last executing test programs: 9.260927807s ago: executing program 2 (id=206): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) 8.3657177s ago: executing program 2 (id=209): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'macsec0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6, @local}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xc}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000) 7.472719795s ago: executing program 2 (id=213): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$vfat(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000d00)=ANY=[], 0x7, 0x364, &(0x7f0000000900)="$eJzs3c1rO0UYwPEnabJNU9rkIIqCdLAXvSxt9CwGaUEIWNpGbAVh2240ZE1KNlQjYtuTV/HuSfBQerPgoaD9B3rxphcRvPUieLAHdWXfkm1e+hKT5vdrvx8omczMszubmZRn02724t0vP6qUbL1kaBJPKYmJiFyKZCUuoVjwGPfKmkQdyCvTf/784tpGMeVXqOX8+qs5pdTsXKLd7XRSzrPvX/yR+/382fPnL/5d/7Bsq7KtqrWGMtRW7deGsWWZaqdsV3SlVizTsE1Vrtpm3W//LtiOVdvdbSqjujOT3q2btq2MalNVzKZq1FSj3lTGB0a5qnRdVzNpwU2KR6urRn7A4O0hDwYjUq/njQkRmepqKR6NZUAAAGCs2vl/w8v/425KP0j+vymzhcLSqnI7B/n/Dx9/dvzSWWP6nZPZIP8/1Xrl/6/94m/rSv7vnk608/+af35Qujn//1rukP93Z0SPy8D5f3YEg8Fg5rSuqtiVZ27+nw7ev57D944XvAL5PwAAAAAAAAAAAAAAAAAAAAAAT4NLx8k4jpMJH8Of9iUEwXM8SP3mf1JEUu7sO8z/Q7a2sSkp78I9d46tL/aKe0X/MehwJiKWmP84ndy1EV55pFxZ+dHaD+L394oTXku+JGU3XhYlI1lvPUXiHWf5rcLSovIF8a3LlNLR+Jxk5Jlo/Pfe6nTjc1fjg/1r8vJ8JF6XjPy0LTWxZMeLbO//80Wl3ny70BE/5fUTkd/ufVIAAAAAABgyXbX0PH/XtX7t/reM5Evex0SmLEhG/u59fr/Q8/w8kXkhMe6jBwAAAADgcbCbn1YMiZt1r2BZvQpT0rdpCIVEq2bSMetJEenZWeuoSV635YnIEd52PJr4dzD5v8f1Tfiq3iUq/EcKd+CtpuCOKjLYeMLj92piicGnKXYg3gI4iDbF5Rbhic7Bz7kVqmfn+b7bOQwOpFUTfmyk9XmdZaV7O/FrVkKyq8aJDbYAnvvq27+G9wZ5/SRYAZ/c3PnQMp19uc2kdBTcXXQ3JUf+iwcAAADAvWsn/WHNG9Hm6I1EojfL4S/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM0Ui+0q+jMO5jBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4U/wUAAP//nVbxdQ==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open(&(0x7f00000001c0)='./file2\x00', 0x86442, 0x0) dup3(r1, r0, 0x0) io_setup(0x2, &(0x7f0000000400)=0x0) io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) 6.628202334s ago: executing program 2 (id=216): socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x36, &(0x7f0000001b00)=ANY=[], 0x0) 6.188266085s ago: executing program 2 (id=219): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18010000400100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40005}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) kexec_load(0x0, 0x0, 0x0, 0x0) 5.676520397s ago: executing program 2 (id=222): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xeb}, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000180)=0x0) timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) 5.350229636s ago: executing program 4 (id=225): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 4.80212442s ago: executing program 4 (id=227): bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x6) r2 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20008010) 4.695357609s ago: executing program 3 (id=228): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) io_uring_setup(0x6a7b, &(0x7f0000000000)={0x0, 0x9d1d, 0x40, 0x0, 0x3e4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) pipe(&(0x7f0000000080)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20040000) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0) 4.335563499s ago: executing program 4 (id=230): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0xb7, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x1e) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0) close(r0) 4.174139476s ago: executing program 1 (id=231): bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1f, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x10000000, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x18) readahead(0xffffffffffffffff, 0x7, 0x0) 3.974306255s ago: executing program 3 (id=232): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e23, 0x0, @mcast1, 0xfff}}, [0x0, 0x1, 0xfffffffffffffff7, 0x1, 0x1, 0x80000000, 0x3aca, 0x0, 0x8001, 0x8, 0x7, 0x9, 0x5, 0x3, 0x6]}, &(0x7f00000001c0)=0x100) 3.400064064s ago: executing program 1 (id=234): syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x10000, 0xa, 0xcb}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) write$evdev(0xffffffffffffffff, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37) 3.13066038s ago: executing program 3 (id=235): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000"], 0x48) bind$inet(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8) close_range(r1, 0xffffffffffffffff, 0x0) 3.030492071s ago: executing program 0 (id=236): symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') acct(0x0) 2.832781625s ago: executing program 1 (id=237): umount2(&(0x7f00000000c0)='./file0\x00', 0xa) 2.492116338s ago: executing program 0 (id=238): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4c21, 0x84, @mcast1, 0x5}, 0x1c) write$binfmt_aout(r2, &(0x7f0000000280)=ANY=[], 0x28) 2.455764056s ago: executing program 3 (id=239): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sched_switch\x00'}, 0x18) syz_mount_image$vfat(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000d00)=ANY=[], 0x7, 0x364, &(0x7f0000000900)="$eJzs3c1rO0UYwPEnabJNU9rkIIqCdLAXvSxt9CwGaUEIWNpGbAVh2240ZE1KNlQjYtuTV/HuSfBQerPgoaD9B3rxphcRvPUieLAHdWXfkm1e+hKT5vdrvx8omczMszubmZRn02724t0vP6qUbL1kaBJPKYmJiFyKZCUuoVjwGPfKmkQdyCvTf/784tpGMeVXqOX8+qs5pdTsXKLd7XRSzrPvX/yR+/382fPnL/5d/7Bsq7KtqrWGMtRW7deGsWWZaqdsV3SlVizTsE1Vrtpm3W//LtiOVdvdbSqjujOT3q2btq2MalNVzKZq1FSj3lTGB0a5qnRdVzNpwU2KR6urRn7A4O0hDwYjUq/njQkRmepqKR6NZUAAAGCs2vl/w8v/425KP0j+vymzhcLSqnI7B/n/Dx9/dvzSWWP6nZPZIP8/1Xrl/6/94m/rSv7vnk608/+af35Qujn//1rukP93Z0SPy8D5f3YEg8Fg5rSuqtiVZ27+nw7ev57D944XvAL5PwAAAAAAAAAAAAAAAAAAAAAAT4NLx8k4jpMJH8Of9iUEwXM8SP3mf1JEUu7sO8z/Q7a2sSkp78I9d46tL/aKe0X/MehwJiKWmP84ndy1EV55pFxZ+dHaD+L394oTXku+JGU3XhYlI1lvPUXiHWf5rcLSovIF8a3LlNLR+Jxk5Jlo/Pfe6nTjc1fjg/1r8vJ8JF6XjPy0LTWxZMeLbO//80Wl3ny70BE/5fUTkd/ufVIAAAAAABgyXbX0PH/XtX7t/reM5Evex0SmLEhG/u59fr/Q8/w8kXkhMe6jBwAAAADgcbCbn1YMiZt1r2BZvQpT0rdpCIVEq2bSMetJEenZWeuoSV635YnIEd52PJr4dzD5v8f1Tfiq3iUq/EcKd+CtpuCOKjLYeMLj92piicGnKXYg3gI4iDbF5Rbhic7Bz7kVqmfn+b7bOQwOpFUTfmyk9XmdZaV7O/FrVkKyq8aJDbYAnvvq27+G9wZ5/SRYAZ/c3PnQMp19uc2kdBTcXXQ3JUf+iwcAAADAvWsn/WHNG9Hm6I1EojfL4S/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM0Ui+0q+jMO5jBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4U/wUAAP//nVbxdQ==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open(&(0x7f00000001c0)='./file2\x00', 0x86442, 0x0) dup3(r1, r0, 0x0) io_setup(0x2, &(0x7f0000000400)=0x0) io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) 2.284639754s ago: executing program 1 (id=240): bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x6) r2 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20008010) 2.236268863s ago: executing program 4 (id=241): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r0 