last executing test programs: 4m0.336225406s ago: executing program 4 (id=995): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000180)={0x20000b6, 0x2001, 0x7, 0xfffffffc}) mq_timedreceive(r2, &(0x7f0000000340)=""/221, 0xdd, 0x0, 0x0) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_REGISTER(r3, &(0x7f00000000c0), 0x2) 4m0.118145259s ago: executing program 4 (id=996): bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x1014, 0xffffffffffffffff, 0x14, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20010004, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x9) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) getsockopt$sock_buf(r4, 0x1, 0x3d, &(0x7f0000001d00)=""/4096, &(0x7f0000000100)=0x1000) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) 3m59.152689832s ago: executing program 4 (id=999): socket$packet(0x11, 0x3, 0x300) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x84000000, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x1, 0x1}}}}}}]}, 0x48}}, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r4, @ANYBLOB="64800400", @ANYBLOB='\b\x00'], 0x90}}, 0x0) 3m58.710549413s ago: executing program 4 (id=1000): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000001c0)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000dc0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000680)={0x34, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000f40)={0x1c, &(0x7f0000000e80)=ANY=[], 0x0, 0x0}) 3m55.597623424s ago: executing program 4 (id=1011): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000001480)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES64=r0, @ANYBLOB="010800000000030000000b00000008000300", @ANYRES32=r1, @ANYBLOB="0a00973f81c6557998951c283e33214cccd4900beca04f3c1e45fe1cba83cde834e2eb189f3c6125e233a78b2a351347184ff8402fe05507d327e924069e0f0b2d504b35ff05d919455967e2d10524aff0ef293bae7c2003020bc05ac48bf9a33c8158bfbf6ff31f31fed9a5fa8caf2090a6faf02b666817c9625539475ec766e4ad3f5fd471144c84f0eba1f126e85a8b291e78b755ebee3a5be360fe943d7f5a8acc5797ff20768af422d3cdbf79ca5e5caff8450f2fab178a2eff619c8224702f8a96843d584e03f7424f2db93e9d3d008444c3103b477a5aba9ff8ee5e2647eebb83675d7f42400310"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x8000) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_open_dev$loop(0x0, 0x20364, 0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b67bcb1b997ce8b6325d151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb", 0xa4}, {&(0x7f0000000e40)="029993440c7a0c95d3bb8cf353fd63ca88ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c364fb7ac429e434ccb0320483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca001c470155ed985a179f87c9bc40206c86df9abc5be93ce0d96", 0x71}, {&(0x7f0000000f80)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce95704431153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a9d94e235a71b80fa7ef3bcd2179fee3518f3d2c6b4e7ee889c5827c7ad7e53ace3a253a5ddb477f09a58550a49a339e1acefcc69a3dab0b39c4087f78983e938babb909e104858a3914762f2471b43abf5928140d095689f5db1d348d151e12ebedeb2ae484da324e7d7881c34e717c17fda7c8f0f6f67415bd28b4e8bca86b336d8918eef0ea867a21455c1a6f187f86ffab6e306d536561acf0da3af725b56eef508902e3f052380e5da93b237f8c9dbc038b311befe94f9d9a97789", 0x186}, {&(0x7f0000000680)="397d5f2edc82d0d67b12598491a939501079de6b93337ae5ab9ee47dc3e798cf69cfebf169fc7257f308227094d569a4326954e50ea185bc6fff0507c5dfd26676de9dbfc4fe6db927cd4d03965f420326d5a4066c8726b9f2ca90f2158d3cc3f0ac8df7abf77ef4", 0x68}], 0x4}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000640)="63c3b1aaea9b9e5481dcd8c125f478bedc0474ab0607636ee67ac13102", 0x1d}], 0x1}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb3", 0x2b}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f", 0x80}, {&(0x7f0000000a00)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c9100000000000000", 0x7a}, {&(0x7f0000000ac0)="bd2f6aa36cea0e62ac00a4539dd80281164750339fcc3cd1f7bb1b74e98dbbe81e997d4847ee5d06a72e6f1c6b8a873c7ea7760f102483b578526af9775e51b84818d0", 