last executing test programs: 26.942885883s ago: executing program 4 (id=411): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket(0x10, 0x803, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 25.99093447s ago: executing program 4 (id=414): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x6b, 0x11, 0xe}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x5e, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@dioread_nolock}]}, 0x2, 0x455, &(0x7f0000000a80)="$eJzs28tvG8UfAPDv2k766+uXUMqjD2igICoQSZMW6IFDi0DiABISHMoxJGlV6jaoCRKtKggcyhFV4o44IvEXcIILAk5IXOGOKlWolxZOi9beTZ3EDo7jxGn9+Ugbz+xDM1/Pjj2zEwfQt0ayP0nEroj4PSKG6tmlJ4zUX+7cujr1962rU0mk6dt/JbXzbt+6OlWcWly3s8gs1PMHmpQ7d/nK+clqdeZSnh+bv/DB2NzlK8+fuzB5dubszMWJEyeOHxt/6cWJF1pXPmk/zqxOt/d/PHtw3+vvXn9z6vT1937+NiniXxZHl4w02VcuEk93ubBe292QTip5otyjytC2rImy5hqo9f+hKEdl8dhQvPZZTysHbKg0TdPBVgeTWEiB+1gSva4B0BvFV302/y22TRt8bAE3T9UnQFncd/KtfqQSpfycgWXz227KZlunF/75KttiY55DAAAs8f2p+uvK8V8pHm4472S+NjQcEQ9ExJ6IeDAi9kbEQxG1cx+JiEcbrmlneWb5IsnK8U/pRmeRtScb/72cr20tHf8Vo78YLue53bX4B5Iz56ozRyPi/xFxJAa2ZfnxVcr44dXfvmh1bKRh/JdtWfnFWDCvx43KtqXXTE/OT64n5kY3P43YX2kWf7K4EpC1476I2H+oszLOPfvNwVbH/jv+VVQ6q0+j9OuIZ+rtvxDL4i8kq69Pjv0vqjNHx4q7YqVffr32Vqvy1xV/F2Ttv6Pp/b8Y/3DSuF47t/Yyrv3xecs5Taf3/2DyTi1dPLv+aHJ+/tJ4xGDyRr7/5N39E3evLfLF+Vn8Rw437/974u47cSAispv4sYh4PCIO5XV/IiKejIjDq8T/0ytPvd95/Bsri396Te2/9kT5/I/fLSl0eJX4k2jS/sdrqSP5nnY+/9qt4HrfPwAAALgXlCJiVySl0cV0qTQ6Wv9/+b2xo1SdnZt/7szshxen678RGI6BUvGka6jheeh4/sSgyE/k0/wifyx/bvxleXstPzo1W53udfDQ53a26P+ZP/1+A+5/XVhHA+5Rnfb/NE0/6XJVgE3m+x/6l/4P/atJ/9++LL9ts+oCbK5m3/8m9tAfjP+hf+n/0L/0f+hf+j/0pfX8rr9riezzZwtUo+1Emvao9MHex76YiNKWqIbEBiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8GAAD//zV058U=") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 24.545599592s ago: executing program 4 (id=420): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) prctl$PR_SET_THP_DISABLE(0x29, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') 22.494317769s ago: executing program 4 (id=425): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000580)={0x10}, 0x10) write$FUSE_BMAP(r2, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_INIT(r2, &(0x7f00000002c0)={0x50}, 0x50) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) fdatasync(r3) 22.48104299s ago: executing program 4 (id=429): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) keyctl$reject(0x13, 0x0, 0x0, 0x200, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000200)=0x8) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f00000005c0)=0x3, 0x4) sendmsg$netlink(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="280000005e0001060000000000000018003b"], 0x28}], 0x1}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, 0x0, 0x0) write$cgroup_int(r1, &(0x7f0000000100), 0x12) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x5b3f, &(0x7f0000000000)={0x0, 0x0, 0x2}, 0x0, 0x0) 19.731952711s ago: executing program 4 (id=436): sigaltstack(&(0x7f0000000100)={&(0x7f00000000c0)=""/51, 0x0, 0xfffffffffffffe55}, &(0x7f0000000140)={&(0x7f0000000080)=""/49, 0x0, 0x3e}) r0 = gettid() r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, &(0x7f0000000040)={r0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120600000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = memfd_create(&(0x7f0000001440)='-\x88\x8cG\xf3\xbd\xbd\xe2\xd0@\x1e\x8b\xf4\x87\xe5I\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdbQ\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x1e\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf8\xdah\x94:\x9cc\x10d\xee\xa7\x8b\x066\xb8G\xd1c\xe1$\xe8\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xf5\xcc\x82n=\x7f=\xcdJxR\xa5~\xb80a\xa9\xb2\x04K\x98\x93=\xabw\x05\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00_\x99=\x12\xb3\x15\x1b?\xd7\x95\xc4\x85y\xef\xef\xff\xff\xff\xff\xff\xff\xff\xff\xb3\x02\x03\x00\x00\x00\x00\x00\x00\x00\xf6\xed\xc7\x80\xa5Pj\xa4\x06', 0x0) r5 = dup(r4) fanotify_mark(r5, 0x2, 0x1808, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001680)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x5}]}]}}, &(0x7f0000000680)=""/4096, 0x32, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x20) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000200), 0x3, 0x55b, &(0x7f0000000b00)="$eJzs3c9vHFcdAPDvjH+sk6Z1Aj1AVUiAQkBR1vGmjapemlxAqKqEqDggDqmxN5bJbjZk16U2kXD/BpBAcII/gQMSB6SeOHDjiMQBIZUDUoAIlCCBtGhmx87G3lU33V/E+/lIk5k3b95834sz+96+dfYFMLPORcReRCxGxNsRsVycT4otrna27LoH9++uP7x/dz2Jdvutvyd5fnYuuspkninuuRQRX/9KxLeTo3GbO7s312q16p0ivdKq315p7uxe3KqvbVY3q7cqlSurVy69evmVysjaerb+y3tf3nrjG7/59ac++P3el76fVetUkdfdjlHqNH3hIE5mPiLeGEewKZgr9otHcl7sXeDqeOvDk0kj4mMR8dn8+V+OufxfJwBwnLXbP432cncaADju0nwOLEnLEZGmxSCg3JnDez5OprVGs3XhRmP71kZnrux0LKQ3tmrVS2dKf/xufvFCkqVX87w8P09XDqUvR8SZiPhR6USeLq83ahvTGfIAwMx7prv/j4h/ldK0XB6oaI9P9QCAp8bStCsAAEyc/h8AZo/+HwBmzwD9f/Fh/97Y6wIATIb3/wAwe/T/ADB7nrT/L42pHgDARHztzTezrf2w+P7rjXd2tm823rm4UW3eLNe318vrjTu3y5uNxmb+nT31xwqf6DouxgS1RuP26sux/e5Kq9psrTR3dq/XG9u3Wtfz7/W+Xl2YaOsAgF7OnH3/D0lE7L12It+iay0HfTUcb+m0KwBMzdwwhQ0Q4KlmtS+YXQN14fkg4XdjrwswHT2/zHup5+HjfvIEQfyeMfxfOf/Jwef/j67xDDzNzP/D7Ppo8/+vj7wewOSZ/4fZ1W4nh9f8XzzIAgCOpSF+ha/9g1ENQoCp+rDFvEfy+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcM6ci4juRpOV8LfA0+zMtlyOejYjTsZDc2KpVL0XEc3E2IhZKWXp12pUGAIaU/jUp1v86v/zSqcO5i8m/S/k+Ir73s7d+/O5aq3VnNTv/j4Pzpf3lwyqPyg2xriAAMJh2acAL8/67Uuy73sg/uH93fX8bVyV7uXct/lssRbz+8P7dfOvkzEd2MmIpH0uc/GcS80WZpYh4ISLmRhB/772I+ESv9if53MjpYuXT7vhRxH52ovHTx+KneV5nnw2+Pj6CusCsef9aRFzt9fylcS7f937+l/JXqOHdu9a52f5r38Ou+PNFpLke8bNn/tygMV7+7VePnGwvd/Lei3hhvlf85CB+0if+SwPG/9OLn/7h633y2j+POB+943fHWmnVb680d3YvbtXXNqubS1GpXFm9cunVy69UVvI56pX9meqj/vbahef61S1r/8k+8Zd6tn/xoOznB2z/L/7z9rc+8yhZOhz/i5/r/fN/vmf8jqxP/MLjYdr94q+d/FXf5buz+Bt92v9hP/8LgzQ+Ij74y+7GgJcCABPQ3Nm9uVarVe8MdZC9Cx3FfY4cZFUc7OL94eJwQf8c42jFRzxYGNff6tgP5g/GiqO98zezO064OenIWzHUwYNJxZreaxIwGY8e+mnXBAAAAAAAAAAAAAAA6GcS/3Vp2m0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+PpfAAAA///hvs8g") 9.373212616s ago: executing program 3 (id=462): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) prctl$PR_SET_THP_DISABLE(0x29, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') 8.067848555s ago: executing program 3 (id=464): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000300), 0xe, 0x4f8, &(0x7f0000000ac0)="$eJzs3U9vG2kZAPBnJnGbtCnJAodlJXZX7KJ0BeskDW0jDqVIiJ4qAeVeQuJEUZw4ip22iSqaig+AhBAgceqJC98ACfXAB0BISHBH/BWCFg4cACOPx23q2nHUdewq+f2kid/39Yyf553I8+8deQI4td6NiOsRMRIRH0TEZN6e5tONRmW/Od/TJ/eXGlMS9fqtvyeR5G3tn3m+uUiMRcQ3bkR8O3k5bnV3b32xXC5t5/WZ2sbWTHX3bF4tbc7Pz11ZuLpweWG2L/1s9OvaV/70w+/99KvXfvH5u7+//deL32mkNZG/36kf/dDseiFbFy2jEbF9HMGGYCR/LfSc85fHngsAAL01jvE/HhGfyY7/J2MkOzoFAAAATpL6lybiP0lEHQAAADix0uwe2CQt5vcCTESaFovNe3g/GefScqVa+9xKZWdzuXmv7FQU0pW1cmk2v6d2KgpJoz6XlZ/XL7XV5yPijYj4weR4Vi8uVcrLw774AQAAAKfE+bbz/39NNs//AQAAgBNmatgJAAAAAMfuhfP/R8PLAwAAADg+xv8BAADgRPvazZuNqd56/vXynd2d9cqdD5dL1fXixs5ScamyvVVcrVRWs9/s2+j1eeVKZesLsblzb6ZWqtZmqrt7tzcqO5u122svPAIbAAAAGKA33nn8uyQi9r84nk0NZ4adFDAQSa8ZDl61++Px5gIM1siwEwCGZnTYCQBDUxh2AsDQ9boO0PXmnV/1PxcAAOB4TH/q2fj/eKutNf7f+9pAz9FD4DWWDjsBAGDgXnH8P9nvdyLAwBXcAQin3sfaG5KIg/v4jz7+X6+/Sl4AAED/TGRTkhbzscCJSNNiMeJC9liAQrKyVi7N5ucHv50snG3U57IlE6P/AAAAAAAAAAAAAAAAAAAAAAAAAHBE9XoSdQAAAOBEi0j/kuRP8p+efH+i/frAmeTfk9lrRNz9ya0f3Vus1bbnGu3/eNZe+3HefsnzxAEAAOB10DpPb53HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA/PX1yf6k1vfTmmeOL+7cvR8RUp/ijMZa9jkUhIs79M4nRA8slETHSh/j7DyPizU7xk0ZaMdXIYqRz/PFBxe/Q/zQizvchPpxmjxvbn+udvn9pvJu9tn//LmR/G+U/9yF+9+1f+mz7N9Jl+3fhiDHe2j8k/sOIt0Y7b39a8ZMu8d87YvxvfXNvr9t79UcR0x33P8kLsWZqG1sz1d29D9c2FldLq6XN+fm5KwtXFy4vzM6srJVL+d/2RTPf//TP/3dY/891iT/V7P873fr/fs+eNxP572/uPflEs6HQKf7F9zrvf99sxn9p/af5vu+zeflpvf5gOi8n+831edDbP/v124f1f7lL/3v9/y/27H/D4tkPvv7dPxxpVgBgIKq7e+uL5XJpW6FzoV63opqFqXgt0lDoXGh9o4++VIwdNk/n7cWDQW2YAACAvnt+0D/sTAAAAAAAAAAAAAAAAAAAAOD0GsTvk7XHPOTnqAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhub/AQAA//9NgtFt") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000001480)=ANY=[@ANYBLOB="85000000610000005400000000000000950000000000000015c5d2d381407590995e979c8ab80e29de2978c8f52cc29c2bff0766e0614b449dba3c3e908576de010eb930ccc2"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x0, 0xe40, 0x0, &(0x7f00000000c0)="5cdd3086ddffff6633c9bbac88a8862608dffd00139fb7a884bdfc14f4870800", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = open(&(0x7f0000000140)='./bus\x00', 0x14937e, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4) recvmmsg(r3, &(0x7f0000001980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x41, 0x0) r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r4, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0) r5 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r5, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"}) io_submit(0x0, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) 7.734863795s ago: executing program 2 (id=465): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x4040, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe) shutdown(r3, 0x1) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000180)=0x6, 0x4) recvmmsg(r3, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0) 6.79573652s ago: executing program 2 (id=467): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e2a4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, &(0x7f0000000080)=0x3, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000340)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 6.719497227s ago: executing program 3 (id=469): mkdir(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x15) dup(0xffffffffffffffff) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup2(r0, r1) sendmmsg$inet(r2, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a00)="316f825a3d29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458", 0x51}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="d0", 0x1}], 0x1}}], 0x2, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)=ANY=[], 0x2b8}}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001) 6.467694291s ago: executing program 3 (id=471): syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000040)=@filter={'filter\x00', 0xe, 0x4, 0x268, 0xffffffff, 0xf8, 0xf8, 0x0, 0xffffffff, 0xffffffff, 0x2c0, 0x2c0, 0x2c0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @private, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_vlan\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8) socket$nl_route(0x10, 0x3, 0x0) dup(0xffffffffffffffff) syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x18008, &(0x7f0000000500)=ANY=[@ANYRES32=0x0, @ANYBLOB="4d54f0c51cfb793cd3"], 0xfb, 0x4b1, &(0x7f0000000f00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") creat(&(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) mknodat$null(0xffffffffffffffff, 0x0, 0x2000, 0x103) r0 = open_tree(0xffffffffffffffff, &(0x7f0000000640)='\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r0, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r1 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x4c02, &(0x7f0000000140)) unlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001ec0), 0x1, 0x475, &(0x7f0000000940)="$eJzs3Mtv3MQfAPCvvUnf+SW/Uh59AIGCiHgkTVqgByQEAqkXJCQ4lGNI06o0bVATJFpFNCBUjqh/AXADib+AE1wQcKLiCneEVKFcWjggI+/a6eaxIZvNdtvu5yO5nbHHnhmPJx574gTQtQbzf5KIXRHxa0T016JLEwzW/ruxMDfx18LcRBJZ9safSTXd9YW5iTJpud/OIjKURqQfJ7F/lXxnLlw8Mz41NXm+iI/Mnn13ZObCxWdOnx0/NXlq8tzY0aNHDo8+/9zYs5tSz768rPs+mD6w99hbV16bOH7l7R+/zsu7q9h+fWFuy9I9BlrOczAGl57LOo+3fPTbS19dOOnpYEFoSiUi8ubqrfb//qjEzcbrj1c/6mjhgLbKsizbumJtpQzMZ8BdLIlOlwDojPJGnz/Hl8stHH503LWXag9Aeb1vFEttS0+k+TP8QO3ZqK9N+Q9GxPH5vz/Ll1j2PgUAoB2+zcc/T682/kvjvrp0/yvmhgYi4v8RsTsi7omIPRFxb0Q17f0R8UCT+Q8ui68c/1zd3njvL1ueacjHfy8Uc1tLx39pmWSgUsT6qvXvTU6enpo8VJyToejdmsdH18jju1d++bTRtvrxX77k+ZdjwaIcf/Qse0F3Ynx2vJU617v2YcS+ntXqnyzOBCQRsTci9m3g+Pk5O/3kVwcabf/v+q9hE+aZsi8inqi1/3wsq38pWXt+cmRbTE0eGimvipV++vny643yb6n+myBv/x2rXv+L9R9I6udrZ5rP4/JvnzR8pmnm+u8t1uTX/5bkzWq4nLR9f3x29vxoxJZkfuX6sZtHK+Nl+rz+QwdX7/+7I/75vNhvf0TkF/GDEfFQRDxclP2RiHg0Ig6uUf8fXn7snY3Xv73y+p9oqv2bD1TOfP9No/zX1/5HqqGhYs16fv7VMt9WxBoXcKPnDQAAAO4kafV34JN0eDF8057YkU5Nz8w+dXL6vXMnatsGojct33T1170PHS3eDZfxsWXxw9X3xlmWZdur8eGJ6al2zakD67NzRf9P0+Hh2rbfK0vTvtiREgJt1dQ8WqMv2oA7ku81oXuto/+768Ndyv0fupf+D91rtf5/KeJGB4oC3GLu/9C99H/oXvo/dC/9H7rSOr/iv5pGNPXt/+5jrfzFgG4KVFo+TkQnCh9px0/dxgPp7VGMWmBrrL8FL0WbilH+QdDFNZ3+yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA5/g0AAP//el/opQ==") openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) 6.276157438s ago: executing program 2 (id=472): r0 = socket(0x200000100000011, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x4, 0x7, 0x3, 0x9}]}, 0x10) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="2c000000410000000700034000000000d96e6c8d6c85080042"], 0x2c}], 0x1}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @local}) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) setsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000140), 0x4) sendmsg$NFT_MSG_GETCHAIN(r3, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x4, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_COUNTERS={0x34, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x6}]}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x68}}, 0x0) 5.626732347s ago: executing program 1 (id=474): io_setup(0x1000, &(0x7f0000000280)=0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) io_submit(0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x42, 0x0) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0xfffffc98}]) 5.626226867s ago: executing program 2 (id=476): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x400000}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x100042}, 0x10) close(r0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x4788, &(0x7f0000000000)=[{&(0x7f0000000140)="d800000019008111e0020f060d8107040a60090000020000000455a1bc00090008000699e3ffffff140005000800000006000567b8b7b94002000009080016060000000000000074d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000003009060c94bb217b574fd01508eaf4810c7c3ffb261b9ab6b377e56473d4fc609c21f1fb66ded34281df267a9dcadceb6d4a415d0a684d747bb0fc6f1f46147d3c96dc4e09c121a88c68e13fe80d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010067656e65766500001000028005000a000000000004000e00"], 0x40}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x0, 0x7}, 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r4) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x28, r5, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}]}, 0x28}}, 0x0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), r4) 5.611710928s ago: executing program 0 (id=477): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SOUND_MIXER_WRITE_VOLUME(0xffffffffffffffff, 0xc0044d01, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) syz_open_dev$dri(0x0, 0xcfb7, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001480), 0x0, 0x0) preadv(r1, &(0x7f0000001800)=[{&(0x7f0000001540)=""/255, 0xff}], 0x1, 0xfffffc00, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x3, 0x0, 0x0) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)={0x6c, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x36}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0xfffffffd, @mcast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0) 5.605495749s ago: executing program 3 (id=478): openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r2 = fanotify_init(0x0, 0x0) fanotify_mark(r2, 0x105, 0x40001032, r1, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000640)=ANY=[@ANYBLOB="020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000008ba4"]) ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140)) 4.677282194s ago: executing program 1 (id=479): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x4040, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe) shutdown(r3, 0x1) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000180)=0x6, 0x4) recvmmsg(r3, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0) 4.676484884s ago: executing program 2 (id=480): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'tunl0\x00', 0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) connect$can_bcm(r4, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000080)={&(0x7f0000000100)={0x5, 0x400, 0x0, {0x77359400}, {0x77359400}, {0x0, 0x0, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x0, 0x2, 0x0, 0x0, "8d416cfa6fc2313e"}}, 0x48}}, 0x0) 4.511941139s ago: executing program 0 (id=481): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000080)=0x10000) write$dsp(r0, &(0x7f0000002080)="a5", 0x1) pselect6(0x40, &(0x7f0000002240), &(0x7f0000000800)={0x7f}, 0x0, 0x0, 0x0) 2.407447141s ago: executing program 1 (id=482): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000300), 0xe, 