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x400, 0x0, 0x8000021e}, &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7ff, 0x0, 0x1}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) 1.959315435s ago: executing program 0 (id=242): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) io_uring_setup(0x6a7b, &(0x7f0000000000)={0x0, 0x9d1d, 0x40, 0x0, 0x3e4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) pipe(&(0x7f0000000080)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20040000) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0) 1.727227309s ago: executing program 1 (id=243): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 1.47631269s ago: executing program 4 (id=244): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x44080) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x55}, 0x4000) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6}) mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r5, 0x0, 0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r3}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x0) 1.422112815s ago: executing program 3 (id=245): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800"/14], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = gettid() nanosleep(0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r1, 0x545c, 0x200000000000000) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) 1.322761225s ago: executing program 0 (id=246): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x80) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r7, 0xffffffffffffffff, 0x0) 719.70233ms ago: executing program 0 (id=247): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCCONS(r0, 0x541d) 404.680387ms ago: executing program 1 (id=248): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="61030408061b15e8975b77e19c6b3d4fd2be1ed0d80aee0e28fdc802"], 0x1c) 140.928837ms ago: executing program 4 (id=249): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r0, 0x0, 0x8}, 0x18) r1 = socket(0x10, 0x80003, 0x0) write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd00", 0x22) close_range(r1, 0xffffffffffffffff, 0x0) 125.385018ms ago: executing program 0 (id=250): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r1}, &(0x7f0000000200), &(0x7f0000001c40)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0) r5 = dup(r4) r6 = open(&(0x7f0000000000)='./bus\x00', 0x40542, 0x0) ftruncate(r6, 0xee72) sendfile(r5, r6, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000001c0)=0x19) 0s ago: executing program 3 (id=251): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.18' (ED25519) to the list of known hosts. [ 185.656830][ T5774] cgroup: Unknown subsys name 'net' [ 185.788167][ T5774] cgroup: Unknown subsys name 'cpuset' [ 185.807466][ T5774] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 191.610449][ T5774] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 195.925627][ T5799] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 195.934437][ T5799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 195.943035][ T5799] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 195.951358][ T5805] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 195.980318][ T5799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 195.980999][ T5806] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 195.988340][ T5799] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 196.003489][ T5806] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 196.004328][ T5799] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 196.018090][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 196.026144][ T5808] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 196.037722][ T5799] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 196.038083][ T5808] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 196.046776][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 196.054893][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 196.063175][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 196.077102][ T5806] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 196.079358][ T5799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 196.087558][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 196.101543][ T5799] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 196.118469][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 196.127399][ T5799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 196.145711][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 196.154167][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 196.176043][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 197.370025][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 197.682136][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 198.108622][ T5795] chnl_net:caif_netlink_parms(): no params data found [ 198.169340][ T5806] Bluetooth: hci0: command tx timeout [ 198.174944][ T5806] Bluetooth: hci1: command tx timeout [ 198.270938][ T5802] Bluetooth: hci3: command tx timeout [ 198.277004][ T5802] Bluetooth: hci2: command tx timeout [ 198.309363][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.316876][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.326877][ T5791] bridge_slave_0: entered allmulticast mode [ 198.333206][ T5806] Bluetooth: hci4: command tx timeout [ 198.336612][ T5791] bridge_slave_0: entered promiscuous mode [ 198.473663][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 198.494504][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.502097][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.509875][ T5791] bridge_slave_1: entered allmulticast mode [ 198.519420][ T5791] bridge_slave_1: entered promiscuous mode [ 198.805326][ T5803] chnl_net:caif_netlink_parms(): no params data found [ 198.874658][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.012778][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.052585][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.063784][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.071573][ T5790] bridge_slave_0: entered allmulticast mode [ 199.081268][ T5790] bridge_slave_0: entered promiscuous mode [ 199.257616][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.266949][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.274812][ T5790] bridge_slave_1: entered allmulticast mode [ 199.284522][ T5790] bridge_slave_1: entered promiscuous mode [ 199.364791][ T5791] team0: Port device team_slave_0 added [ 199.468376][ T5791] team0: Port device team_slave_1 added [ 199.517648][ T5795] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.525311][ T5795] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.533131][ T5795] bridge_slave_0: entered allmulticast mode [ 199.542560][ T5795] bridge_slave_0: entered promiscuous mode [ 199.632908][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.643920][ T5795] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.651702][ T5795] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.659287][ T5795] bridge_slave_1: entered allmulticast mode [ 199.667434][ T5795] bridge_slave_1: entered promiscuous mode [ 199.771387][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.862518][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.871366][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 199.897786][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.947051][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.957822][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.967583][ T5792] bridge_slave_0: entered allmulticast mode [ 199.976891][ T5792] bridge_slave_0: entered promiscuous mode [ 200.025429][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.032756][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 200.059085][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.114952][ T5795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.125448][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.133782][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.141373][ T5792] bridge_slave_1: entered allmulticast mode [ 200.150085][ T5792] bridge_slave_1: entered promiscuous mode [ 200.245531][ T5795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.255397][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.256276][ T5806] Bluetooth: hci1: command tx timeout [ 200.263000][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.268175][ T5806] Bluetooth: hci0: command tx timeout [ 200.275759][ T5803] bridge_slave_0: entered allmulticast mode [ 200.290724][ T5803] bridge_slave_0: entered promiscuous mode [ 200.330264][ T5802] Bluetooth: hci2: command tx timeout [ 200.335909][ T5806] Bluetooth: hci3: command tx timeout [ 200.339845][ T5790] team0: Port device team_slave_0 added [ 200.397642][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.420416][ T5802] Bluetooth: hci4: command tx timeout [ 200.438276][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.447926][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.455693][ T5803] bridge_slave_1: entered allmulticast mode [ 200.464131][ T5803] bridge_slave_1: entered promiscuous mode [ 200.490038][ T5790] team0: Port device team_slave_1 added [ 200.531785][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.703403][ T5791] hsr_slave_0: entered promiscuous mode [ 200.713781][ T5791] hsr_slave_1: entered promiscuous mode [ 200.729793][ T5795] team0: Port device team_slave_0 added [ 200.852341][ T5792] team0: Port device team_slave_0 added [ 200.867062][ T5795] team0: Port device team_slave_1 added [ 200.884908][ T5792] team0: Port device team_slave_1 added [ 200.902893][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.950535][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.957833][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 200.984694][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.095468][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.172671][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.181273][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.209235][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.223455][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.230683][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.257916][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.334504][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.341727][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.369370][ T5795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.400683][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.407805][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.434631][ T5795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.449083][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.456189][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.482737][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.552099][ T5803] team0: Port device team_slave_0 added [ 201.630967][ T5803] team0: Port device team_slave_1 added [ 201.802627][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.809894][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.836354][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.936810][ T5790] hsr_slave_0: entered promiscuous mode [ 201.945742][ T5790] hsr_slave_1: entered promiscuous mode [ 201.954122][ T5790] debugfs: 'hsr0' already exists in 'hsr' [ 201.960073][ T5790] Cannot create hsr debugfs directory [ 202.000282][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 202.007397][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 202.033951][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 202.094024][ T5795] hsr_slave_0: entered promiscuous mode [ 202.104052][ T5795] hsr_slave_1: entered promiscuous mode [ 202.112756][ T5795] debugfs: 'hsr0' already exists in 'hsr' [ 202.118588][ T5795] Cannot create hsr debugfs directory [ 202.264642][ T5792] hsr_slave_0: entered promiscuous mode [ 202.274688][ T5792] hsr_slave_1: entered promiscuous mode [ 202.283343][ T5792] debugfs: 'hsr0' already exists in 'hsr' [ 202.289287][ T5792] Cannot create hsr debugfs directory [ 202.329192][ T5802] Bluetooth: hci0: command tx timeout [ 202.332093][ T5806] Bluetooth: hci1: command tx timeout [ 202.411354][ T5806] Bluetooth: hci2: command tx timeout [ 202.413858][ T5802] Bluetooth: hci3: command tx timeout [ 202.490092][ T5802] Bluetooth: hci4: command tx timeout [ 202.676882][ T5803] hsr_slave_0: entered promiscuous mode [ 202.685646][ T5803] hsr_slave_1: entered promiscuous mode [ 202.693975][ T5803] debugfs: 'hsr0' already exists in 'hsr' [ 202.699891][ T5803] Cannot create hsr debugfs directory [ 203.415113][ T5791] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 203.445706][ T5791] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 203.525118][ T5791] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 203.545532][ T5791] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 203.865863][ T5795] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 203.910257][ T5795] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 203.982522][ T5795] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 204.051144][ T5795] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 204.176035][ T5792] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 204.202487][ T5792] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 204.273721][ T5792] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 204.346900][ T5792] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 204.441189][ T5802] Bluetooth: hci0: command tx timeout [ 204.446800][ T5802] Bluetooth: hci1: command tx timeout [ 204.457847][ T5790] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 204.489492][ T5802] Bluetooth: hci2: command tx timeout [ 