0x43}, {&(0x7f0000000840)="d31547c4f8a72a1d1f163c917e6e9ec6044b034b0fb9ad2702a1952a1914f33cdc35f1bc4139b5b35c886ad316729ceb015bdfaaae494bd9b206f9b201fe6e3f06f72abee112774d0fc530e9b05abf1a8df5a4a0cf9931e439d263fd5308507f32e9fc5a26752d6d5b984699efb70fb7f6f59c93dff1549946427fc420bd55256245dfe8090300000000000000823af43dbb8a8ab1e1b20809cca5d52803afb14c76b97dc2ca4f7bf783579e6fcfe7f7e9105b3bc57414bd4da31fd1f155dd075ebda47cb00d0c", 0xc7}, {&(0x7f0000000bc0)="91f863dc974c0b31640ea56f5f2219e02b867338a4451b988393b9364939b45ee08a130e785e56198dbd0b4eed94352b188d74078f545ed6f7a9860324bf3f63326549b3f6dd96ebd6c43870644a554bf8ee7b9409ca7f4a01aafd53907fb1477d67bb5d06ee9a00256d651d84969440", 0x70}], 0x6}}], 0x3, 0xc0) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) listen(0xffffffffffffffff, 0x3) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 3m52.898792801s ago: executing program 4 (id=1017): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) setrlimit(0x8, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) write$cgroup_pid(r2, &(0x7f00000001c0), 0x12) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12) write$cgroup_pid(r6, &(0x7f0000000180), 0x12) 19.577126502s ago: executing program 1 (id=1715): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = syz_open_dev$evdev(&(0x7f00000002c0), 0x4, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000280), 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mount$9p_virtio(&(0x7f0000000240), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) r4 = socket$inet(0x2b, 0x80000, 0x4) connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0xedd55e3d3949e4f9, &(0x7f0000000300)=ANY=[@ANYRESDEC=r2, @ANYRESDEC, @ANYRESOCT=r1, @ANYRESDEC, @ANYRES16=r4, @ANYRESOCT, @ANYRES8]) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r5, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'hsr0\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0xf53, @void, @value}, 0x94) setsockopt$IP_VS_SO_SET_STOPDAEMON(r5, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'dummy0\x00'}, 0x18) mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='xfs\x00', 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) 17.228993226s ago: executing program 1 (id=1718): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='hrtimer_start\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6", 0x9}], 0x1}, 0x0) pipe2(0x0, 0x184800) io_setup(0x2, &(0x7f0000000380)=0x0) io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00') r2 = socket$rxrpc(0x21, 0x2, 0xa) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x2, @multicast2}}, 0x24) listen(r2, 0x0) recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}}], 0x1, 0x0, 0x0) 14.664092397s ago: executing program 1 (id=1723): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0xc, 0x8a}, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) bind$bt_l2cap(r3, &(0x7f00000000c0)={0x1f, 0x0, @none}, 0xe) 13.193125618s ago: executing program 1 (id=1725): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8) close(r1) 12.00832547s ago: executing program 1 (id=1727): socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200800, &(0x7f0000000440)={[{@nodiscard}, {}, {@acl}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@noauto_da_alloc}, {@nodelalloc}, {@auto_da_alloc}, {@norecovery}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+") chdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0xc, &(0x7f00000000c0)=ANY=[], 0x1, 0x25d, &(0x7f0000000c00)="$eJzs3E+LG2UcB/Cf27q73dJmDyIoiA960cvQ3b6CIC2IC8raiHoQpu6shh2TJRMiEbG9efV1FI/eBPUN7MWbd297Ebz0IEY2f7axRrRl11Hz+UB4fuHJlzyTTMJv5vAcv/3FRwf7Vbaf92NlPcVKxN24H7F5Uk09MR1XxvVqzLsbL1/++Yfn3nzn3deaOzs3dlO62bx1fTuldPX5bz7+9MsXvutffuurq1+vxdHme8c/bf949PTRM8e/3vqwXaV2lTrdfsrT7W539m7VQZbSG2WRV0Vqd6qiN53v57fLIu2X3cPDYco7e1c2DntFVaW8M0wHxTD1u6nfG6b8g7zdSVmWpSsbwV9p3dvdzZt1r4Lz1es18wsRcekPM60LtSwIAKjVWfX/q7P+/2T6Mfr/SX+/1/5H+//rZ/1p/tfo/5fBSf+/Mf39/l7rXi0LAgAAAAAAAAAAAAAAHsn90agxGo0as3H2WIuI9YiYPa97nZwP3/9ym9u4Yz2i/HzQGrQm42S+uR/tKKOIa9GIX8bnw9Skvvnqzo1raWwzvi3vTPN3BtOtBU7zW9GIzcX5rUk+zeej9WRszOe3oxFPLc5vL8gPWqvx0otz+Swa8f370Y0y9sbn9YP8Z1spvfL6zkP5S+PXAQAAwP9Blk4tvH7Psj+bn+Qf4f7AQ9fXF+PZi/UeOwAAACyLavjJQV6WRU+hUChOi7r/mQAAgLP2oOmveyUAAAAAAAAAAAAAAAAAAACwvB5rh7DR2iT8N1N1HyMAAAAAAAAAAAAAAAAAAAAAAAD8W/wWAAD//ySDKGU=") open(&(0x7f0000002000)='./bus\x00', 