0 [ 317.319637][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.325435][ T35] io_unregister_zcrx_ifqs+0x75/0x1d0 [ 317.331028][ T35] ? io_sqe_files_unregister+0xea/0x120 [ 317.336819][ T35] io_ring_ctx_free+0x61/0x740 [ 317.341825][ T35] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 317.347905][ T35] io_ring_exit_work+0xdec/0xe20 [ 317.353099][ T35] ? __pfx_io_tctx_exit_cb+0x10/0x10 [ 317.358661][ T35] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 317.365338][ T35] ? __pfx_io_ring_exit_work+0x10/0x10 [ 317.371046][ T35] process_scheduled_works+0xb8e/0x1d80 [ 317.376937][ T35] worker_thread+0xedf/0x1590 [ 317.381960][ T35] kthread+0xd5c/0xf00 [ 317.386316][ T35] ? __pfx_worker_thread+0x10/0x10 [ 317.391704][ T35] ? __pfx_kthread+0x10/0x10 [ 317.396535][ T35] ret_from_fork+0x1e3/0x310 [ 317.401350][ T35] ? __pfx_kthread+0x10/0x10 [ 317.406189][ T35] ret_from_fork_asm+0x1a/0x30 [ 317.411236][ T35] [ 317.414572][ T35] Kernel Offset: disabled [ 317.419048][ T35] Rebooting in 86400 seconds..