204.498094][ T5806] Bluetooth: hci3: command tx timeout [ 204.570505][ T5802] Bluetooth: hci4: command tx timeout [ 204.613676][ T5790] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 204.660422][ T5790] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 204.685693][ T5790] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 204.710849][ T5803] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 204.776640][ T5803] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 204.850182][ T5803] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 204.922641][ T5803] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 205.075462][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.452117][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.493846][ T4283] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.501403][ T4283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.572502][ T4283] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.580073][ T4283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.614130][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.814110][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.892482][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.935922][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.984985][ T4283] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.992569][ T4283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.035888][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.096083][ T4283] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.103702][ T4283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.168559][ T4283] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.176135][ T4283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.269436][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.316929][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.368533][ T4283] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.376129][ T4283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.392840][ T4283] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.400449][ T4283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.505532][ T4283] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.513139][ T4283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.726733][ T5792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 206.864263][ T5803] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.997249][ T4004] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.004899][ T4004] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.126489][ T4004] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.134269][ T4004] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.802073][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.185477][ T5791] veth0_vlan: entered promiscuous mode [ 208.256814][ T5791] veth1_vlan: entered promiscuous mode [ 208.640264][ T5791] veth0_macvtap: entered promiscuous mode [ 208.695686][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.727944][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.755198][ T5791] veth1_macvtap: entered promiscuous mode [ 208.822768][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.975606][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.196076][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.317059][ T5792] veth0_vlan: entered promiscuous mode [ 209.354155][ T5795] veth0_vlan: entered promiscuous mode [ 209.361567][ T4310] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.414939][ T4310] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.444974][ T4310] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.469807][ T5792] veth1_vlan: entered promiscuous mode [ 209.505617][ T5795] veth1_vlan: entered promiscuous mode [ 209.526552][ T5790] veth0_vlan: entered promiscuous mode [ 209.580417][ T4310] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.604513][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.766943][ T5790] veth1_vlan: entered promiscuous mode [ 209.887570][ T5795] veth0_macvtap: entered promiscuous mode [ 209.913495][ T5792] veth0_macvtap: entered promiscuous mode [ 209.960077][ T5795] veth1_macvtap: entered promiscuous mode [ 209.996827][ T5792] veth1_macvtap: entered promiscuous mode [ 210.171093][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.181072][ T5790] veth0_macvtap: entered promiscuous mode [ 210.242468][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.277719][ T5790] veth1_macvtap: entered promiscuous mode [ 210.343533][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.396018][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.470841][ T14] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.499760][ T4310] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.550284][ T4310] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.570085][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.598596][ T14] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.654745][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.672087][ T3580] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.727858][ T3580] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.782760][ T3580] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.871252][ T3580] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.935061][ T3580] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.998515][ T3580] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.007922][ T3580] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.063880][ T3580] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.423490][ T5803] veth0_vlan: entered promiscuous mode [ 212.506257][ T5803] veth1_vlan: entered promiscuous mode [ 212.865980][ T5803] veth0_macvtap: entered promiscuous mode [ 212.930151][ T5803] veth1_macvtap: entered promiscuous mode [ 213.075176][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 213.184420][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.258629][ T3580] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.268726][ T3580] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.277929][ T3580] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.332963][ T3580] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.831455][ T4310] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 215.840592][ T4310] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.052682][ T4310] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.061755][ T4310] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.460197][ T5791] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 216.599325][ T4310] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.607364][ T4310] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.934555][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.942905][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.083551][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.091720][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.149860][ T3580] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.157874][ T3580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.274644][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.283140][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.492845][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.501052][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.172109][ T30] audit: type=1326 audit(1761095112.223:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 218.450175][ T30] audit: type=1326 audit(1761095112.483:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 218.473903][ T30] audit: type=1326 audit(1761095112.483:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 218.499012][ T30] audit: type=1326 audit(1761095112.483:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 218.580705][ T5991] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 218.845477][ T5995] capability: warning: `syz.2.7' uses 32-bit capabilities (legacy support in use) [ 219.003340][ T5984] loop3: detected capacity change from 0 to 4096 [ 219.222963][ T5984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.704696][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.713048][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.780443][ T6005] loop2: detected capacity change from 0 to 512 [ 219.885369][ T6005] EXT4-fs: Ignoring removed oldalloc option [ 219.892066][ T6005] journal_path: Non-blockdev passed as './bus' [ 219.898507][ T6005] EXT4-fs: error: could not find journal device path [ 219.954513][ T5846] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 220.039673][ T5795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.087433][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.096555][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.192772][ T5846] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 220.201013][ T5846] usb 2-1: can't read configurations, error -71 [ 220.642622][ T6010] tls_set_device_offload: netdev not found [ 220.786664][ T6012] unsupported nla_type 52263 [ 221.432710][ T6022] loop1: detected capacity change from 0 to 128 [ 221.720665][ T30] audit: type=1800 audit(1761095115.763:6): pid=6022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.14" name="file2" dev="loop1" ino=1048606 res=0 errno=0 [ 222.470466][ T6034] loop2: detected capacity change from 0 to 128 [ 222.788571][ T6034] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002] [ 222.797294][ T6034] System zones: 1-3, 19-19, 35-36 [ 222.882263][ T6034] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 222.944478][ T6034] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 223.397908][ T6044] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.687175][ T6044] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.730632][ T5791] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 223.947531][ T6044] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.308693][ T6044] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.689885][ T77] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.718711][ T77] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.757641][ T6060] loop1: detected capacity change from 0 to 128 [ 224.854891][ T30] audit: type=1800 audit(1761095118.903:7): pid=6060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.29" name="file2" dev="loop1" ino=1048608 res=0 errno=0 [ 224.920441][ T4004] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.949949][ T77] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.577882][ T30] audit: type=1326 audit(1761095119.633:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 225.959780][ T30] audit: type=1326 audit(1761095119.903:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 225.982203][ T30] audit: type=1326 audit(1761095119.903:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 226.010230][ T30] audit: type=1326 audit(1761095119.923:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 226.419015][ T30] audit: type=1326 audit(1761095120.463:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 226.441783][ T30] audit: type=1326 audit(1761095120.473:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 226.464653][ T30] audit: type=1326 audit(1761095120.473:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 226.487524][ T30] audit: type=1326 audit(1761095120.483:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 226.511572][ T30] audit: type=1326 audit(1761095120.483:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 226.998011][ T6080] loop0: detected capacity change from 0 to 512 [ 227.120330][ T6080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.137878][ T6080] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 227.220702][ T6080] ======================================================= [ 227.220702][ T6080] WARNING: The mand mount option has been deprecated and [ 227.220702][ T6080] and is ignored by this kernel. Remove the mand [ 227.220702][ T6080] option from the mount to silence this warning. [ 227.220702][ T6080] ======================================================= [ 227.262268][ T6080] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 227.289463][ T6080] EXT4-fs (loop0): changing journal_checksum during remount not supported; ignoring [ 227.354033][ T6080] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 227.375011][ T6087] loop1: detected capacity change from 0 to 512 [ 227.468066][ T6087] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 227.490526][ T6087] EXT4-fs (loop1): orphan cleanup on readonly fs [ 227.529561][ T6087] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #13: comm syz.1.40: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 227.685794][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.697032][ T6087] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.40: couldn't read orphan inode 13 (err -117) [ 227.778271][ T6087] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 228.020310][ T6097] loop3: detected capacity change from 0 to 128 [ 228.130859][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.606224][ T6105] loop2: detected capacity change from 0 to 128 [ 228.722939][ T6105] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 228.809490][ T6105] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 229.009316][ T6113] netlink: 8 bytes leftover after parsing attributes in process `syz.3.51'. [ 229.018216][ T6113] netem: unknown loss type 0 [ 229.026532][ T6113] netem: change failed [ 229.111450][ T5791] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 229.227749][ T6116] 9pnet_fd: Insufficient options for proto=fd [ 229.874760][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 229.874835][ T30] audit: type=1326 audit(1761095123.933:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.099194][ T30] audit: type=1326 audit(1761095124.003:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.125801][ T30] audit: type=1326 audit(1761095124.013:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.149844][ T30] audit: type=1326 audit(1761095124.013:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.207312][ T30] audit: type=1326 audit(1761095124.013:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.234380][ T30] audit: type=1326 audit(1761095124.023:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.258171][ T30] audit: type=1326 audit(1761095124.023:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.280668][ T30] audit: type=1326 audit(1761095124.043:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.303600][ T30] audit: type=1326 audit(1761095124.083:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.329889][ T30] audit: type=1326 audit(1761095124.083:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 230.381945][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 230.389232][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 231.003643][ T6137] loop4: detected capacity change from 0 to 128 [ 231.189618][ T6139] loop0: detected capacity change from 0 to 1024 [ 231.348259][ T6139] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.394481][ T6144] loop1: detected capacity change from 0 to 128 [ 231.454890][ T6144] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 231.476923][ T6144] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 232.039671][ T6151] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.66' sets config #1 [ 232.136179][ T5790] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 232.222994][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.693959][ T4283] Bluetooth: hci5: Frame reassembly failed (-84) [ 233.941328][ T6170] loop0: detected capacity change from 0 to 1024 [ 233.947853][ T6172] loop4: detected capacity change from 0 to 128 [ 234.123513][ T6170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.497704][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.729056][ T5802] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 234.883431][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 234.883498][ T30] audit: type=1326 audit(1761095128.943:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f41f312b099 code=0x7ffc0000 [ 235.104858][ T30] audit: type=1326 audit(1761095128.983:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 235.131461][ T30] audit: type=1326 audit(1761095128.983:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f41f3185e67 code=0x7ffc0000 [ 235.155379][ T30] audit: type=1326 audit(1761095128.983:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f41f312b099 code=0x7ffc0000 [ 235.177675][ T30] audit: type=1326 audit(1761095128.983:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f41f3185e67 code=0x7ffc0000 [ 235.200157][ T30] audit: type=1326 audit(1761095128.993:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f41f312b099 code=0x7ffc0000 [ 235.226496][ T30] audit: type=1326 audit(1761095129.003:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 235.250200][ T30] audit: type=1326 audit(1761095129.063:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 235.273762][ T30] audit: type=1326 audit(1761095129.063:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 235.299302][ T30] audit: type=1326 audit(1761095129.073:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.0.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 235.615090][ T6186] netlink: 'syz.1.81': attribute type 4 has an invalid length. [ 236.600542][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.88'. [ 236.611627][ T6203] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.704065][ T6203] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 238.992300][ T6235] netlink: 28 bytes leftover after parsing attributes in process `syz.0.101'. [ 239.001704][ T6235] netlink: 'syz.0.101': attribute type 7 has an invalid length. [ 239.014443][ T6235] netlink: 'syz.0.101': attribute type 8 has an invalid length. [ 239.023785][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.101'. [ 239.050026][ T6235] syz_tun: entered promiscuous mode [ 239.181057][ T6235] syz_tun: left promiscuous mode [ 239.494113][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.103'. [ 239.504026][ T6239] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.742955][ T6239] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 240.486493][ T30] kauditd_printk_skb: 68 callbacks suppressed [ 240.486568][ T30] audit: type=1326 audit(1761095134.543:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.542039][ T30] audit: type=1326 audit(1761095134.603:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.632318][ T30] audit: type=1326 audit(1761095134.663:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.660993][ T30] audit: type=1326 audit(1761095134.663:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.684369][ T30] audit: type=1326 audit(1761095134.663:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.706217][ T30] audit: type=1326 audit(1761095134.663:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.728156][ T30] audit: type=1326 audit(1761095134.663:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.754221][ T30] audit: type=1326 audit(1761095134.673:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.777380][ T30] audit: type=1326 audit(1761095134.673:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 240.799389][ T30] audit: type=1326 audit(1761095134.673:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 241.781313][ T6272] netlink: 28 bytes leftover after parsing attributes in process `syz.1.116'. [ 241.790768][ T6272] netlink: 'syz.1.116': attribute type 7 has an invalid length. [ 241.798592][ T6272] netlink: 'syz.1.116': attribute type 8 has an invalid length. [ 241.806620][ T6272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.116'. [ 241.831911][ T6272] syz_tun: entered promiscuous mode [ 242.057801][ T6272] syz_tun: left promiscuous mode [ 242.843076][ T6279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.118'. [ 242.852733][ T6279] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 242.907627][ T6279] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 244.559126][ T6298] netlink: 28 bytes leftover after parsing attributes in process `syz.2.127'. [ 244.568638][ T6298] netlink: 'syz.2.127': attribute type 7 has an invalid length. [ 244.576758][ T6298] netlink: 'syz.2.127': attribute type 8 has an invalid length. [ 244.584925][ T6298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.127'. [ 248.164020][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 248.164094][ T30] audit: type=1804 audit(1761095142.223:234): pid=6331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.137" name="/newroot/31/file0" dev="tmpfs" ino=179 res=1 errno=0 [ 248.171099][ T6330] netlink: 28 bytes leftover after parsing attributes in process `syz.4.140'. [ 248.171247][ T6330] netlink: 'syz.4.140': attribute type 7 has an invalid length. [ 248.171325][ T6330] netlink: 'syz.4.140': attribute type 8 has an invalid length. [ 248.171401][ T6330] netlink: 4 bytes leftover after parsing attributes in process `syz.4.140'. [ 249.509085][ C1] hrtimer: interrupt took 365192 ns [ 250.727959][ T30] audit: type=1326 audit(1761095144.733:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="syz.1.