0x4f8, &(0x7f0000000ac0)="$eJzs3U9vG2kZAPBnJnGbtCnJAodlJXZX7KJ0BeskDW0jDqVIiJ4qAeVeQuJEUZw4ip22iSqaig+AhBAgceqJC98ACfXAB0BISHBH/BWCFg4cACOPx23q2nHUdewq+f2kid/39Yyf553I8+8deQI4td6NiOsRMRIRH0TEZN6e5tONRmW/Od/TJ/eXGlMS9fqtvyeR5G3tn3m+uUiMRcQ3bkR8O3k5bnV3b32xXC5t5/WZ2sbWTHX3bF4tbc7Pz11ZuLpweWG2L/1s9OvaV/70w+/99KvXfvH5u7+//deL32mkNZG/36kf/dDseiFbFy2jEbF9HMGGYCR/LfSc85fHngsAAL01jvE/HhGfyY7/J2MkOzoFAAAATpL6lybiP0lEHQAAADix0uwe2CQt5vcCTESaFovNe3g/GefScqVa+9xKZWdzuXmv7FQU0pW1cmk2v6d2KgpJoz6XlZ/XL7XV5yPijYj4weR4Vi8uVcrLw774AQAAAKfE+bbz/39NNs//AQAAgBNmatgJAAAAAMfuhfP/R8PLAwAAADg+xv8BAADgRPvazZuNqd56/vXynd2d9cqdD5dL1fXixs5ScamyvVVcrVRWs9/s2+j1eeVKZesLsblzb6ZWqtZmqrt7tzcqO5u122svPAIbAAAAGKA33nn8uyQi9r84nk0NZ4adFDAQSa8ZDl61++Px5gIM1siwEwCGZnTYCQBDUxh2AsDQ9boO0PXmnV/1PxcAAOB4TH/q2fj/eKutNf7f+9pAz9FD4DWWDjsBAGDgXnH8P9nvdyLAwBXcAQin3sfaG5KIg/v4jz7+X6+/Sl4AAED/TGRTkhbzscCJSNNiMeJC9liAQrKyVi7N5ucHv50snG3U57IlE6P/AAAAAAAAAAAAAAAAAAAAAAAAAHBE9XoSdQAAAOBEi0j/kuRP8p+efH+i/frAmeTfk9lrRNz9ya0f3Vus1bbnGu3/eNZe+3HefsnzxAEAAOB10DpPb53HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA/PX1yf6k1vfTmmeOL+7cvR8RUp/ijMZa9jkUhIs79M4nRA8slETHSh/j7DyPizU7xk0ZaMdXIYqRz/PFBxe/Q/zQizvchPpxmjxvbn+udvn9pvJu9tn//LmR/G+U/9yF+9+1f+mz7N9Jl+3fhiDHe2j8k/sOIt0Y7b39a8ZMu8d87YvxvfXNvr9t79UcR0x33P8kLsWZqG1sz1d29D9c2FldLq6XN+fm5KwtXFy4vzM6srJVL+d/2RTPf//TP/3dY/891iT/V7P873fr/fs+eNxP572/uPflEs6HQKf7F9zrvf99sxn9p/af5vu+zeflpvf5gOi8n+831edDbP/v124f1f7lL/3v9/y/27H/D4tkPvv7dPxxpVgBgIKq7e+uL5XJpW6FzoV63opqFqXgt0lDoXGh9o4++VIwdNk/n7cWDQW2YAACAvnt+0D/sTAAAAAAAAAAAAAAAAAAAAOD0GsTvk7XHPOTnqAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhub/AQAA//9NgtFt") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000001480)=ANY=[@ANYBLOB="85000000610000005400000000000000950000000000000015c5d2d381407590995e979c8ab80e29de2978c8f52cc29c2bff0766e0614b449dba3c3e908576de010eb930ccc2"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x0, 0xe40, 0x0, &(0x7f00000000c0)="5cdd3086ddffff6633c9bbac88a8862608dffd00139fb7a884bdfc14f4870800", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = open(&(0x7f0000000140)='./bus\x00', 0x14937e, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4) recvmmsg(r3, &(0x7f0000001980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x41, 0x0) r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r4, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0) r5 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r5, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"}) io_submit(0x0, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) 2.354781965s ago: executing program 2 (id=483): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x18}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 2.30370214s ago: executing program 3 (id=484): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) io_setup(0x7, &(0x7f0000000280)=0x0) r4 = openat$sysfs(0xffffff9c, &(0x7f0000000540)='/sys/power/mem_sleep', 0x42, 0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0xfffffc98}]) personality(0x500006) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) 2.005427147s ago: executing program 1 (id=486): socket$inet6(0xa, 0x2, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) socket(0x10, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r1, 0x0, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_qrtr_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240), 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0xd6, &(0x7f0000000480)={0x0, 0x1}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0) 1.75599785s ago: executing program 0 (id=487): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000100)='./file0/file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000140)='./bus\x00') fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) setgroups(0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0xffffffffffffffff, r1) getresgid(&(0x7f0000000080), &(0x7f00000001c0)=0x0, &(0x7f0000000240)) lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000380)={{}, {}, [], {}, [{0x8, 0x0, r1}, {}, {0x8, 0x3, r2}]}, 0x3c, 0x0) chmod(&(0x7f0000000180)='./file0\x00', 0x3b6) setuid(0xee01) creat(&(0x7f0000000600)='./file0\x00', 0x0) 1.565431267s ago: executing program 0 (id=488): r0 = socket$inet(0x2, 0xa, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0145401, &(0x7f0000000000)={{0x3, 0x0, 0x1, 0x1, 0x401}, 0x0, 0x0, 'id0\x00', 'timer0\x00'}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b400000000000000731132000000000016000000000001009500740000000000ba56e23690a87d00935e6c02bdc1aa666714e5893645da93e92b81970ec7"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x21) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="e0000002ac1414aa01"], 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000000080)=ANY=[@ANYBLOB="080040f0"]) 1.562732447s ago: executing program 1 (id=496): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000001080)={[{}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x1f1}}, {@debug}, {@noinit_itable}, {@nodelalloc}, {@usrjquota}, {@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@resgid}]}, 0xfe, 0x44d, &(0x7f0000001580)="$eJzs289vVEUcAPDve9sC8qsVEQVBq2hs/NHSgsrBi0YTD5qY6AGPtS2kslClNRHSaDUGj4bEu/Fo4l/gSS9GPZl41bshIdqYgMZDzdt9r91durU/dtnKfj7Jg5l9szvz3Xmzb3amG0DXGsj+SSJ2R8QvEdFXzdYXGKj+d2NhbvyvhbnxJBYXX/s9qZS7vjA3XhQtnrcrzwymEenHSV5JvZmLl86OlcuTF/L88Oy5t4dnLl56curc2JnJM5PnR0+ePHF85JmnR59qSZxZXNcPvT99+OBLb1x5ZfzUlTd/+Cpr74Ej1fO1cbTKQBb4H4sVjeceaXVlHbanJp30dLAhrEspIrLu6q2M/74oxXLn9cWLH3W0cUBbZfem7c1Pzy8Ct7EkOt0CoDOKG332/bc4btHUY0u49lz1C1AW9438qJ7piTQv09vG+gci4tT8359nR7RpHQIAoNY32fzniZXmf2kcqCm3N99D6Y+IOyNiX0TcFRH7I+LuiErZeyLi3nXW37g1dPP8J726ocDWKJv/PZvvbdXP/4rZX/SX8tyeSvy9yemp8uSx/D0ZjN7tWX5klTq+feHnT5udq53/ZUdWfzEXzNtxtadhgW5ibHasVZPSax9GHOpZKf5kaScgiYiDEXFofS+9t0hMPfbl4WaF/jv+VbRgn2nxi4hHq/0/Hw3xF5LV9yeHd0R58thwcVXc7MefLr/arP5Nxd8CWf/vrL/+G0r0/ZnU7tfOrL+Oy79+0vQ7zUav/23J65U96235Y++Nzc5eGInYlrxcydc9Prr83CJflM/iHzy6vGdZO/735c/J4r8vIrKL+EhE3B8RD+RtfzAiHoqIo6vE//3zD7+18fjbK4t/YsXPv6Xrv7++/9efKJ397utm9a+t/09UUoP5I5XPv1X8807EWhu42fcPAAAA/g/SiNgdSTq0lE7ToaHq3/Dvj51peXpm9vHT0++en6j+RqA/etNipauvZj10JJnPX7GaH83Xiovzx/N1489Kd1TyQ+PT5YkOxw7dbleT8Z/5rdTp1gFt5/da0L0ax3/aoXYAt577P3Qv4x+6l/EP3Wul8f9BQ95eANye3P+hexn/0L2Mf+hexj90pc38rl9i84kdEbEFmrGBRKRtrKK4I22JSLsz0eEPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBb5NwAA//9WWOVg") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000040)={0x7, 0x1}) 1.443326449s ago: executing program 0 (id=489): io_setup(0x1000, &(0x7f0000000280)=0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) io_submit(0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x42, 0x0) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0xfffffc98}]) 35.822837ms ago: executing program 1 (id=490): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80181, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xc8, &(0x7f00000001c0), 0xc) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x10202}) pwrite64(0xffffffffffffffff, &(0x7f00000001c0)="83", 0xfffffffffffffd17, 0x9571) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 0 (id=491): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f8ca44b8874fdf8a"}}, 0x48}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000180)={&(0x7f0000000100)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "b68c52d2be3c0d90"}}, 0x48}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00'}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x4c000) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x50) socket$nl_route(0x10, 0x3, 0x0) close(0x3) kernel console output (not intermixed with test programs): veth1_macvtap: link becomes ready [ 46.789705][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.802036][ T3573] device veth1_macvtap entered promiscuous mode [ 46.821993][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 46.831444][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.851361][ T3575] device veth1_macvtap entered promiscuous mode [ 46.892195][ T3574] device veth0_vlan entered promiscuous mode [ 46.899549][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.909563][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.919113][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.927927][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.949722][ T3573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.961289][ T3573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.980444][ T3573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.991193][ T3573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.002230][ T3573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.013670][ T3573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.025095][ T3573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.035286][ T3573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.046296][ T3573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.057110][ T3573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.068520][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.077838][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.082199][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.109047][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.119015][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.130961][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.140891][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.151415][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.163370][ T3575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.170744][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.180236][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.189403][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.198507][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.208014][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 47.216463][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.225533][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.241605][ T3573] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.251637][ T3573] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.260960][ T3573] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.271168][ T3573] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.291193][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.309004][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.318937][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.330492][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.340949][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.351790][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.363913][ T3575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.375378][ T3574] device veth1_vlan entered promiscuous mode [ 47.392751][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 47.400981][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.410034][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.447810][ T3575] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.454789][ T2669] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.461314][ T3575] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.464658][ T2669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.480893][ T3575] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.489764][ T3575] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.513627][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 47.521855][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 47.530939][ T3618] Bluetooth: hci1: command 0x040f tx timeout [ 47.539929][ T580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.548973][ T580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.564237][ T3618] Bluetooth: hci3: command 0x040f tx timeout [ 47.570291][ T3618] Bluetooth: hci2: command 0x040f tx timeout [ 47.576391][ T3618] Bluetooth: hci0: command 0x040f tx timeout [ 47.613314][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 47.621097][ T3620] Bluetooth: hci4: command 0x040f tx timeout [ 47.637490][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.648144][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.687442][ T3574] device veth0_macvtap entered promiscuous mode [ 47.707422][ T3574] device veth1_macvtap entered promiscuous mode [ 47.721402][ T3626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.752805][ T580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.767927][ T580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.777432][ T3626] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.810096][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 47.824970][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.836268][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 47.845528][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 47.882648][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.892911][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.894671][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.921166][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.933089][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.943782][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.954547][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.965232][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.976505][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.987244][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.999696][ T3574] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.019236][ T3626] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.027962][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 48.042685][ T3626] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.058946][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 48.065281][ T3656] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 48.092110][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.108756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.124819][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.141293][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.313966][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.410451][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.499256][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.584278][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.669574][ T3574] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.760545][ T3574] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.793156][ T3574] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.806286][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.833252][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.888586][ T3574] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.909057][ T3574] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.910044][ T3662] kvm: emulating exchange as write [ 48.920088][ T3574] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.996102][ T3574] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.030068][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.054312][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.104528][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.243918][ T2669] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.252037][ T2669] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.326757][ T580] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 49.341796][ T2669] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.400033][ T2669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.449030][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.643261][ T3652] Bluetooth: hci0: command 0x0419 tx timeout [ 49.649361][ T3652] Bluetooth: hci2: command 0x0419 tx timeout [ 49.655842][ T3652] Bluetooth: hci3: command 0x0419 tx timeout [ 49.663635][ T3652] Bluetooth: hci1: command 0x0419 tx timeout [ 49.682894][ T3652] Bluetooth: hci4: command 0x0419 tx timeout [ 50.461386][ T13] libceph: connect (1)[c::]:6789 error -101 [ 50.475664][ T13] libceph: mon0 (1)[c::]:6789 connect error [ 50.500835][ T3687] ceph: No mds server is up or the cluster is laggy [ 51.164609][ T3671] libceph: connect (1)[c::]:6789 error -101 [ 51.170656][ T3671] libceph: mon0 (1)[c::]:6789 connect error [ 52.425941][ T3708] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 52.507902][ T3720] syz.2.18 uses obsolete (PF_INET,SOCK_PACKET) [ 53.623177][ T3628] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 54.132769][ T3628] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 54.151635][ T3628] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.276179][ T3628] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 54.298123][ T3628] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 54.321363][ T3628] usb 5-1: Manufacturer: syz [ 54.441295][ T3628] usb 5-1: config 0 descriptor?? [ 54.480000][ T3752] loop3: detected capacity change from 0 to 128 [ 54.520161][ T26] audit: type=1326 audit(1727805118.747:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3748 comm="syz.0.26" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe20f235ff9 