0x14f942, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) 11.755247231s ago: executing program 0 (id=1731): r0 = socket(0x10, 0x2, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f00000003a840"], 0x0}, 0x0) r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGUSAGE(r2, 0xc018480b, 0x0) ioctl$HIDIOCGREPORT(r2, 0x501c4814, 0x0) 8.231639053s ago: executing program 2 (id=1734): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f00000002c0)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r1) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xfffffffffffffffe) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r6}, 0xc) ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}}) 8.149265751s ago: executing program 0 (id=1735): r0 = socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000000040)) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x101, 0x40001071, 0xffffffffffffffff, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000cc0)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x5b72fb7c, 0x0) read$msr(r5, &(0x7f0000048040)=""/102400, 0x19000) shutdown(0xffffffffffffffff, 0x2) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x2, 0x2, 0x0, @void, @value}, 0x10) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r6, 0x2, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2508007a0000000000000700000008000300", @ANYRES32=r3], 0x54}}, 0x0) 7.95327115s ago: executing program 3 (id=1736): msgget$private(0x0, 0x0) msgctl$MSG_STAT_ANY(0x0, 0xd, 0xfffffffffffffffe) socket$inet(0x2, 0x4000000805, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x0, &(0x7f0000000000)=0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = socket(0x8000000010, 0x2, 0x0) write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) r1 = socket(0x840000000002, 0x3, 0x100) syz_emit_ethernet(0x0, 0x0, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10) sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}}) 7.87640224s ago: executing program 0 (id=1737): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_emit_ethernet(0x7f, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) times(&(0x7f00000001c0)) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r3, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000002840)=ANY=[@ANYBLOB="1400000027001333000000000000000004000080"], 0x14}], 0x1}, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$pvfs2(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) 7.23485536s ago: executing program 2 (id=1738): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = syz_io_uring_setup(0x23c, &(0x7f0000000380)={0x0, 0x1ffefe, 0x10100, 0x7ffff, 0x0, 0x0, r1}, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000180)={0x8000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", 0xffffffffffffffff}) ppoll(&(0x7f0000000700)=[{r6}], 0x1, 0x0, 0x0, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) 6.215726448s ago: executing program 0 (id=1739): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in=@local, @in=@remote, 0x4e21, 0x1, 0x4e24, 0x7, 0xa, 0x0, 0x20, 0x4, r2}, {0x7, 0x400, 0xffffffff, 0x8, 0x1, 0x0, 0x101, 0x3}, {0x6, 0xe5, 0x6, 0x6}, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1}, {{@in=@private=0xa010101, 0x4d3, 0x6c}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3507, 0x2, 0x3, 0x9, 0x3e243488, 0x3, 0x180000}}, 0xe8) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 5.416571685s ago: executing program 2 (id=1740): r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000480)={'team_slave_1\x00', 0x0}) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000013d40)=ANY=[@ANYBLOB="18000000000000100000000000000700b5000000087c"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r4, r3, 0x25, 0x0, @val=@netkit={@void, @value}}, 0x40) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000120000000c00018008000100", @ANYRES32=r3, @ANYBLOB="0800060002"], 0x28}}, 0x0) 5.241800422s ago: executing program 3 (id=1741): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000000c0)=@x86={0xa, 0x6, 0xa5, 0x0, 0x3, 0x13, 0xff, 