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 250.751567][ T30] audit: type=1326 audit(1761095144.773:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="syz.1.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.350845][ T30] audit: type=1326 audit(1761095144.883:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="syz.1.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.380092][ T30] audit: type=1326 audit(1761095144.883:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.407762][ T30] audit: type=1326 audit(1761095144.883:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.431833][ T30] audit: type=1326 audit(1761095144.883:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.455061][ T30] audit: type=1326 audit(1761095144.883:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.478503][ T30] audit: type=1326 audit(1761095144.883:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.500690][ T30] audit: type=1326 audit(1761095144.933:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f669678efc9 code=0x7ffc0000 [ 251.737747][ T6374] netlink: 28 bytes leftover after parsing attributes in process `syz.2.154'. [ 251.749334][ T6374] netlink: 'syz.2.154': attribute type 7 has an invalid length. [ 251.757591][ T6374] netlink: 'syz.2.154': attribute type 8 has an invalid length. [ 251.769302][ T6374] netlink: 4 bytes leftover after parsing attributes in process `syz.2.154'. [ 255.075562][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 255.075642][ T30] audit: type=1326 audit(1761095149.123:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="syz.0.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.111069][ T30] audit: type=1326 audit(1761095149.123:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="syz.0.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.135023][ T30] audit: type=1326 audit(1761095149.143:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="syz.0.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.159283][ T30] audit: type=1326 audit(1761095149.143:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.181366][ T30] audit: type=1326 audit(1761095149.143:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.207132][ T30] audit: type=1326 audit(1761095149.153:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.234444][ T30] audit: type=1326 audit(1761095149.163:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.268337][ T30] audit: type=1326 audit(1761095149.163:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.300575][ T30] audit: type=1326 audit(1761095149.163:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.328434][ T30] audit: type=1326 audit(1761095149.163:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6411 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 255.521179][ T6416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.168'. [ 255.532727][ T6416] netlink: 'syz.4.168': attribute type 7 has an invalid length. [ 255.544029][ T6416] netlink: 'syz.4.168': attribute type 8 has an invalid length. [ 255.552887][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.4.168'. [ 259.346038][ T6463] loop4: detected capacity change from 0 to 128 [ 259.583428][ T6463] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 259.602237][ T6463] FAT-fs (loop4): Filesystem has been set read-only [ 259.612626][ T6463] syz.4.185: attempt to access beyond end of device [ 259.612626][ T6463] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 260.907872][ T6474] netlink: 'syz.4.189': attribute type 10 has an invalid length. [ 260.956949][ T6474] team0: Port device dummy0 added [ 261.697384][ T6488] netlink: 76 bytes leftover after parsing attributes in process `syz.3.193'. [ 261.790840][ T30] kauditd_printk_skb: 61 callbacks suppressed [ 261.790915][ T30] audit: type=1326 audit(1761095155.853:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.4.194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a6298efc9 code=0x7ffc0000 [ 261.821239][ T30] audit: type=1326 audit(1761095155.853:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.4.194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a6298efc9 code=0x7ffc0000 [ 262.702692][ T6500] loop0: detected capacity change from 0 to 128 [ 262.938304][ T6500] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 262.947087][ T6500] FAT-fs (loop0): Filesystem has been set read-only [ 262.954752][ T6500] syz.0.199: attempt to access beyond end of device [ 262.954752][ T6500] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 262.984703][ T30] audit: type=1800 audit(1761095156.983:337): pid=6500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.199" name="file2" dev="loop0" ino=1048615 res=0 errno=0 [ 266.142672][ T30] audit: type=1326 audit(1761095160.183:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.205321][ T30] audit: type=1326 audit(1761095160.243:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.228592][ T30] audit: type=1326 audit(1761095160.243:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.254856][ T30] audit: type=1326 audit(1761095160.243:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.339292][ T30] audit: type=1326 audit(1761095160.353:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.365504][ T30] audit: type=1326 audit(1761095160.353:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.389337][ T30] audit: type=1326 audit(1761095160.363:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41f318efc9 code=0x7ffc0000 [ 266.469469][ T6530] macsec0: entered promiscuous mode [ 266.579378][ T6528] macsec0: left promiscuous mode [ 267.118261][ T6540] loop2: detected capacity change from 0 to 128 [ 267.213909][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 267.213983][ T30] audit: type=1800 audit(1761095161.273:363): pid=6540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.213" name="file2" dev="loop2" ino=1048617 res=0 errno=0 [ 267.258509][ T6540] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 267.266813][ T6540] FAT-fs (loop2): Filesystem has been set read-only [ 267.279479][ T6540] syz.2.213: attempt to access beyond end of device [ 267.279479][ T6540] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 267.451405][ T6543] loop0: detected capacity change from 0 to 256 [ 267.508226][ T6543] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 