code=0x0 [ 54.701206][ T3752] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 54.792636][ T3628] rc_core: IR keymap rc-hauppauge not found [ 54.795269][ T3752] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038 (0x7fffffff) [ 54.809345][ T3628] Registered IR keymap rc-empty [ 54.875381][ T3727] udc-core: couldn't find an available UDC or it's busy [ 54.893224][ T3628] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 54.912627][ T3727] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 54.924147][ T3628] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input5 [ 54.935504][ T3758] loop1: detected capacity change from 0 to 512 [ 55.009735][ T3758] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.28: casefold flag without casefold feature [ 55.057186][ T3628] usb 5-1: USB disconnect, device number 2 [ 55.072145][ T3758] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.28: couldn't read orphan inode 15 (err -117) [ 55.092842][ T3758] EXT4-fs (loop1): mounted filesystem without journal. Opts: noquota,journal_dev=0x0000000000000007,quota,init_itable=0x0000000000000004,errors=continue,errors=continue,data_err=ignore,delalloc,jqfmt=vfsold,norecovery,errors=continue,errors=continue,,errors=continue. Quota mode: writeback. [ 55.282319][ T3758] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.28: Directory hole found for htree leaf block 0 [ 55.875986][ T3758] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.28: Directory hole found for htree leaf block 0 [ 56.429728][ T26] audit: type=1326 audit(1727805120.627:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3757 comm="syz.1.28" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x0 [ 56.451161][ C1] vkms_vblank_simulate: vblank timer overrun [ 56.535892][ T3775] loop0: detected capacity change from 0 to 4096 [ 56.561555][ T3775] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 56.567640][ T3773] dccp_close: ABORT with 9144 bytes unread [ 56.588370][ T3776] loop4: detected capacity change from 0 to 16 [ 56.612318][ T3775] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 56.635234][ T3778] netlink: 'syz.3.33': attribute type 9 has an invalid length. [ 56.687898][ T3778] netlink: 'syz.3.33': attribute type 7 has an invalid length. [ 56.690883][ T3776] erofs: (device loop4): mounted with root inode @ nid 36. [ 56.701422][ T3778] netlink: 'syz.3.33': attribute type 8 has an invalid length. [ 56.862075][ T3776] attempt to access beyond end of device [ 56.862075][ T3776] loop4: rw=0, want=40, limit=16 [ 56.924601][ T3781] erofs: (device loop4): z_erofs_readahead: readahead error at page 3599 @ nid 36 [ 57.180395][ T3786] IPv6: NLM_F_REPLACE set, but no existing node found! [ 58.551351][ T3792] loop1: detected capacity change from 0 to 32768 [ 58.574070][ T3792] XFS: noikeep mount option is deprecated. [ 59.171014][ T3792] XFS (loop1): Mounting V5 Filesystem [ 59.492309][ T3792] XFS (loop1): Ending clean mount [ 59.522671][ T3792] XFS (loop1): Quotacheck needed: Please wait. [ 60.068858][ T3792] XFS (loop1): Quotacheck: Done. [ 60.318908][ T3575] XFS (loop1): Unmounting Filesystem [ 61.688136][ T3848] kvm: pic: level sensitive irq not supported [ 61.688413][ T3848] kvm: pic: non byte read [ 61.698465][ T580] ntfs3: loop0: ntfs3_write_inode r=5 failed, -22. [ 61.714803][ T3848] kvm: pic: level sensitive irq not supported [ 61.714862][ T3848] kvm: pic: non byte read [ 61.890415][ T3861] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 62.383152][ T26] audit: type=1326 audit(1727805126.577:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3857 comm="syz.1.49" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x0 [ 62.598903][ T26] audit: type=1326 audit(1727805126.597:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3857 comm="syz.1.49" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x0 [ 63.045359][ T3882] loop3: detected capacity change from 0 to 1024 [ 63.502171][ T3882] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 63.792919][ T3893] loop2: detected capacity change from 0 to 256 [ 65.243640][ T3911] loop2: detected capacity change from 0 to 256 [ 65.296406][ T3911] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 65.479707][ T3914] loop1: detected capacity change from 0 to 512 [ 65.540012][ T3914] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 65.582273][ T3909] team0 (unregistering): Port device team_slave_0 removed [ 65.626603][ T3909] team0 (unregistering): Port device team_slave_1 removed [ 66.162657][ T3618] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 66.553279][ T3618] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 66.581261][ T3618] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 66.591377][ T3563] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 66.644653][ T3618] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.767956][ T3618] usb 2-1: config 0 descriptor?? [ 66.777117][ T3671] Bluetooth: hci0: command 0x0c1a tx timeout [ 66.828452][ T3618] pwc: Askey VC010 type 2 USB webcam detected. [ 66.961479][ T3576] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /16/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 66.991092][ T3576] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.015519][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.029423][ T3576] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /16/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.053202][ T3563] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 67.060857][ T3576] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.091195][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.108480][ T3576] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /16/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.112622][ T3618] pwc: send_video_command error -71 [ 67.151505][ T3576] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.153104][ T3563] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 67.180630][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.200227][ T3576] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /16/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.242541][ T3618] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 67.250288][ T3618] Philips webcam: probe of 2-1:0.0 failed with error -71 [ 67.277134][ T3563] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.287307][ T3576] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.300569][ T3618] usb 2-1: USB disconnect, device number 2 [ 67.333150][ T3563] usb 1-1: config 0 descriptor?? [ 67.339282][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.385793][ T3563] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 67.403284][ T3576] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /16/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.440264][ T3931] loop2: detected capacity change from 0 to 32768 [ 67.468496][ T3576] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 67.504122][ T3932] chnl_net:caif_netlink_parms(): no params data found [ 67.514657][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.531960][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.551837][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.560084][ T3931] XFS (loop2): Mounting V5 Filesystem [ 67.570885][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.590092][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.637736][ T3576] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #11: comm syz-executor: directory missing '.' [ 67.660835][ T3932] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.680251][ T3932] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.696353][ T3932] device bridge_slave_0 entered promiscuous mode [ 67.705146][ T3932] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.712293][ T3932] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.723144][ T3932] device bridge_slave_1 entered promiscuous mode [ 67.753312][ T3932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.765624][ T3932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.806388][ T3563] usb 1-1: USB disconnect, device number 2 [ 67.833812][ T3931] XFS (loop2): Ending clean mount [ 67.852293][ T3932] team0: Port device team_slave_0 added [ 67.868084][ T3932] team0: Port device team_slave_1 added [ 67.907620][ T3932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.915271][ T3932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.975435][ T3932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.995324][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 68.013693][ T26] audit: type=1800 audit(1727805132.237:6): pid=3931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.76" name="bus" dev="loop2" ino=9287 res=0 errno=0 [ 68.030315][ T3932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.066379][ T3932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.119494][ T3932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.257675][ T3932] device hsr_slave_0 entered promiscuous mode [ 68.278526][ T3932] device hsr_slave_1 entered promiscuous mode [ 68.286088][ T3932] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.297069][ T3932] Cannot create hsr debugfs directory [ 68.352007][ T9] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 620 with error 28 [ 68.391734][ T9] EXT4-fs (loop3): This should not happen!! Data will be lost [ 68.391734][ T9] [ 68.432550][ T9] EXT4-fs (loop3): Total free blocks count 0 [ 68.446379][ T3931] syz.2.76 (3931) used greatest stack depth: 17336 bytes left [ 68.468185][ T9] EXT4-fs (loop3): Free/Dirty block details [ 68.492637][ T9] EXT4-fs (loop3): free_blocks=68451041280 [ 68.515402][ T9] EXT4-fs (loop3): dirty_blocks=624 [ 68.719295][ T9] EXT4-fs (loop3): Block reservation details [ 68.738483][ T3577] XFS (loop2): Unmounting Filesystem [ 68.774492][ T9] EXT4-fs (loop3): i_reserved_data_blocks=39 [ 68.963742][ T3696] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.290116][ T3618] Bluetooth: hci0: command 0x0406 tx timeout [ 69.296750][ T3563] Bluetooth: hci5: command 0x0409 tx timeout [ 69.696878][ T3696] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.850111][ T3696] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.308872][ T3696] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.799937][ T3965] loop1: detected capacity change from 0 to 32768 [ 71.005698][ T3932] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.322432][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 71.332164][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 71.352495][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!! [ 71.361540][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!! [ 71.370549][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.379691][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.388733][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.398208][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.407788][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.417348][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 71.812657][ T1394] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.820642][ T1394] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.827861][ T1075] Bluetooth: hci5: command 0x041b tx timeout [ 72.172859][ T3618] Bluetooth: hci3: command 0x0409 tx timeout [ 72.268868][ T4002] loop1: detected capacity change from 0 to 128 [ 72.347619][ T4004] sctp: [Deprecated]: syz.2.95 (pid 4004) Use of int in maxseg socket option. [ 72.347619][ T4004] Use struct sctp_assoc_value instead [ 72.416303][ T26] audit: type=1804 audit(1727805136.647:7): pid=4002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.92" name="/newroot/16/file2/file0" dev="loop1" ino=1048602 res=1 errno=0 [ 72.465867][ T4010] binder: 4009:4010 ioctl c018620b 20000380 returned -14 [ 72.498271][ T3932] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.136931][ T3932] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.257037][ T3973] chnl_net:caif_netlink_parms(): no params data found [ 73.330024][ T4025] loop2: detected capacity change from 0 to 4096 [ 73.351855][ T4030] loop1: detected capacity change from 0 to 16 [ 73.412850][ T3932] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.464870][ T4030] erofs: (device loop1): mounted with root inode @ nid 36. [ 73.550939][ T4032] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 73.614341][ T26] audit: type=1800 audit(1727805137.847:8): pid=4025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.100" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 73.758313][ T4037] erofs: (device loop1): z_erofs_readahead: readahead error at page 22 @ nid 36 [ 73.767913][ T4037] erofs: (device loop1): z_erofs_readahead: readahead error at page 21 @ nid 36 [ 73.777049][ T4037] erofs: (device loop1): z_erofs_readahead: readahead error at page 20 @ nid 36 [ 73.786822][ T4037] erofs: (device loop1): z_erofs_readahead: readahead error at page 16 @ nid 36 [ 73.796043][ T4037] erofs: (device loop1): z_erofs_map_blocks_iter: unknown type 3 @ offset 45055 of nid 36 [ 73.805995][ T4037] erofs: (device loop1): z_erofs_readahead: readahead error at page 10 @ nid 36 [ 73.815729][ T4037] attempt to access beyond end of device [ 73.815729][ T4037] loop1: rw=524288, want=6536, limit=16 [ 73.827214][ T4037] attempt to access beyond end of device [ 73.827214][ T4037] loop1: rw=524288, want=34359736344, limit=16 [ 73.839339][ T4037] attempt to access beyond end of device [ 73.839339][ T4037] loop1: rw=524288, want=736, limit=16 [ 73.854432][ T4037] attempt to access beyond end of device [ 73.854432][ T4037] loop1: rw=524288, want=536576872, limit=16 [ 73.866540][ T4037] attempt to access beyond end of device [ 73.866540][ T4037] loop1: rw=524288, want=24, limit=16 [ 73.877809][ T4037] attempt to access beyond end of device [ 73.877809][ T4037] loop1: rw=524288, want=13478624040, limit=16 [ 74.065244][ T3619] Bluetooth: hci5: command 0x040f tx timeout [ 74.528238][ T3618] Bluetooth: hci3: command 0x041b tx timeout [ 74.646216][ T3973] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.665127][ T3973] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.676995][ T3973] device bridge_slave_0 entered promiscuous mode [ 74.730436][ T4048] netlink: 20 bytes leftover after parsing attributes in process `syz.1.104'. [ 74.795332][ T3973] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.802428][ T3973] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.831567][ T3973] device bridge_slave_1 entered promiscuous mode [ 74.867242][ T3932] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 74.924740][ T3932] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 74.949357][ T3932] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 74.985165][ T3973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.133528][ T3932] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 75.157795][ T3973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.288923][ T3973] team0: Port device team_slave_0 added [ 75.379138][ T3973] team0: Port device team_slave_1 added [ 75.757735][ T3973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.786020][ T3973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.877264][ T3973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.915264][ T3973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.934994][ T3973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.000233][ T3973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.031184][ T3932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.083974][ T4081] loop1: detected capacity change from 0 to 1764 [ 76.221585][ T3932] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.282130][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.291404][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.398287][ T3973] device hsr_slave_0 entered promiscuous mode [ 76.412702][ T1301] cfg80211: failed to load regulatory.db [ 76.443702][ T3973] device hsr_slave_1 entered promiscuous mode [ 76.471198][ T3973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.502732][ T3973] Cannot create hsr debugfs directory [ 76.572739][ T13] Bluetooth: hci3: command 0x040f tx timeout [ 76.572793][ T13] Bluetooth: hci5: command 0x0419 tx timeout [ 76.595473][ T3696] device hsr_slave_0 left promiscuous mode [ 76.601837][ T3696] device hsr_slave_1 left promiscuous mode [ 76.603132][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.603213][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.604594][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.604620][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.605402][ T3696] device bridge_slave_1 left promiscuous mode [ 76.606777][ T3696] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.622312][ T3696] device bridge_slave_0 left promiscuous mode [ 76.622523][ T3696] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.700888][ T3696] device veth1_macvtap left promiscuous mode [ 76.701087][ T3696] device veth0_macvtap left promiscuous mode [ 76.701175][ T3696] device veth1_vlan left promiscuous mode [ 76.701346][ T3696] device veth0_vlan left promiscuous mode [ 76.805252][ T4116] loop2: detected capacity change from 0 to 512 [ 76.907795][ T4116] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 76.950907][ T4118] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 76.958852][ T4116] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 77.022942][ T4116] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.116: invalid indirect mapped block 512 (level 0) [ 77.049313][ T4116] EXT4-fs (loop2): Remounting filesystem read-only [ 77.059961][ T4116] EXT4-fs (loop2): 1 orphan inode deleted [ 77.066991][ T4116] EXT4-fs (loop2): 1 truncate cleaned up [ 77.073429][ T4116] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 77.202942][ T4122] loop1: detected capacity change from 0 to 8192 [ 77.226882][ T4122] loop1: p1 < > p2 p3 [ 77.269651][ T3696] team0 (unregistering): Port device team_slave_1 removed [ 77.281974][ T3577] EXT4-fs error (device loop2): ext4_map_blocks:628: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1) [ 77.317652][ T3577] EXT4-fs (loop2): Remounting filesystem read-only [ 77.327317][ T3577] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block [ 77.328970][ T3696] team0 (unregistering): Port device team_slave_0 removed [ 77.398818][ T3696] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.439308][ T3696] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.535311][ T3696] bond0 (unregistering): Released all slaves [ 77.610198][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.621882][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.630523][ T3698] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.637647][ T3698] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.645500][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.656519][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.665383][ T3698] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.672508][ T3698] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.680407][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.692517][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.745461][ T4122] netlink: 56 bytes leftover after parsing attributes in process `syz.1.118'. [ 77.805964][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.833660][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.872359][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.909893][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.934801][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.962408][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.980905][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.991118][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.022852][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.044678][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.109634][ T3932] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.645717][ T3618] Bluetooth: hci3: command 0x0419 tx timeout [ 80.099250][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.113470][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 80.191462][ T3932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.167311][ T26] audit: type=1326 audit(1727805145.397:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20f235ff9 code=0x7ffc0000 [ 81.252616][ T26] audit: type=1326 audit(1727805145.417:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fe20f235ff9 code=0x7ffc0000 [ 81.342173][ T26] audit: type=1326 audit(1727805145.417:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20f235ff9 code=0x7ffc0000 [ 81.369490][ T26] audit: type=1326 audit(1727805145.417:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20f235ff9 code=0x7ffc0000 [ 81.398265][ T26] audit: type=1326 audit(1727805145.417:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe20f234990 code=0x7ffc0000 [ 81.477293][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 81.492887][ T3619] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 81.512700][ T26] audit: type=1326 audit(1727805145.417:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe20f235bfb code=0x7ffc0000 [ 81.535658][ T26] audit: type=1326 audit(1727805145.417:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe20f235bfb code=0x7ffc0000 [ 81.560222][ T26] audit: type=1326 audit(1727805145.447:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe20f235bfb code=0x7ffc0000 [ 81.582839][ T26] audit: type=1326 audit(1727805145.447:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe20f235bfb code=0x7ffc0000 [ 81.605087][ T26] audit: type=1326 audit(1727805145.767:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4143 comm="syz.0.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe20f235bfb code=0x7ffc0000 [ 81.647462][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 81.659642][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 81.692834][ T3618] Bluetooth: hci4: command 0x0409 tx timeout [ 81.695179][ T4146] chnl_net:caif_netlink_parms(): no params data found [ 81.811189][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 81.831636][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.865088][ T3932] device veth0_vlan entered promiscuous mode [ 81.888408][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.903086][ T3619] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 81.922430][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.922501][ T3619] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 81.986722][ T3932] device veth1_vlan entered promiscuous mode [ 82.016561][ T3973] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.033037][ T3619] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 82.042110][ T3619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 82.058394][ T3973] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.112542][ T3619] usb 1-1: SerialNumber: syz [ 82.174368][ T3973] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.221414][ T3932] device veth0_macvtap entered promiscuous mode [ 82.243479][ T3973] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.257107][ T3932] device veth1_macvtap entered promiscuous mode [ 82.327545][ T4146] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.354652][ T4146] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.369831][ T3619] usb 1-1: 0:2 : does not exist [ 82.393314][ T4146] device bridge_slave_0 entered promiscuous mode [ 82.433192][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 82.442146][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 82.483721][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 82.513262][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 82.522669][ T3619] usb 1-1: USB disconnect, device number 3 [ 82.558512][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 82.581412][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.608746][ T3581] udevd[3581]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 82.669008][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.690688][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.724362][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.769674][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.794531][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.830095][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.863456][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.901923][ T3932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.929644][ T4146] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.937002][ T4146] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.963787][ T4146] device bridge_slave_1 entered promiscuous mode [ 82.982609][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 82.990874][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 83.021454][ T3698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.053483][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.072816][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.102491][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.133417][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.152519][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.182507][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.205668][ T3932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.222490][ T3932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.239877][ T3932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.313496][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.327102][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.370201][ T3932] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.388700][ T3932] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.545383][ T3932] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.554170][ T3932] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.568583][ T4146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.295361][ T3563] Bluetooth: hci4: command 0x041b tx timeout [ 84.301697][ T4146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.468634][ T4221] process 'syz.0.135' launched '/dev/fd/-1/./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 84.511116][ T4146] team0: Port device team_slave_0 added [ 84.716832][ T3686] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.738489][ T4146] team0: Port device team_slave_1 added [ 84.767271][ T3686] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.809455][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 84.825891][ T3973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.899816][ T4146] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.924006][ T4146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.952739][ T3619] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 84.958794][ T4146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.988717][ T4146] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.003496][ T4146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.030652][ T4146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.048084][ T3731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.059541][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 85.068910][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 85.076795][ T3731] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.099552][ T3973] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.132055][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 85.167694][ T3696] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.225777][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 85.242218][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 85.279710][ T3686] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.286901][ T3686] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.337645][ T4146] device hsr_slave_0 entered promiscuous mode [ 85.355586][ T4146] device hsr_slave_1 entered promiscuous mode [ 85.388066][ T4146] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.408498][ T4146] Cannot create hsr debugfs directory [ 85.559208][ T3696] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.602996][ T3619] usb 2-1: New USB device found, idVendor=03fd, idProduct=ebbe, bcdDevice=d2.0d [ 85.617345][ T3619] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.641521][ T3619] usb 2-1: Product: syz [ 85.650124][ T3619] usb 2-1: Manufacturer: syz [ 85.654907][ T3619] usb 2-1: SerialNumber: syz [ 85.671726][ T3619] usb 2-1: config 0 descriptor?? [ 85.787509][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 86.480650][ T7] Bluetooth: hci4: command 0x040f tx timeout [ 86.499848][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 86.523162][ T3619] usb 2-1: USB disconnect, device number 3 [ 86.540177][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.612714][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.619859][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.956749][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 87.212143][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 87.477461][ T3696] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.601601][ T7] Bluetooth: hci4: command 0x0419 tx timeout [ 89.073791][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 89.107135][ T4288] xt_TCPMSS: Only works on TCP SYN packets [ 89.125225][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 89.141695][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 89.161619][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 89.179984][ T4288] netlink: 4 bytes leftover after parsing attributes in process `syz.0.143'. [ 89.191588][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 89.240689][ T4289] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 89.249956][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 89.268819][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 89.361966][ T3696] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.406306][ T3973] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.453507][ T3973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 89.479705][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 89.518908][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 90.234009][ T4321] capability: warning: `syz.1.150' uses deprecated v2 capabilities in a way that may be insecure [ 90.283205][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 90.283219][ T26] audit: type=1326 audit(1727805154.517:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4320 comm="syz.1.150" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efef00b3ff9 code=0x0 [ 90.425724][ T4324] loop1: detected capacity change from 0 to 2048 [ 90.784091][ T3973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.792964][ T3732] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 90.801383][ T4324] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 91.159180][ T3732] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 91.575973][ T4324] EXT4-fs (loop1): shut down requested (0) [ 91.658371][ T4354] EXT4-fs (loop1): shut down requested (0) [ 91.684299][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 91.722226][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 91.809432][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 91.837413][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 91.862158][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 91.934774][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 92.670843][ T3973] device veth0_vlan entered promiscuous mode [ 92.715677][ T4377] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 92.840694][ T4382] netlink: 'syz.1.158': attribute type 10 has an invalid length. [ 92.856512][ T4382] team0: Cannot enslave team device to itself [ 92.880081][ T3973] device veth1_vlan entered promiscuous mode [ 92.947387][ T4146] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 92.984654][ T4146] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.021328][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 93.030342][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 93.046271][ T3973] device veth0_macvtap entered promiscuous mode [ 93.060256][ T4146] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.106786][ T3973] device veth1_macvtap entered promiscuous mode [ 93.119808][ T4146] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.168903][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.187939][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.200130][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.219413][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.229350][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.241364][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.251401][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.261988][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.271944][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.283202][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.295881][ T3973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.330505][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 93.360766][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 93.379720][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 93.429823][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 93.457269][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.482186][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.499790][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.510522][ T4393] netlink: 'syz.1.163': attribute type 27 has an invalid length. [ 93.518627][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.529049][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.540765][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.554126][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.565101][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.575122][ T3973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.585610][ T3973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.613437][ T3973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.741909][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 93.771271][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 93.964518][ T3696] device hsr_slave_0 left promiscuous mode [ 93.979514][ T3696] device hsr_slave_1 left promiscuous mode [ 94.184315][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 94.244296][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 94.310015][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 94.387663][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 94.457414][ T3696] device bridge_slave_1 left promiscuous mode [ 94.482381][ T3696] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.567781][ T3696] device bridge_slave_0 left promiscuous mode [ 94.601763][ T3696] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.678688][ T3696] device veth1_macvtap left promiscuous mode [ 94.697757][ T3696] device veth0_macvtap left promiscuous mode [ 94.705207][ T3696] device veth1_vlan left promiscuous mode [ 94.732424][ T3696] device veth0_vlan left promiscuous mode [ 95.773465][ T3696] team0 (unregistering): Port device team_slave_1 removed [ 95.795213][ T3696] team0 (unregistering): Port device team_slave_0 removed [ 95.826406][ T3696] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 95.868815][ T3696] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.038325][ T3696] bond0 (unregistering): Released all slaves [ 96.120257][ T3973] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.129477][ T3973] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.139058][ T3973] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.148396][ T3973] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.077437][ T4146] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.395415][ T4146] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.441681][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 97.468324][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 97.526053][ T3685] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.567755][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 97.572729][ T3685] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.599294][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 97.643862][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.651113][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.687406][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 97.692033][ T4434] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 97.716902][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 97.737250][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.744399][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.808878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 97.838095][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 97.863547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 97.979572][ T3731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.010975][ T3731] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.060019][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 98.194883][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 98.394241][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 99.151704][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 99.583943][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 99.613574][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 99.663828][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 99.703454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 99.716753][ T4146] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 99.729889][ T4146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 99.781327][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 99.794834][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 99.803620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.038209][ T4480] loop3: detected capacity change from 0 to 256 [ 101.482957][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.490516][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.532394][ T4488] netlink: 'syz.4.190': attribute type 10 has an invalid length. [ 101.568523][ T4488] netlink: 40 bytes leftover after parsing attributes in process `syz.4.190'. [ 101.612052][ T4488] bridge0: port 3(dummy0) entered blocking state [ 101.626744][ T26] audit: type=1804 audit(1727805165.857:35): pid=4480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.187" name="/newroot/1/bus/bus/bus" dev="loop3" ino=1048608 res=1 errno=0 [ 101.645234][ T4488] bridge0: port 3(dummy0) entered disabled state [ 101.694743][ T4488] device dummy0 entered promiscuous mode [ 101.710597][ T26] audit: type=1804 audit(1727805165.897:36): pid=4480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.187" name="/newroot/1/bus/bus/bus" dev="loop3" ino=1048608 res=1 errno=0 [ 101.720135][ T4488] bridge0: port 3(dummy0) entered blocking state [ 101.738775][ T4488] bridge0: port 3(dummy0) entered forwarding state [ 101.816966][ T4146] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.901919][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 101.929873][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 101.974409][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 102.006175][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 102.036665][ T4146] device veth0_vlan entered promiscuous mode [ 102.045288][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 102.084310][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 102.120265][ T4146] device veth1_vlan entered promiscuous mode [ 102.121671][ T4495] loop3: detected capacity change from 0 to 512 [ 102.213439][ T4495] ======================================================= [ 102.213439][ T4495] WARNING: The mand mount option has been deprecated and [ 102.213439][ T4495] and is ignored by this kernel. Remove the mand [ 102.213439][ T4495] option from the mount to silence this warning. [ 102.213439][ T4495] ======================================================= [ 102.227633][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 102.248366][ C1] vkms_vblank_simulate: vblank timer overrun [ 102.297334][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 102.313740][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 102.332157][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 102.363312][ T4146] device veth0_macvtap entered promiscuous mode [ 102.391533][ T4146] device veth1_macvtap entered promiscuous mode [ 102.427966][ T4495] EXT4-fs (loop3): 1 orphan inode deleted [ 102.463469][ T4495] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,dioread_lock,. Quota mode: writeback. [ 102.512956][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 102.521028][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 102.528778][ T4495] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038 (0x7fffffff) [ 102.551604][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.601044][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.652618][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.712628][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.742596][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.782541][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.790667][ T4495] EXT4-fs error (device loop3): ext4_ext_remove_space:2840: inode #16: comm syz.3.192: path[1].p_hdr == NULL [ 102.813865][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.847939][ T4495] EXT4-fs (loop3): Remounting filesystem read-only [ 102.855026][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.855049][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.855065][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.863482][ T4146] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.902775][ T4495] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5803: Corrupt filesystem [ 102.943893][ T4495] EXT4-fs error (device loop3): ext4_punch_hole:4112: inode #16: comm syz.3.192: mark_inode_dirty error [ 102.975064][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.999923][ T4494] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.021044][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.031264][ T4494] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.053615][ T4494] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.090323][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.111759][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.122125][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.134502][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.151429][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.162405][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.199603][ T4146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.212933][ T4495] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.233130][ T4495] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.235296][ T4146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.265972][ T4146] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.290258][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 103.304324][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 103.313846][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 103.325461][ T4495] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.343205][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 103.364828][ T4146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.385729][ T4494] EXT4-fs error (device loop3): ext4_ext_map_blocks:4162: inode #16: comm syz.3.192: bad extent address lblock: 0, depth: 1 pblock 0 [ 103.422325][ T4146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.435678][ T4146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.451958][ T4146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.374517][ T3732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.388797][ T3685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.399968][ T3685] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.420042][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 104.429038][ T3732] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.490612][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 106.991182][ T4546] loop2: detected capacity change from 0 to 8192 [ 107.004597][ T13] Bluetooth: hci4: command 0x0405 tx timeout [ 107.803787][ T4546] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 109.044613][ T3628] Bluetooth: hci3: command 0x0409 tx timeout [ 109.087541][ T4553] chnl_net:caif_netlink_parms(): no params data found [ 109.335746][ T3696] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.414828][ T4586] loop2: detected capacity change from 0 to 512 [ 109.447981][ T3696] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.468081][ T4582] netlink: 'syz.4.213': attribute type 10 has an invalid length. [ 109.481644][ T4586] EXT4-fs (loop2): Ignoring removed nobh option [ 109.494128][ T4586] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 109.551794][ T4586] EXT4-fs (loop2): 1 truncate cleaned up [ 109.558682][ T4553] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.566127][ T4553] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.574112][ T4586] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none. [ 109.595159][ T4553] device bridge_slave_0 entered promiscuous mode [ 109.677606][ T3696] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.782058][ T4553] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.802150][ T4553] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.811208][ T4553] device bridge_slave_1 entered promiscuous mode [ 109.859093][ T3696] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.546016][ T4553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 110.693138][ T4601] loop2: detected capacity change from 0 to 512 [ 110.714530][ T4553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.831947][ T4606] loop1: detected capacity change from 0 to 1024 [ 111.207079][ T3628] Bluetooth: hci3: command 0x041b tx timeout [ 111.994104][ T4606] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 112.017505][ T4601] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,nobarrier,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 112.062890][ T4606] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038 (0x7fffffff) [ 112.077433][ T4601] ext4 filesystem being mounted at /4/bus supports timestamps until 2038 (0x7fffffff) [ 112.153350][ T4553] team0: Port device team_slave_0 added [ 112.161331][ T4553] team0: Port device team_slave_1 added [ 112.296085][ T4553] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.321849][ T4553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.354459][ T4553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.389157][ T4553] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.409218][ T4553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.436227][ T4553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.520696][ T4632] loop1: detected capacity change from 0 to 128 [ 113.330551][ T3652] Bluetooth: hci3: command 0x040f tx timeout [ 113.449697][ T4553] device hsr_slave_0 entered promiscuous mode [ 113.579102][ T4553] device hsr_slave_1 entered promiscuous mode [ 113.639334][ T4632] netlink: 16 bytes leftover after parsing attributes in process `syz.1.227'. [ 113.653091][ T4632] netlink: 24 bytes leftover after parsing attributes in process `syz.1.227'. [ 113.664959][ T4632] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 114.538452][ T4667] xt_TPROXY: Can be used only with -p tcp or -p udp [ 115.362737][ T3652] Bluetooth: hci3: command 0x0419 tx timeout [ 115.527908][ T4674] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 115.535247][ T4674] IPv6: NLM_F_CREATE should be set when creating new route [ 117.645469][ T4720] x_tables: duplicate underflow at hook 1 [ 117.652515][ T4720] IPVS: set_ctl: invalid protocol: 108 172.20.20.187:20004 [ 117.755493][ T4553] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 117.806753][ T4553] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 117.983262][ T4553] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 118.057127][ T4553] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 118.061762][ T4730] loop1: detected capacity change from 0 to 512 [ 120.144552][ T4742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.249'. [ 120.958217][ T3696] device hsr_slave_0 left promiscuous mode [ 120.974747][ T3696] device hsr_slave_1 left promiscuous mode [ 120.994557][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.002138][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.010524][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.018373][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.027084][ T3696] device bridge_slave_1 left promiscuous mode [ 121.034013][ T3696] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.053821][ T26] audit: type=1326 audit(2000000009.629:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.253" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe20f235ff9 code=0x0 [ 121.083026][ T3696] device bridge_slave_0 left promiscuous mode [ 121.089701][ T3696] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.117126][ T3696] device veth1_macvtap left promiscuous mode [ 121.124114][ T3696] device veth0_macvtap left promiscuous mode [ 121.130205][ T3696] device veth1_vlan left promiscuous mode [ 121.137789][ T3696] device veth0_vlan left promiscuous mode [ 121.212650][ T3652] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 121.437852][ T3696] team0 (unregistering): Port device team_slave_1 removed [ 121.460892][ T3696] team0 (unregistering): Port device team_slave_0 removed [ 121.472758][ T3652] usb 3-1: Using ep0 maxpacket: 8 [ 121.482378][ T3696] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 121.501561][ T3696] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 121.594923][ T3696] bond0 (unregistering): Released all slaves [ 121.752716][ T3652] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 121.756851][ T4553] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.761777][ T3652] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.761801][ T3652] usb 3-1: Product: syz [ 121.761815][ T3652] usb 3-1: Manufacturer: syz [ 121.761829][ T3652] usb 3-1: SerialNumber: syz [ 121.775355][ T3652] usb 3-1: config 0 descriptor?? [ 121.849690][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 121.858874][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 121.881103][ T4553] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.905189][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 