0x1, 0x8, 0x1, 0xb, 0x8, 0x0, 0x9, 0x9, 0x1, 0x8, 0x7b, 0x2, '\x00', 0x3, 0x3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.204052889s ago: executing program 2 (id=1742): getpid() bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231706e53f070c0008002a0000070900be008300"], 0x0}, 0x0) syz_open_dev$evdev(0x0, 0x40, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000240)={0x14, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) 4.925187176s ago: executing program 1 (id=1743): set_mempolicy(0x2, &(0x7f0000000040)=0x5d, 0xa) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, 0x0) r0 = socket(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000140)={r1}) setsockopt$inet_int(r1, 0x0, 0x1, 0x0, 0x0) setsockopt$inet_int(r1, 0x0, 0x18, &(0x7f0000000000)=0xb, 0x4) r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) bind$llc(r2, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000000)=0xc) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000340), 0x8, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000077041db259880925bd6e04b1cb4872e37ae8b872a88a6785a64827d37f347cea6ab1cc3a2b7e3160a1d6d905bdf194b6c1564bf49865895a90480f74179a1b247e6ef7f1e47fd0641fa466bf85772f6b5c487fd9765579d7b72223643a0b95a7af3182e2a7a7e3897cd171960b51ed3f7427aafe310a7d6e5c3ea86105da8c306900"/170], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7c, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000140)={0x2, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000040)=0x1) move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0}, 0x18) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) 4.826046046s ago: executing program 0 (id=1744): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x85, 0x4f, 0xbe, 0x10, 0x50d, 0x2102, 0x70d0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1d, 0x0, 0x2, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0xa, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x450}}]}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="4014030200002a58eb"], 0x0, 0x0, 0x0, 0x0}) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000540)=ANY=[@ANYRES8=0x0, @ANYRESHEX, @ANYRES32=0x0], 0x11, 0x6a0, &(0x7f0000004200)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVRQIxI7VgrhkoAQClKFqnDgbDVOY8VJg+OitAfiAhJXDvwB5RAucAIhJCSkSOUMt4qbxakSEpee0h4YNLOz9trd9UvebMPnE80+zzPPzDO/+c3LvkTWBPi/delU2vfTyaVTr9+p2mv35pbW7s3d6NWTjCdpJe1ukeJmUnyYXEx3yheqmc1wxbDt/Grx/OWPPln7uNtqZ2O86qUzPMD2bvZitZkynWSkKR/BpvHefLjxxjeqxXpmqoSd7CUO9ttoknKTHx3f6BmkHOlrDL3egcOj6L5v9ule/1PJkSQTvTe01W5n6+lHuKM93YtWn1wcAAAAcGAcfXA3uZPJ/Y4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpPm+f9FM7V69ekUvef/j/U9Y39sn8MdbvvIJnqV+62nEQwAAAAAAAAAPFlfepDfXi7LyV67LOr/83+5bhyrX5/JO7mdhSzndO5kPitZyXJmk0z1DTR2Z35lZXm2t+ZnZVkOWfPswDXP7jLgzuPYawAAAAAAAAD4n3GhKX+aS5nc51gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCTIhnpFvV0rFefSqudZCLJWLXcavL3Xv0wu7/fAQAAAMBTcPRBHuROJnvtsqi/8x+vv/dP5J3czEoWs5KlLORK/VtA91t/a+3e3NLavbkb1fT5cb/17436HyZ3DKMeMd3fHgZv+US9RCdXs1jPOZ0383aWciWtes3KiV48g+N6v4qpuNBVlrtL0JWmrPb8l015MEzVGRldz8hME1uVjWe3z0T/0XmILc2mtf7Lz7E95PzCtlsp/tM7Jkd6c5Jnvrdzzkf3tDOPZGsmzvadfce3z0TylT/+7ofXlm5ev1asnjo4p9EejP9z46rZmom5vky8uOtMXL19ODOxVSsvrNcv5bv5QU5lOm9kOYv5ceazkoVM5zt1bb45n6vXqe0zdXFT642dohhrjsvIlpi+fLRbbhfTy/W6k1nM9/N2rmQhr9X/zmY2X8+5nMv5viP8wi6u+taAq/5Pw4M/+dWm0knyi6Y8GKq8PtuX1/577lTd1z+nlXK8u95zj+3euK79xaZSHYmfNeXBsJ6Jiay/S/Sie76XgdGBmfh1fVu5vXTz+vK1+Vtbxi1WB2/vlWze/T3dSEb2svBeVefLc9XBqlubz46q7/mBfbN137H1vtbWvt901vt2ulLHms9wnx/pbN334sC+ubrvRF/fxuetz8qy7H7eAuDAO/LqkbHOvzp/63zQ+XnnWuf1iW+Pf2P8pbGM/nX0m+2ZkVdaLxW/zwf5SXb+hg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzo9rvvXZ9fWlpY3lIpy/LukK4nUkk72TTnL3/uWyZJ/TCg3Q9YLX2xldRz2mkqewvs7sPtzvsPm4R/NMfkqST8sVQmhp4/WyuflmV5MGLeTaVsHJR4nkDl1bIst11mX29LwFNwZuXGrTO3333va4s35t9aeGvh5vlz587PnD/32tyZq4tLCzPd1/2OEngS+j6BAwAAAAAAAAAAAIfE7v44p3i0v+0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeASXTqV9P0VmZ07PVO21e3NL1dSrbyz5aZJWkmI6KT5MLqY7ZapvuGLYdlaTyx99svZxt9Vupnr51nbr7c5qM2U6yUhTDjAxaGZ5d9h4RT3OreHjbTFsL4r1viphJ3uJg/323wAAAP//H4wcFQ==") r2 = creat(&(0x7f00000000c0)='./file1\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x0) write$cgroup_type(r2, &(0x7f0000000200), 0x175d9003) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$usbfs(0x0, 0x77, 0x101301) getrandom(0x0, 0x0, 0x0) mkdir(0x0, 0x0) chdir(0x0) mkdir(&(0x7f00000000c0)='./control/file0\x00', 0x80) open$dir(0x0, 0xc4540, 0x0) 4.411129321s ago: executing program 3 (id=1745): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='hrtimer_start\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6", 0x9}], 0x1}, 0x0) pipe2(0x0, 0x184800) io_setup(0x2, &(0x7f0000000380)=0x0) io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) r2 = socket$rxrpc(0x21, 0x2, 0xa) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x2, @multicast2}}, 0x24) listen(r2, 0x0) recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}}], 0x1, 0x0, 0x0) 3.323901258s ago: executing program 3 (id=1746): r0 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./bus\x00', 0xc0100) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000100)={{0xa, 0x4e23, 0x2, @empty, 0x8}, {0xa, 0x4e21, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x0, {[0x6, 0x101, 0x2, 0x4, 0x8, 0x4, 0x3, 0x4000]}}, 0x5c) io_setup(0x82, &(0x7f0000000180)) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x1, 0x9, 0x1, 0x2, 0xffffffffffffffff, 0x944, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000001c0)='ns/cgroup\x00') syz_open_procfs$namespace(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00'}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg1\x00'}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=@newtclass={0x24, 0x28, 0x300, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xd, 0xfff2}, {0x6, 0x1}, {0x8, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000040) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000104000000000000000000480000", @ANYBLOB], 0x28}}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{}, &(0x7f0000000640), &(0x7f0000000680)}, 0x20) r3 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc) getsockopt$inet_buf(r3, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9) write$binfmt_misc(r0, &(0x7f0000000040), 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$smc(&(0x7f0000001980), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r4, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000000400)={0x34, r5, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0) r6 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r6, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 2.782175591s ago: executing program 2 (id=1747): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42042, 0x2) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000480)="37d4", 0x2}], 0x1, 0x6e45, 0x0, 0x0) 2.03837372s ago: executing program 3 (id=1748): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_emit_ethernet(0x7f, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) times(&(0x7f00000001c0)) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r3, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000002840)=ANY=[@ANYBLOB="1400000027001333000000000000000004000080"], 0x14}], 0x1}, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$pvfs2(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) 776.931574ms ago: executing program 3 (id=1749): r0 = socket$packet(0x11, 0x2, 0x300) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', 0x0}) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000080), 0x4) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmmsg(r2, &(0x7f0000007fc0), 0x2d, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x58}}, 0x0) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r5, &(0x7f0000000180)='./bus\x00', 0x0) chdir(&(0x7f0000000540)='./file0\x00') sendmsg$nl_route(r4, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@getaddr={0x14, 0x16, 0x0, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000000) creat(&(0x7f0000000e00)='./file0\x00', 0x0) renameat2(r5, &(0x7f0000000380)='./file0\x00', r5, &(0x7f00000000c0)='./bus/file0\x00', 0x2) syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x6, &(0x7f0000000040), 0x7, 