267.594707][ T6543] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 268.167600][ T30] audit: type=1326 audit(1761095162.213:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.247596][ T30] audit: type=1326 audit(1761095162.273:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.270561][ T30] audit: type=1326 audit(1761095162.273:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.299165][ T30] audit: type=1326 audit(1761095162.283:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6550 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cc78efc9 code=0x7ffc0000 [ 268.323984][ T30] audit: type=1326 audit(1761095162.283:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.346680][ T30] audit: type=1326 audit(1761095162.293:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6550 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc2cc78efc9 code=0x7ffc0000 [ 268.370379][ T30] audit: type=1326 audit(1761095162.293:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6550 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cc78efc9 code=0x7ffc0000 [ 268.395564][ T30] audit: type=1326 audit(1761095162.293:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.422648][ T30] audit: type=1326 audit(1761095162.293:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.2.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7ff02538efc9 code=0x7ffc0000 [ 268.995620][ T6564] macsec0: entered promiscuous mode [ 269.029596][ T6563] macsec0: left promiscuous mode [ 269.349051][ T6570] loop0: detected capacity change from 0 to 128 [ 269.387715][ T6570] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 269.396348][ T6570] FAT-fs (loop0): Filesystem has been set read-only [ 269.403961][ T6570] syz.0.226: attempt to access beyond end of device [ 269.403961][ T6570] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 269.817441][ T6574] netlink: 28 bytes leftover after parsing attributes in process `syz.3.228'. [ 269.827610][ T6574] netlink: 28 bytes leftover after parsing attributes in process `syz.3.228'. [ 269.873922][ T6574] ip6gretap0: entered promiscuous mode [ 269.889157][ T6574] syz_tun: entered promiscuous mode [ 272.164640][ T6599] loop3: detected capacity change from 0 to 128 [ 272.252230][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 272.252306][ T30] audit: type=1800 audit(1761095166.313:397): pid=6599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.239" name="file2" dev="loop3" ino=1048622 res=0 errno=0 [ 272.361022][ T6599] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.370268][ T6599] FAT-fs (loop3): Filesystem has been set read-only [ 272.378035][ T6599] syz.3.239: attempt to access beyond end of device [ 272.378035][ T6599] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.659607][ T6606] netlink: 28 bytes leftover after parsing attributes in process `syz.0.242'. [ 272.669375][ T6606] netlink: 28 bytes leftover after parsing attributes in process `syz.0.242'. [ 272.694383][ T6606] ip6gretap0: entered promiscuous mode [ 272.712046][ T6606] syz_tun: entered promiscuous mode [ 272.720532][ T6606] debugfs: 'hsr1' already exists in 'hsr' [ 272.726435][ T6606] Cannot create hsr debugfs directory [ 274.353198][ T61] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x1b [ 274.362926][ T61] ===================================================== [ 274.372690][ T61] BUG: KMSAN: uninit-value in nci_ntf_packet+0x26b2/0x46c0 [ 274.385142][ T61] nci_ntf_packet+0x26b2/0x46c0 [ 274.391084][ T61] nci_rx_work+0x403/0x750 [ 274.395879][ T61] process_scheduled_works+0xb91/0x1d80 [ 274.407933][ T61] worker_thread+0xedf/0x1590 [ 274.418485][ T61] kthread+0xd5c/0xf00 [ 274.424042][ T61] ret_from_fork+0x1f5/0x4c0 [ 274.432209][ T61] ret_from_fork_asm+0x1a/0x30 [ 274.437625][ T61] [ 274.446096][ T61] Uninit was created at: [ 274.457399][ T61] kmem_cache_alloc_node_noprof+0x989/0x16b0 [ 274.466266][ T61] kmalloc_reserve+0x13c/0x4b0 [ 274.472624][ T61] __alloc_skb+0x347/0x7d0 [ 274.478238][ T61] virtual_ncidev_write+0x6b/0x430 [ 274.484220][ T61] vfs_write+0x48a/0x15d0 [ 274.489760][ T61] __x64_sys_write+0x1fb/0x4d0 [ 274.496465][ T61] x64_sys_call+0x3014/0x3e30 [ 274.502294][ T61] do_syscall_64+0xd9/0xfa0 [ 274.507335][ T61] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.514329][ T61] [ 274.516893][ T61] CPU: 1 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(none) [ 274.529873][ T61] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 274.540859][ T61] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 274.555094][ T61] ===================================================== [ 274.568872][ T61] Disabling lock debugging due to kernel taint [ 274.576834][ T61] Kernel panic - not syncing: kmsan.panic set ... [ 274.585426][ T61] CPU: 1 UID: 0 PID: 61 Comm: kworker/u8:4 Tainted: G B syzkaller #0 PREEMPT(none) [ 274.600182][ T61] Tainted: [B]=BAD_PAGE [ 274.606599][ T61] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 274.622127][ T61] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 274.629484][ T61] Call Trace: [ 274.633679][ T61] [ 274.636702][ T61] __dump_stack+0x26/0x30 [ 274.642522][ T61] dump_stack_lvl+0x53/0x270 [ 274.648400][ T61] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 274.657524][ T61] dump_stack+0x1e/0x25 [ 274.664570][ T61] vpanic+0x435/0xd30 [ 274.673994][ T61] panic+0x15d/0x160 [ 274.678212][ T61] kmsan_report+0x31c/0x320 [ 274.682912][ T61] ? __msan_warning+0x1b/0x30 [ 274.689982][ T61] ? nci_ntf_packet+0x26b2/0x46c0 [ 274.699855][ T61] ? nci_rx_work+0x403/0x750 [ 274.706851][ T61] ? process_scheduled_works+0xb91/0x1d80 [ 274.712927][ T61] ? worker_thread+0xedf/0x1590 [ 274.718522][ T61] ? kthread+0xd5c/0xf00 [ 274.723476][ T61] ? ret_from_fork+0x1f5/0x4c0 [ 274.729536][ T61] ? ret_from_fork_asm+0x1a/0x30 [ 274.734996][ T61] ? ret_from_fork_asm+0x1a/0x30 [ 274.743086][ T61] ? vprintk_emit+0xb51/0xb60 [ 274.749307][ T61] ? vprintk_default+0x3f/0x50 [ 274.756767][ T61] ? vprintk+0x36/0x50 [ 274.762391][ T61] ? _printk+0x17e/0x1b0 [ 274.768708][ T61] ? kmsan_get_metadata+0xfb/0x160 [ 274.774499][ T61] __msan_warning+0x1b/0x30 [ 274.783546][ T61] nci_ntf_packet+0x26b2/0x46c0 [ 274.789334][ T61] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 274.798398][ T61] ? sk_skb_reason_drop+0x13f/0x440 [ 274.806063][ T61] nci_rx_work+0x403/0x750 [ 274.811040][ T61] ? __pfx_nci_rx_work+0x10/0x10 [ 274.816627][ T61] process_scheduled_works+0xb91/0x1d80 [ 274.824825][ T61] worker_thread+0xedf/0x1590 [ 274.831663][ T61] kthread+0xd5c/0xf00 [ 274.838723][ T61] ? __pfx_worker_thread+0x10/0x10 [ 274.849014][ T61] ? __pfx_kthread+0x10/0x10 [ 274.855106][ T61] ret_from_fork+0x1f5/0x4c0 [ 274.860029][ T61] ? __pfx_kthread+0x10/0x10 [ 274.866165][ T61] ret_from_fork_asm+0x1a/0x30 [ 274.873240][ T61] [ 274.877764][ T61] Kernel Offset: disabled [ 274.885555][ T61] Rebooting in 86400 seconds..