121.923282][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 121.942280][ T3731] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.949420][ T3731] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.993053][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 122.037841][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 122.071338][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 122.287446][ T3731] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.294657][ T3731] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.362901][ T3652] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 122.752938][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 122.818350][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 122.851183][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 122.889390][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 122.901929][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 122.917185][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 122.958261][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 122.973301][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 123.012738][ T3580] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 123.024102][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 123.044741][ T4553] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 123.067308][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 123.204736][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 123.240562][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 123.326691][ T4796] xt_time: unknown flags 0xc [ 123.680895][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 123.729190][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 123.917914][ T4553] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 124.038510][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 124.062864][ T3580] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 124.069316][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 124.082694][ T3580] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 124.111785][ T3580] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 124.162615][ T3580] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.170871][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 124.199475][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 124.199580][ T4776] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 124.216709][ T4553] device veth0_vlan entered promiscuous mode [ 124.237493][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 124.266468][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 124.437560][ T4553] device veth1_vlan entered promiscuous mode [ 124.496688][ T4806] overlayfs: failed to resolve './file0': -2 [ 124.844926][ T3652] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 124.903434][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 125.143180][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 125.162714][ T3652] usb 3-1: USB disconnect, device number 2 [ 125.278880][ T4774] fuse: Bad value for 'rootmode' [ 125.285198][ T4553] device veth0_macvtap entered promiscuous mode [ 125.329077][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 125.346124][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 125.365221][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 125.386861][ T21] usb 2-1: USB disconnect, device number 4 [ 125.397126][ T4553] device veth1_macvtap entered promiscuous mode [ 125.486373][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.551625][ T4816] Process accounting resumed [ 125.554787][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.586945][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.618831][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.659610][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.690870][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.713089][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.713784][ T4813] kvm [4812]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x5500000800 [ 125.729283][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.750854][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.762062][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.764251][ T4813] kvm [4812]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x7100000800 [ 125.780287][ T4553] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.809964][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 125.825735][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 125.829857][ T4813] kvm [4812]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0xa600000000 [ 125.839399][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 125.876609][ T4813] kvm [4812]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0xb200000000 [ 125.895424][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.907668][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.921502][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.933517][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.943838][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.955194][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.965521][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.976760][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.987127][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.998348][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.012041][ T4553] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 126.036101][ T4822] netlink: 4 bytes leftover after parsing attributes in process `syz.4.268'. [ 126.077593][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 126.107726][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 126.163543][ T4553] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.183538][ T4553] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.192282][ T4553] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.218352][ T26] audit: type=1326 audit(2000000014.789:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 126.504767][ T4553] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.812767][ T26] audit: type=1326 audit(2000000014.929:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 126.899422][ T26] audit: type=1326 audit(2000000014.979:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 126.921873][ T26] audit: type=1326 audit(2000000014.979:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 126.974120][ T26] audit: type=1326 audit(2000000014.989:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.002641][ T4834] block nbd2: shutting down sockets [ 127.148534][ T4837] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 127.208590][ T26] audit: type=1326 audit(2000000014.999:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.306752][ T4837] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 127.326011][ T4839] kvm: pic: single mode not supported [ 127.326031][ T4839] kvm: pic: level sensitive irq not supported [ 127.331928][ T4839] kvm: pic: non byte read [ 127.344327][ T26] audit: type=1326 audit(2000000015.009:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.350631][ T4643] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.400946][ T4643] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.438190][ T4839] kvm: pic: non byte read [ 127.443788][ T4839] kvm: pic: non byte read [ 127.450438][ T26] audit: type=1326 audit(2000000015.009:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.457284][ T4839] kvm: pic: non byte read [ 127.473370][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 127.480303][ T3731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.533082][ T26] audit: type=1326 audit(2000000015.039:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.561786][ T4839] kvm: pic: non byte read [ 127.566983][ T4839] kvm: pic: non byte read [ 127.571701][ T4839] kvm: pic: non byte read [ 127.582983][ T3731] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.595153][ T4839] kvm: pic: non byte read [ 127.606738][ T4839] kvm: pic: non byte read [ 127.615126][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 127.625158][ T4839] kvm: pic: non byte read [ 127.642064][ T26] audit: type=1326 audit(2000000015.119:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4827 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x7ffc0000 [ 127.974695][ T4860] loop1: detected capacity change from 0 to 64 [ 128.090082][ T4864] netlink: 8 bytes leftover after parsing attributes in process `syz.3.281'. [ 128.493113][ T1075] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 129.937207][ T1075] usb 4-1: Using ep0 maxpacket: 16 [ 131.418618][ T1075] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 131.428604][ T1075] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.893264][ T1075] usb 4-1: Product: syz [ 131.899358][ T1075] usb 4-1: config 0 descriptor?? [ 131.922744][ T1075] usb 4-1: can't set config #0, error -71 [ 133.510791][ T1394] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.517164][ T1394] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.581032][ T1075] usb 4-1: USB disconnect, device number 2 [ 135.908047][ T4961] vivid-001: disconnect [ 136.000392][ T4959] loop2: detected capacity change from 0 to 2048 [ 136.008606][ T4963] loop3: detected capacity change from 0 to 64 [ 136.077769][ T4956] vivid-001: reconnect [ 136.361553][ T4959] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 136.772544][ T4959] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.781090][ T4959] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.837228][ T4974] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.844385][ T4974] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.852416][ T4974] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.859571][ T4974] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.117063][ T4974] device bridge0 entered promiscuous mode [ 139.214182][ T5001] vivid-006: disconnect [ 139.666154][ T4996] vivid-006: reconnect [ 140.051523][ T5006] loop3: detected capacity change from 0 to 256 [ 140.290634][ T5014] vivid-000: disconnect [ 140.306429][ T5010] vivid-000: reconnect [ 140.318569][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 140.318581][ T26] audit: type=1326 audit(2000000028.889:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 140.422191][ T26] audit: type=1326 audit(2000000028.929:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 140.457645][ T26] audit: type=1326 audit(2000000028.929:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 140.544277][ T5025] loop1: detected capacity change from 0 to 64 [ 140.730279][ T26] audit: type=1326 audit(2000000028.929:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.284413][ T26] audit: type=1326 audit(2000000028.929:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.306767][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.377965][ T26] audit: type=1326 audit(2000000028.929:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.588956][ T5030] loop3: detected capacity change from 0 to 512 [ 141.589923][ T5032] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 141.627554][ T26] audit: type=1326 audit(2000000028.929:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.651034][ T26] audit: type=1326 audit(2000000028.929:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.673146][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.681432][ T26] audit: type=1326 audit(2000000028.929:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.703565][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.714865][ T26] audit: type=1326 audit(2000000028.929:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5013 comm="syz.1.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef00b3ff9 code=0x7ffc0000 [ 141.736973][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.807269][ T5030] EXT4-fs (loop3): Ignoring removed nobh option [ 141.824674][ T5030] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 143.452723][ T5030] EXT4-fs (loop3): 1 truncate cleaned up [ 143.459600][ T5030] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none. [ 146.648483][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 146.648510][ T26] audit: type=1326 audit(2000000035.219:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.712670][ T26] audit: type=1326 audit(2000000035.279:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.735647][ T26] audit: type=1326 audit(2000000035.279:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.758642][ T26] audit: type=1326 audit(2000000035.279:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.781341][ T26] audit: type=1326 audit(2000000035.279:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.852633][ T26] audit: type=1326 audit(2000000035.279:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.905772][ T26] audit: type=1326 audit(2000000035.279:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 146.960825][ T26] audit: type=1326 audit(2000000035.279:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 147.036042][ T26] audit: type=1326 audit(2000000035.389:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 147.118762][ T26] audit: type=1326 audit(2000000035.389:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe00a4d6ff9 code=0x7ffc0000 [ 147.204266][ T5060] loop2: detected capacity change from 0 to 32768 [ 147.254774][ T5084] loop3: detected capacity change from 0 to 1024 [ 148.061785][ T5084] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.114761][ T5084] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038 (0x7fffffff) [ 148.739725][ T5093] loop1: detected capacity change from 0 to 1024 [ 149.632050][ T5093] hfsplus: extend alloc file! (8192,65536,366) [ 150.398987][ T5129] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 152.255684][ T5138] loop3: detected capacity change from 0 to 1024 [ 152.534130][ T5138] hfsplus: failed to load root directory [ 152.781749][ T5146] loop1: detected capacity change from 0 to 4096 [ 152.796823][ T5138] loop3: detected capacity change from 0 to 512 [ 153.210487][ T5138] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 153.458876][ T5146] ntfs3: loop1: MFT: r=0, expect seq=1 instead of 0! [ 153.466757][ T5146] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 153.468523][ T5138] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff) [ 153.477769][ T5146] ntfs3: loop1: Failed to load $MFT. [ 153.822708][ T5146] team0 (unregistering): Port device team_slave_0 removed [ 154.180248][ T5146] team0 (unregistering): Port device team_slave_1 removed [ 155.704694][ T5185] loop3: detected capacity change from 0 to 512 [ 159.235181][ T5220] loop2: detected capacity change from 0 to 512 [ 159.365168][ T5220] EXT4-fs (loop2): 1 orphan inode deleted [ 159.371020][ T5220] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,dioread_lock,. Quota mode: writeback. [ 159.395266][ T5220] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038 (0x7fffffff) [ 159.459674][ T5220] EXT4-fs error (device loop2): ext4_ext_remove_space:2840: inode #16: comm syz.2.373: path[1].p_hdr == NULL [ 159.477543][ T5220] EXT4-fs (loop2): Remounting filesystem read-only [ 159.485937][ T5220] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5803: Corrupt filesystem [ 159.506200][ T5220] EXT4-fs error (device loop2): ext4_punch_hole:4112: inode #16: comm syz.2.373: mark_inode_dirty error [ 159.534326][ T5219] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.550401][ T5219] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.571580][ T3619] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 159.580380][ T5219] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.605286][ T5220] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.684645][ T5220] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.734094][ T5219] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.775363][ T5219] EXT4-fs error (device loop2): ext4_ext_map_blocks:4162: inode #16: comm syz.2.373: bad extent address lblock: 0, depth: 1 pblock 0 [ 159.993261][ T3619] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 159.993307][ T3619] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 159.993342][ T3619] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.020518][ T3619] usb 5-1: config 0 descriptor?? [ 160.070809][ T3619] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 161.090077][ T3652] usb 5-1: USB disconnect, device number 3 [ 161.734281][ T144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.127666][ T5247] loop1: detected capacity change from 0 to 32768 [ 162.145275][ T144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.282914][ T144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.382155][ T5247] XFS (loop1): Mounting V5 Filesystem [ 162.430658][ T144] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.625984][ T5247] XFS (loop1): Ending clean mount [ 163.065432][ T3575] XFS (loop1): Unmounting Filesystem [ 163.220485][ T5269] chnl_net:caif_netlink_parms(): no params data found [ 163.595678][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.624231][ T5269] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.635552][ T5269] device bridge_slave_0 entered promiscuous mode [ 163.731201][ T5269] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.777551][ T5269] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.828062][ T5269] device bridge_slave_1 entered promiscuous mode [ 164.542843][ T5269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.563140][ T3619] Bluetooth: hci4: command 0x0409 tx timeout [ 164.649253][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 164.649266][ T26] audit: type=1326 audit(2000000053.219:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5305 comm="syz.4.391" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb82d156ff9 code=0x0 [ 164.707878][ T5269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.034506][ T5269] team0: Port device team_slave_0 added [ 165.208434][ T5269] team0: Port device team_slave_1 added [ 165.522566][ T1075] Bluetooth: hci2: command 0x0406 tx timeout [ 165.529324][ T1075] Bluetooth: hci1: command 0x0406 tx timeout [ 166.002889][ T5269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.021867][ T5269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.096625][ T5269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.311566][ T144] device hsr_slave_0 left promiscuous mode [ 166.832364][ T3563] Bluetooth: hci4: command 0x041b tx timeout [ 167.049421][ T144] device hsr_slave_1 left promiscuous mode [ 167.058368][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.137247][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.470488][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.770230][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.893558][ T144] device bridge_slave_1 left promiscuous mode [ 167.923134][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.023655][ T144] device bridge_slave_0 left promiscuous mode [ 168.030070][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.071672][ T144] device veth1_macvtap left promiscuous mode [ 168.088202][ T144] device veth0_macvtap left promiscuous mode [ 168.098373][ T144] device veth1_vlan left promiscuous mode [ 168.118590][ T144] device veth0_vlan left promiscuous mode [ 168.631847][ T144] team0 (unregistering): Port device team_slave_1 removed [ 168.670365][ T144] team0 (unregistering): Port device team_slave_0 removed [ 168.694306][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.721197][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.838926][ T144] bond0 (unregistering): Released all slaves [ 168.882650][ T3619] Bluetooth: hci4: command 0x040f tx timeout [ 168.890027][ T5269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.897887][ T5269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.927057][ T5269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.238239][ T5269] device hsr_slave_0 entered promiscuous mode [ 169.273088][ T5269] device hsr_slave_1 entered promiscuous mode [ 169.289183][ T5269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 169.300811][ T5269] Cannot create hsr debugfs directory [ 170.014304][ T5366] loop1: detected capacity change from 0 to 32768 [ 170.452959][ T5366] XFS (loop1): Mounting V5 Filesystem [ 171.007204][ T5366] XFS (loop1): Ending clean mount [ 171.092479][ T3563] Bluetooth: hci4: command 0x0419 tx timeout [ 171.702690][ T5269] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 171.837010][ T5269] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 171.868882][ T26] audit: type=1800 audit(2000000060.439:162): pid=5366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.402" name="bus" dev="loop1" ino=9287 res=0 errno=0 [ 171.956010][ T5269] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 172.008717][ T5269] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 172.043240][ T5407] loop3: detected capacity change from 0 to 4096 [ 172.188608][ T5407] NILFS (loop3): invalid segment: Checksum error in segment payload [ 172.239821][ T5407] NILFS (loop3): trying rollback from an earlier position [ 172.335162][ T5407] NILFS (loop3): recovery complete [ 172.356074][ T5269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.363389][ T5412] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'. [ 172.383028][ T5414] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 172.401630][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 172.441739][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 172.577183][ T3575] XFS (loop1): Unmounting Filesystem [ 172.649071][ T5269] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.002715][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.032338][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.093096][ T3888] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.100222][ T3888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.214477][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.253623][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.288971][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.325174][ T3888] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.332297][ T3888] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.402716][ T4272] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 173.423517][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.453488][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.492255][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.524287][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.563461][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 173.571849][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 173.595563][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 173.615186][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 173.641375][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 173.650303][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 173.652898][ T4272] usb 5-1: Using ep0 maxpacket: 16 [ 173.666156][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 173.682399][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 173.884782][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 173.892275][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 173.906220][ T5269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.933993][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 173.943186][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 173.983929][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 174.000665][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 174.009158][ T4272] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 174.036951][ T4272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.056464][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 174.062493][ T4272] usb 5-1: Product: syz [ 174.074071][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 174.078787][ T4272] usb 5-1: Manufacturer: syz [ 174.091696][ T5269] device veth0_vlan entered promiscuous mode [ 174.122585][ T4272] usb 5-1: SerialNumber: syz [ 174.130968][ T5269] device veth1_vlan entered promiscuous mode [ 174.147445][ T4272] usb 5-1: config 0 descriptor?? [ 174.192713][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 174.211136][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 174.221249][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 174.244337][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 174.265850][ T5269] device veth0_macvtap entered promiscuous mode [ 174.286031][ T5269] device veth1_macvtap entered promiscuous mode [ 174.318998][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.354704][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.365122][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.384644][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.394704][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.406116][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.422855][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.450426][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.466425][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.479151][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.490964][ T5269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.506961][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.521343][ T4272] usb 5-1: Not enough endpoints found in device, aborting! [ 174.532105][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.571808][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.582973][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.593303][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.604515][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.614846][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.625663][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.635859][ T5269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.646922][ T5269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.658570][ T5269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.666737][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 174.675903][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 174.684477][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 174.693816][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 174.702366][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 174.711944][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 174.734458][ T5269] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.752679][ T5269] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.759704][ T3652] usb 5-1: USB disconnect, device number 4 [ 174.761476][ T5269] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.791048][ T5269] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.916452][ T3686] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.941028][ T3686] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.969820][ T3888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.990028][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 174.999591][ T3888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.020027][ T2669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 175.138334][ T3588] Bluetooth: Wrong link type (-22) [ 176.573194][ T5509] kvm: pic: single mode not supported [ 176.574468][ T5509] kvm: pic: level sensitive irq not supported [ 176.580805][ T5509] kvm: pic: level sensitive irq not supported [ 177.898224][ T5532] overlayfs: failed to resolve './file0': -2 [ 179.959961][ T5553] syz.2.428 (5553): attempted to duplicate a private mapping with mremap. This is not supported. [ 181.327667][ T5567] cgroup: fork rejected by pids controller in /syz4 [ 181.482501][ T5563] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0 [ 181.493679][ T5566] IPVS: stopping backup sync thread 5563 ... [ 182.322346][ T5565] sched: RT throttling activated [ 183.488535][ T5596] loop1: detected capacity change from 0 to 2048 [ 183.621041][ T3686] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.643485][ T5596] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 183.670778][ T5596] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 183.753330][ T5596] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 183.774509][ T3686] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.890998][ T5602] loop3: detected capacity change from 0 to 1024 [ 184.027390][ T3686] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.054509][ T5602] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.175066][ T5614] loop2: detected capacity change from 0 to 512 [ 185.247257][ T5614] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 185.269787][ T3686] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.375333][ T5614] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 185.439033][ T5614] EXT4-fs (loop2): 1 truncate cleaned up [ 185.472603][ T5614] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 185.597180][ T5624] syz.1.456[5624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 185.597744][ T5624] syz.1.456[5624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.013610][ T3563] Bluetooth: hci5: command 0x0409 tx timeout [ 187.381634][ T5608] chnl_net:caif_netlink_parms(): no params data found [ 188.278823][ T5648] loop1: detected capacity change from 0 to 128 [ 188.407009][ T5648] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 188.417752][ T5648] ext4 filesystem being mounted at /104/mnt supports timestamps until 2038 (0x7fffffff) [ 189.056236][ T5664] overlayfs: failed to resolve './file0': -2 [ 189.224416][ T3619] Bluetooth: hci5: command 0x041b tx timeout [ 189.411590][ T5608] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.422107][ T5608] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.438398][ T5608] device bridge_slave_0 entered promiscuous mode [ 189.506883][ T5608] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.520982][ T5608] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.537257][ T5608] device bridge_slave_1 entered promiscuous mode [ 189.571613][ T5608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.761625][ T5608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.269246][ T5608] team0: Port device team_slave_0 added [ 190.314208][ T5608] team0: Port device team_slave_1 added [ 192.866136][ T3619] Bluetooth: hci5: command 0x040f tx timeout [ 193.982571][ T5711] loop1: detected capacity change from 0 to 1024 [ 194.053093][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.060504][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.165042][ T1394] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.171406][ T1394] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.194957][ T5608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.216153][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.231688][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.268467][ T5711] EXT4-fs (loop1): Ignoring removed orlov option [ 194.285332][ T5732] loop3: detected capacity change from 0 to 512 [ 194.287642][ T5711] EXT4-fs (loop1): Ignoring removed nobh option [ 194.311254][ T5608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.326592][ T5711] EXT4-fs (loop1): Couldn't mount because of unsupported optional features (28) [ 194.351387][ T5732] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 194.435229][ T5732] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 194.505109][ T3686] device hsr_slave_0 left promiscuous mode [ 194.541958][ T5732] EXT4-fs (loop3): 1 truncate cleaned up [ 194.561929][ T3686] device hsr_slave_1 left promiscuous mode [ 194.589426][ T5732] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 194.661993][ T3686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.677851][ T3686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.736592][ T3686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.752935][ T3686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.760747][ T3686] device dummy0 left promiscuous mode [ 194.766831][ T3686] bridge0: port 3(dummy0) entered disabled state [ 194.781401][ T3686] device bridge_slave_1 left promiscuous mode [ 194.788770][ T3686] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.995671][ T3619] Bluetooth: hci5: command 0x0419 tx timeout [ 195.151290][ T3686] device bridge_slave_0 left promiscuous mode [ 195.215629][ T3686] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.472733][ T3686] device veth1_macvtap left promiscuous mode [ 195.478809][ T3686] device veth0_macvtap left promiscuous mode [ 195.534442][ T3686] device veth1_vlan left promiscuous mode [ 195.582895][ T3686] device veth0_vlan left promiscuous mode [ 195.817905][ T5756] loop3: detected capacity change from 0 to 128 [ 195.820543][ T5749] kvm [5745]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x5500000800 [ 195.911329][ T5756] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 196.062961][ T5756] loop_set_status: loop3 () has still dirty pages (nrpages=2) [ 196.288397][ T3686] team0 (unregistering): Port device team_slave_1 removed [ 196.319539][ T3686] team0 (unregistering): Port device team_slave_0 removed [ 196.334040][ T3686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.355745][ T3686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.496170][ T3686] bond0 (unregistering): Released all slaves [ 196.570772][ T5762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.473'. [ 196.619736][ T5608] device hsr_slave_0 entered promiscuous mode [ 196.681936][ T5608] device hsr_slave_1 entered promiscuous mode [ 196.690769][ T4553] UDF-fs: error (device loop3): udf_read_inode: (ino 114) failed !bh [ 196.721160][ T5608] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.724840][ T4553] UDF-fs: error (device loop3): udf_read_inode: (ino 114) failed !bh [ 196.758186][ T5608] Cannot create hsr debugfs directory [ 199.598826][ T5791] loop1: detected capacity change from 0 to 512 [ 199.682493][ T5791] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 199.824799][ T5791] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 199.869422][ T5791] EXT4-fs (loop1): 1 truncate cleaned up [ 199.897700][ T5791] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 200.767503][ T5823] loop1: detected capacity change from 0 to 512 [ 200.892627][ T5823] EXT4-fs (loop1): Invalid want_extra_isize 497 [ 200.985975][ T5813] chnl_net:caif_netlink_parms(): no params data found [ 201.563286][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.580649][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.630417][ T5813] device bridge_slave_0 entered promiscuous mode [ 201.644128][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.651271][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.659451][ T5813] device bridge_slave_1 entered promiscuous mode [ 201.929114][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.021284][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.221596][ T5608] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 202.305481][ T5813] team0: Port device team_slave_0 added [ 202.347479][ T5608] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 202.371008][ T5813] team0: Port device team_slave_1 added [ 202.375073][ T5853] kvm: pic: single mode not supported [ 202.376593][ T5853] kvm: pic: level sensitive irq not supported [ 202.383750][ T5853] picdev_read: 106 callbacks suppressed [ 202.383766][ T5853] kvm: pic: non byte read [ 202.388051][ T5856] netlink: 4 bytes leftover after parsing attributes in process `syz.0.491'. [ 202.390010][ T5853] kvm: pic: non byte read [ 202.433392][ T5608] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 202.457248][ T5608] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 202.475148][ T5853] kvm: pic: non byte read [ 202.483155][ T27] INFO: task syz.4.32:3776 blocked for more than 143 seconds. [ 202.499177][ T27] Not tainted 5.15.167-syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 202.507347][ T5853] kvm: pic: non byte read [ 202.512053][ T5853] kvm: pic: non byte read [ 202.525371][ T5853] kvm: pic: non byte read [ 202.531294][ T5853] kvm: pic: non byte read [ 202.537815][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 202.576364][ T5853] kvm: pic: non byte read [ 202.592919][ T27] task:syz.4.32 state:D stack:23320 pid: 3776 ppid: 3573 flags:0x00004004 [ 202.625112][ T5853] kvm: pic: non byte read [ 202.631123][ T27] Call Trace: [ 202.642917][ T3619] Bluetooth: hci3: command 0x0409 tx timeout [ 202.649408][ T27] [ 202.652347][ T27] __schedule+0x12c4/0x45b0 [ 202.662644][ T27] ? release_firmware_map_entry+0x190/0x190 [ 202.668561][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 202.692533][ T27] ? print_irqtrace_events+0x210/0x210 [ 202.698044][ T27] ? _raw_spin_lock_irq+0xdb/0x110 [ 202.712625][ T27] schedule+0x11b/0x1f0 [ 202.716818][ T27] io_schedule+0x88/0x100 [ 202.721154][ T27] wait_on_page_bit_common+0xa13/0x1180 [ 202.744740][ T27] ? wait_on_page_bit+0x50/0x50 [ 202.750157][ T27] ? rcu_lock_release+0x20/0x20 [ 202.756686][ T27] ? rcu_lock_release+0x5/0x20 [ 202.762015][ T27] do_read_cache_page+0x9c1/0x1040 [ 202.772919][ T27] erofs_namei+0x15e/0x1700 [ 202.777537][ T27] erofs_lookup+0x1c0/0x460 [ 202.782084][ T27] ? erofs_namei+0x1700/0x1700 [ 202.787431][ T27] ? d_hash_and_lookup+0x1b0/0x1b0 [ 202.792828][ T27] ? __init_waitqueue_head+0xaa/0x140 [ 202.798295][ T27] __lookup_slow+0x275/0x3d0 [ 202.803347][ T27] ? lookup_one_len+0x2d0/0x2d0 [ 202.808910][ T27] ? down_read+0x1b3/0x2e0 [ 202.813731][ T27] lookup_slow+0x53/0x70 [ 202.817979][ T27] walk_component+0x48c/0x610 [ 202.823016][ T27] ? nd_alloc_stack+0xf0/0xf0 [ 202.827690][ T27] ? generic_permission+0x21c/0x4f0 [ 202.833327][ T27] ? inode_permission+0xf7/0x450 [ 202.838265][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 202.843790][ T27] ? bpf_lsm_inode_permission+0x5/0x10 [ 202.849250][ T27] ? security_inode_permission+0xad/0xf0 [ 202.857162][ T27] link_path_walk+0x642/0xd90 [ 202.861873][ T27] ? handle_lookup_down+0x130/0x130 [ 202.868908][ T27] path_lookupat+0xa9/0x450 [ 202.880921][ T27] filename_lookup+0x230/0x5c0 [ 202.887126][ T27] ? hashlen_string+0x110/0x110 [ 202.892102][ T27] ? getname_flags+0x1ec/0x4e0 [ 202.905485][ T27] user_path_at_empty+0x40/0x180 [ 202.910855][ T27] path_setxattr+0xae/0x2a0 [ 202.916356][ T27] ? simple_xattr_list_add+0xf0/0xf0 [ 202.921663][ T27] ? syscall_enter_from_user_mode+0x2e/0x240 [ 202.928214][ T27] __x64_sys_setxattr+0xb7/0xd0 [ 202.933478][ T27] do_syscall_64+0x3b/0xb0 [ 202.937900][ T27] ? clear_bhb_loop+0x15/0x70 [ 202.942922][ T27] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 202.948837][ T27] RIP: 0033:0x7f025c4abff9 [ 202.953655][ T27] RSP: 002b:00007f025a924038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 202.962122][ T27] RAX: ffffffffffffffda RBX: 00007f025c663f80 RCX: 00007f025c4abff9 [ 202.981400][ T27] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000020000180 [ 202.989845][ T27] RBP: 00007f025c51e296 R08: 0000000000000000 R09: 0000000000000000 [ 203.006389][ T27] R10: 0000000000000386 R11: 0000000000000246 R12: 0000000000000000 [ 203.019299][ T27] R13: 0000000000000000 R14: 00007f025c663f80 R15: 00007ffe1b000fb8 [ 203.032180][ T27] [ 203.039154][ T27] INFO: task syz.4.32:3781 blocked for more than 143 seconds. [ 203.067089][ T27] Not tainted 5.15.167-syzkaller #0 [ 203.082412][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 203.091856][ T27] task:syz.4.32 state:D stack:26368 pid: 3781 ppid: 3573 flags:0x00004004 [ 203.109046][ T27] Call Trace: [ 203.114518][ T27] [ 203.117464][ T27] __schedule+0x12c4/0x45b0 [ 203.121992][ T27] ? blk_flush_plug_list+0x452/0x490 [ 203.137566][ T27] ? release_firmware_map_entry+0x190/0x190 [ 203.145880][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 203.151872][ T27] ? blk_check_plugged+0x250/0x250 [ 203.164992][ T27] ? print_irqtrace_events+0x210/0x210 [ 203.171229][ T27] ? _raw_spin_lock_irq+0xdb/0x110 [ 203.176759][ T27] schedule+0x11b/0x1f0 [ 203.180923][ T27] io_schedule+0x88/0x100 [ 203.186038][ T27] wait_on_page_bit_common+0xa13/0x1180 [ 203.191598][ T27] ? wait_on_page_bit+0x50/0x50 [ 203.197038][ T27] ? rcu_lock_release+0x20/0x20 [ 203.201922][ T27] ? bio_add_page+0x2b3/0x450 [ 203.207352][ T27] z_erofs_runqueue+0x788/0x1a80 [ 203.212304][ T27] ? tick_nohz_tick_stopped+0x77/0xb0 [ 203.218447][ T27] ? z_erofs_do_read_page+0x2600/0x2600 [ 203.224072][ T27] ? __bpf_trace_erofs_destroy_inode+0x20/0x20 [ 203.230236][ T27] z_erofs_readahead+0xc9a/0x1280 [ 203.235389][ T27] ? z_erofs_readpage+0x840/0x840 [ 203.240443][ T27] read_pages+0x159/0x8e0 [ 203.244811][ T27] ? page_cache_ra_unbounded+0x930/0x930 [ 203.250440][ T27] ? add_to_page_cache_locked+0x40/0x40 [ 203.256117][ T27] ? down_read+0x1b3/0x2e0 [ 203.260530][ T27] page_cache_ra_unbounded+0x7b0/0x930 [ 203.266081][ T27] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 203.272626][ T27] force_page_cache_ra+0x378/0x3e0 [ 203.278112][ T27] generic_fadvise+0x5ba/0x8b0 [ 203.283232][ T27] ? dump_task+0x5f0/0x5f0 [ 203.287651][ T27] ? __fdget+0x191/0x220 [ 203.291874][ T27] __x64_sys_fadvise64+0x138/0x180 [ 203.297344][ T27] do_syscall_64+0x3b/0xb0 [ 203.301769][ T27] ? clear_bhb_loop+0x15/0x70 [ 203.307924][ T27] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 203.313982][ T27] RIP: 0033:0x7f025c4abff9 [ 203.318578][ T27] RSP: 002b:00007f025a903038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd [ 203.328802][ T27] RAX: ffffffffffffffda RBX: 00007f025c664058 RCX: 00007f025c4abff9 [ 203.337164][ T27] RDX: 0000000000004101 RSI: 0000000000e0ffff RDI: 0000000000000004 [ 203.345601][ T27] RBP: 00007f025c51e296 R08: 0000000000000000 R09: 0000000000000000 [ 203.354017][ T27] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 203.361990][ T27] R13: 0000000000000001 R14: 00007f025c664058 R15: 00007ffe1b000fb8 [ 203.370426][ T27] [ 203.376498][ T27] [ 203.376498][ T27] Showing all locks held in the system: [ 203.390646][ T27] 1 lock held by khungtaskd/27: [ 203.409940][ T27] #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 203.429773][ T27] 1 lock held by dhcpcd/3238: [ 203.435845][ T27] #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: __netlink_dump_start+0x12e/0x6d0 [ 203.452601][ T27] 2 locks held by getty/3326: [ 203.457298][ T27] #0: ffff88814b29e098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 203.467200][ T27] #1: ffffc9000208e2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0 [ 203.477368][ T27] 4 locks held by kworker/u4:7/3686: [ 203.483039][ T27] #0: ffff8880171d5938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 203.493359][ T27] #1: ffffc90003617d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 203.503310][ T27] #2: ffffffff8da261d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60 [ 203.513874][ T27] #3: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: cangw_pernet_exit+0xe/0x20 [ 203.524115][ T27] 2 locks held by kworker/u4:8/3696: [ 203.529400][ T27] #0: ffff8880b903a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 203.539447][ T27] #1: ffff8880b9027848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x53d/0x810 [ 203.551014][ T27] 1 lock held by syz.4.32/3776: [ 203.555885][ T27] #0: ffff88806266c180 (&type->i_mutex_dir_key#9){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 203.565866][ T27] 1 lock held by syz.4.32/3781: [ 203.570714][ T27] #0: ffff88806266c320 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: page_cache_ra_unbounded+0x1a6/0x930 [ 203.582358][ T27] 3 locks held by kworker/u4:12/3888: [ 203.587885][ T27] #0: ffff888017079138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 203.599023][ T27] #1: ffffc90003107d20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 203.609549][ T27] #2: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50 [ 203.618695][ T27] 3 locks held by kworker/0:9/4272: [ 203.624731][ T27] #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 203.635464][ T27] #1: ffffc90002fc7d20 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 203.645204][ T27] #2: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 [ 203.656119][ T27] 4 locks held by syz-executor/5269: [ 203.661379][ T27] #0: ffff8880678d8ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 [ 203.671156][ T27] #1: ffff8880678d8078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 [ 203.680678][ T27] #2: ffffffff8db7b128 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 [ 203.691065][ T27] #3: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x280/0x740 [ 203.702111][ T27] 3 locks held by syz.1.490/5853: [ 203.707188][ T27] #0: ffff88801a7c0ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 [ 203.716996][ T27] #1: ffff88801a7c0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 [ 203.726939][ T27] #2: ffffffff8db7b128 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 [ 203.737827][ T27] [ 203.758508][ T27] ============================================= [ 203.758508][ T27] [ 203.771311][ T27] NMI backtrace for cpu 1 [ 203.775660][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0 [ 203.783638][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 203.793683][ T27] Call Trace: [ 203.796944][ T27] [ 203.799854][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 203.804514][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 203.810128][ T27] ? panic+0x860/0x860 [ 203.814180][ T27] ? nmi_cpu_backtrace+0x23b/0x4a0 [ 203.819272][ T27] nmi_cpu_backtrace+0x46a/0x4a0 [ 203.824190][ T27] ? __wake_up_klogd+0xd5/0x100 [ 203.829025][ T27] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 203.835162][ T27] ? _printk+0xd1/0x120 [ 203.839298][ T27] ? panic+0x860/0x860 [ 203.843346][ T27] ? __wake_up_klogd+0xcc/0x100 [ 203.848178][ T27] ? panic+0x860/0x860 [ 203.852226][ T27] ? __rcu_read_unlock+0x92/0x100 [ 203.857229][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 203.863275][ T27] nmi_trigger_cpumask_backtrace+0x181/0x2a0 [ 203.869236][ T27] watchdog+0xe72/0xeb0 [ 203.873561][ T27] kthread+0x3f6/0x4f0 [ 203.877606][ T27] ? hungtask_pm_notify+0x50/0x50 [ 203.882609][ T27] ? kthread_blkcg+0xd0/0xd0 [ 203.887179][ T27] ret_from_fork+0x1f/0x30 [ 203.891580][ T27] [ 203.895325][ T27] Sending NMI from CPU 1 to CPUs 0: [ 203.900548][ C0] NMI backtrace for cpu 0 [ 203.900562][ C0] CPU: 0 PID: 3686 Comm: kworker/u4:7 Not tainted 5.15.167-syzkaller #0 [ 203.900577][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 203.900586][ C0] Workqueue: netns cleanup_net [ 203.900605][ C0] RIP: 0010:lock_is_held_type+0x99/0x180 [ 203.900625][ C0] Code: 8b 8a e8 0a 12 00 00 65 ff 05 c3 28 ce 75 41 83 bd e8 0a 00 00 00 7e 47 4c 89 ed 48 81 c5 f0 0a 00 00 31 db 48 83 fb 31 73 24 <48> 89 ef 4c 89 fe e8 fc 01 00 00 85 c0 75 2a 48 ff c3 49 63 85 e8 [ 203.900636][ C0] RSP: 0018:ffffc900036178f8 EFLAGS: 00000083 [ 203.900647][ C0] RAX: 0000000000000003 RBX: 0000000000000001 RCX: ffff8880758a5940 [ 203.900657][ C0] RDX: 0000000000000000 RSI: ffffffff8c91fbe0 RDI: ffff8880758a6430 [ 203.900667][ C0] RBP: ffff8880758a6458 R08: dffffc0000000000 R09: fffffbfff1bd2c16 [ 203.900677][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000246 [ 203.900686][ C0] R13: ffff8880758a5940 R14: 00000000ffffffff R15: ffffffff8c91fbe0 [ 203.900696][ C0] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 203.900708][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.900718][ C0] CR2: 000055ff4437aa18 CR3: 000000002319e000 CR4: 00000000003526f0 [ 203.900730][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 203.900738][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 203.900747][ C0] Call Trace: [ 203.900752][ C0] [ 203.900756][ C0] ? nmi_cpu_backtrace+0x39f/0x4a0 [ 203.900772][ C0] ? read_lock_is_recursive+0x10/0x10 [ 203.900786][ C0] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 203.900806][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 203.900820][ C0] ? nmi_handle+0xf7/0x370 [ 203.900834][ C0] ? lock_is_held_type+0x99/0x180 [ 203.900848][ C0] ? default_do_nmi+0x62/0x150 [ 203.900862][ C0] ? exc_nmi+0xa8/0x100 [ 203.900875][ C0] ? end_repeat_nmi+0x16/0x31 [ 203.900890][ C0] ? lock_is_held_type+0x99/0x180 [ 203.900904][ C0] ? lock_is_held_type+0x99/0x180 [ 203.900919][ C0] ? lock_is_held_type+0x99/0x180 [ 203.900933][ C0] [ 203.900937][ C0] [ 203.900942][ C0] ___might_sleep+0xf1/0x6a0 [ 203.900957][ C0] ? rcu_lock_release+0x5/0x20 [ 203.900972][ C0] ? __might_sleep+0xc0/0xc0 [ 203.900990][ C0] inet_twsk_purge+0x11a/0x9d0 [ 203.901008][ C0] ? __inet_twsk_schedule+0x130/0x130 [ 203.901022][ C0] ? iput+0x6f5/0x8b0 [ 203.901035][ C0] ? tcpv6_net_exit+0x70/0x70 [ 203.901050][ C0] cleanup_net+0x763/0xb60 [ 203.901064][ C0] ? ops_free_list+0x340/0x340 [ 203.901081][ C0] process_one_work+0x8a1/0x10c0 [ 203.901101][ C0] ? worker_detach_from_pool+0x260/0x260 [ 203.901116][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 203.901131][ C0] ? kthread_data+0x4e/0xc0 [ 203.901144][ C0] ? wq_worker_running+0x97/0x170 [ 203.901157][ C0] worker_thread+0xaca/0x1280 [ 203.901184][ C0] kthread+0x3f6/0x4f0 [ 203.901196][ C0] ? rcu_lock_release+0x20/0x20 [ 203.901209][ C0] ? kthread_blkcg+0xd0/0xd0 [ 203.901222][ C0] ret_from_fork+0x1f/0x30 [ 203.901241][ C0] [ 203.903992][ T5856] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 203.994601][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 204.219159][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0 [ 204.227214][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 204.237249][ T27] Call Trace: [ 204.240511][ T27] [ 204.243425][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 204.248089][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 204.253738][ T27] ? panic+0x860/0x860 [ 204.257795][ T27] panic+0x318/0x860 [ 204.261787][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 204.267427][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 204.273574][ T27] ? fb_is_primary_device+0xd0/0xd0 [ 204.278765][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 204.284815][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 204.290954][ T27] ? nmi_trigger_cpumask_backtrace+0x281/0x2a0 [ 204.297093][ T27] ? nmi_trigger_cpumask_backtrace+0x286/0x2a0 [ 204.303234][ T27] watchdog+0xeb0/0xeb0 [ 204.307382][ T27] kthread+0x3f6/0x4f0 [ 204.311433][ T27] ? hungtask_pm_notify+0x50/0x50 [ 204.316438][ T27] ? kthread_blkcg+0xd0/0xd0 [ 204.321009][ T27] ret_from_fork+0x1f/0x30 [ 204.325429][ T27] [ 204.328719][ T27] Kernel Offset: disabled [ 204.333052][ T27] Rebooting in 86400 seconds..