0x4de, &(0x7f0000000e40)="$eJzs3E9sFNUfAPDvbP8C5Ud//PihIGoRjY3GFgoKBxOD0cSDJkY86LFpC0EKNbQmQogsicGjIfFuPHr14FW9GU4mXvFoYkiI4QJ4GjO7M+12u7u0220L7eeTLPPe7Jt9782bN/vmPbYBbFlD2T9JxEBE3IqIXRFRqk8wVN3cv3tl4sHdKxNRTtNTfyfZYXEvi+eSfLsjjwyXIkpfJgtv1Ji9dPnc+PT01MU8Pjp3/tPR2UuXXzl7fvzM1JmpC2MnThw7euT4a2OvrrxSDfLL6nVv/xczB/a98/GN9ya6i/39+ba2Hp0yFEONilLxQqcz22A7a8JJd6uUb6x9YVi27PrPmqun0v93RVe0bDxgE0nTNO1r/nY5LUR/dXstBTaNJFZ8SO/KDwEePcUXffb8W7waDQR612b4seHunKw+AGX1vp+/Ip6t7CzmQXrqnm87aSgiPir/8232ijWahwAAqPXzyWIkWDf+G4zYW5PuP/kaymBE/DcidkfE/yJiT0T8P6ppn4iIJ+s+vysi0hb5D9XFl45/SrdXV8PWsvHf6/na1sL4L2pXwQa78tjOiGLAPHU4PyfD0dN3+uz01JGmOaTpL2/9/nWzd2vHf9kry78YC+bluN1dN0E3OT43vooqL3LnWsT+7vr6J90RyfxKQBIR+yJi/wo+d7AmfPal7w/MR3oWp3t4/SvShutoHViqSL+LeLHa/uVY1P4LOSat1ydH+2N66vBodhUcbpjHzd+uv98s/4fW/8c/6w95+/hPp/KetXpZ+2+vuf6jWL9dqP9gEpHMr9fOrjyP63981fSZpt3rvzf5sBIunks/H5+bu3gkojd5d+n+sYVji3i2jXK1/sOHGvf/3fkx2Zl4KiKyi/jpiHgmqk+IQ5FePRgRz0XEoRb1//XN5z9pv/5rK6v/ZMP736L2X1ivzwLZ3ouL9oxPJ+Vq6oU984GucwdvPWhy81he+x+rhIbzPY3vf8miW8TSUjQOrPL0AQAAwGOhFBEDNXNJA1EqjYxU54D2xPbS9Mzs3MunZz67MFn9jcBg9JSKma7qfHBPUsx/DtbEx+riR/N542+6tlXiIxMz05MbWnNgR6XPJ6WR+XtBtf9n/urMFDPwKPOTH9i6Htb/995Yp4IA6873P2xdNf2/3CRJ2f+Ugc1pOd//5gJhc2rU/6+2cQzweEn1ZdjSVtL/F6e9uavjhQHWVXd8MB8ubWhJgPVm/A9b0rJ+JN92IO1r/FZ/LE0c/a0/sCvaK8a2BnltSCAbWW1I7tvaOar4awpN00RpZR/Yt+RPRrTXpqdXf1rO7O34xZ/m62OdbsEf1qWfNgq0vm+MDazdPQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCT/g0AAP//hE3Zug==") r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.current\x00', 0x275a, 0x0) r7 = openat$cgroup_ro(r6, &(0x7f00000000c0)='cgroup.freeze\x00', 0x275a, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0xc0506617, &(0x7f0000000000)) 1.068568ms ago: executing program 0 (id=1750): bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = timerfd_create(0x0, 0x0) readv(r2, 0x0, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0x200d54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r5}, &(0x7f0000000a00), 0x0}, 0x20) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00032cbd7000fdc8df25820000000c009900faffffff12ab7e284924382b9c09beeb70a4ab2872000000"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x8800) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000000480)={{0x80, 0x8}, 'port0\x00', 0x66, 0x2a1e76d0bd0a5514, 0x0, 0x0, 0x3fffffc, 0x6e13, 0x0, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r3, 0xc0a85320, &(0x7f00000007c0)={{0x80}, 'port1\x00', 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) creat(0x0, 0x0) 0s ago: executing program 2 (id=1751): r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000480)={'team_slave_1\x00', 0x0}) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000013d40)=ANY=[@ANYBLOB="18000000000000100000000000000700b5000000087c"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r4, r3, 0x25, 0x0, @val=@netkit={@void, @value}}, 0x40) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000120000000c00018008000100", @ANYRES32=r3, @ANYBLOB="0800060002"], 0x28}}, 0x0) kernel console output (not intermixed with test programs): usb 1-1: config 0 descriptor?? [ 344.563063][ T8] as10x_usb: device has been detected [ 344.573722][ T9] usb 3-1: device descriptor read/8, error -71 [ 344.583220][ T8] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 344.667696][ T8864] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1022'. [ 344.684063][ T8864] 9pnet_virtio: no channels available for device syz [ 345.377280][ T9] usb usb3-port1: unable to enumerate USB device [ 345.387717][ T8] usb 1-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 345.425096][ T8] as10x_usb: error during firmware upload part1 [ 345.439926][ T8] Registered device nBox DVB-T Dongle [ 345.442940][ T8] usb 1-1: USB disconnect, device number 23 [ 345.478691][ T8] Unregistered device nBox DVB-T Dongle [ 345.479800][ T8] as10x_usb: device has been disconnected [ 345.705950][ T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 345.914064][ T9] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 345.924766][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 345.936039][ T9] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 345.945262][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 345.961789][ T9] usb 4-1: SerialNumber: syz [ 346.179264][ T9] usb 4-1: 0:2 : does not exist [ 346.184228][ T9] usb 4-1: unit 5: unexpected type 0x03 [ 346.207113][ T9] usb 4-1: unit 4 not found! [ 346.243967][ T9] usb 4-1: USB disconnect, device number 25 [ 346.295151][ T5315] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 346.311585][ T5235] udevd[5235]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 346.435210][ T8877] overlayfs: failed to resolve './file1': -2 [ 346.456011][ T5315] usb 3-1: Using ep0 maxpacket: 32 [ 346.468456][ T5315] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 346.578461][ T5315] usb 3-1: config 0 has no interface number 0 [ 346.646037][ T5315] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 346.721440][ T5315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.834186][ T5315] usb 3-1: Product: syz [ 346.979582][ T5315] usb 3-1: Manufacturer: syz [ 346.984271][ T5315] usb 3-1: SerialNumber: syz [ 347.026829][ T5315] usb 3-1: config 0 descriptor?? [ 347.064220][ T5315] smsc95xx v2.0.0 [ 347.233039][ T8885] fuse: Unknown parameter '0x0000000000000003' [ 347.480425][ T5315] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 347.491412][ T5315] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 347.628534][ T8893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1033'. [ 347.667940][ T8893] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1033'. [ 347.764851][ T8893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1033'. [ 347.886016][ T8893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1033'. [ 348.033074][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 348.333673][ T8895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1034'. [ 348.343183][ T8895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1034'. [ 348.917793][ T8904] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1038'. [ 349.589893][ T5315] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -32 [ 349.600836][ T5315] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -32 [ 350.635538][ T8920] fuse: Unknown parameter '0x0000000000000003' [ 350.654671][ T5315] usb 3-1: USB disconnect, device number 33 [ 350.904056][ T8928] 9pnet_virtio: no channels available for device syz [ 351.207667][ T8931] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 351.216368][ T8930] IPVS: stopping master sync thread 8931 ... [ 351.345211][ T8934] ./file0: Can't lookup blockdev [ 351.675046][ T8936] IPVS: wrr: TCP 172.20.20.170:0 - no destination available [ 351.752380][ T8940] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1046'. [ 351.781811][ T8940] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1046'. [ 351.803647][ T8940] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1046'. [ 351.829498][ T8940] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1046'. [ 354.188092][ T8964] fuse: Unknown parameter '0x0000000000000003' [ 354.277013][ T5244] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 354.477383][ T5244] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 354.545905][ T5244] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 354.606253][ T5244] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 354.614278][ T5244] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 354.622084][ T5244] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 355.276790][ T5315] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 355.718212][ T5315] usb 4-1: Using ep0 maxpacket: 32 [ 355.736984][ T5315] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 355.745217][ T5315] usb 4-1: config 0 has no interface number 0 [ 355.755779][ T5284] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 355.778903][ T5315] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 355.883870][ T8978] mkiss: ax0: crc mode is auto. [ 356.727582][ T5244] Bluetooth: hci0: command tx timeout [ 356.763879][ T5315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.777599][ T5315] usb 4-1: Product: syz [ 356.781899][ T5315] usb 4-1: Manufacturer: syz [ 356.793988][ T5315] usb 4-1: SerialNumber: syz [ 356.822820][ T5315] usb 4-1: config 0 descriptor?? [ 356.831541][ T5315] smsc95xx v2.0.0 [ 357.014343][ T5315] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 357.015912][ T5284] usb 1-1: Using ep0 maxpacket: 32 [ 357.024753][ T5315] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 357.042671][ T5315] usb 4-1: USB disconnect, device number 26 [ 357.058138][ T5284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.069464][ T5284] usb 1-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00 [ 357.080540][ T5284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.103394][ T5284] usb 1-1: config 0 descriptor?? [ 357.334084][ T8957] chnl_net:caif_netlink_parms(): no params data found [ 357.349623][ T8975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 357.365087][ T8975] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 357.394370][ T5284] usbhid 1-1:0.0: can't add hid device: -71 [ 357.404372][ T5284] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 357.439849][ T5284] usb 1-1: USB disconnect, device number 24 [ 357.658055][ T8957] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.675891][ T8957] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.693758][ T8957] bridge_slave_0: entered allmulticast mode [ 357.709212][ T8957] bridge_slave_0: entered promiscuous mode [ 357.724788][ T8957] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.733256][ T8957] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.741771][ T8957] bridge_slave_1: entered allmulticast mode [ 357.763464][ T8957] bridge_slave_1: entered promiscuous mode [ 357.816424][ T8957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 357.832448][ T8957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 357.942600][ T8957] team0: Port device team_slave_0 added [ 357.964701][ T8957] team0: Port device team_slave_1 added [ 358.037845][ T8957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 358.055105][ T8957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.165777][ T8957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 358.184337][ T8995] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1062'. [ 358.215338][ T8957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 358.223315][ T8957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.254379][ T8957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 358.376160][ T8957] hsr_slave_0: entered promiscuous mode [ 358.404082][ T8957] hsr_slave_1: entered promiscuous mode [ 358.426271][ T8957] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 358.439174][ T8957] Cannot create hsr debugfs directory [ 358.517503][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1065'. [ 358.542452][ T9005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1065'. [ 358.570372][ T9005] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1065'. [ 358.811469][ T5244] Bluetooth: hci0: command tx timeout [ 359.242790][ T9011] misc userio: No port type given on /dev/userio [ 359.577053][ T8957] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.676243][ T5316] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 359.740528][ T8957] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.825790][ T5316] usb 3-1: Using ep0 maxpacket: 32 [ 359.884305][ T5316] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 359.965856][ T5316] usb 3-1: config 0 has no interface number 0 [ 359.973466][ T9024] sctp: [Deprecated]: syz.1.1072 (pid 9024) Use of int in maxseg socket option. [ 359.973466][ T9024] Use struct sctp_assoc_value instead [ 360.002923][ T5316] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 360.036912][ T5316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.072434][ T5316] usb 3-1: Product: syz [ 360.257879][ T8957] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.672083][ T9029] orangefs_mount: mount request failed with -4 [ 360.738974][ T8957] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.853813][ T5316] usb 3-1: Manufacturer: syz [ 360.858637][ T5316] usb 3-1: SerialNumber: syz [ 360.885981][ T5244] Bluetooth: hci0: command tx timeout [ 360.897437][ T5316] usb 3-1: config 0 descriptor?? [ 360.934324][ T5316] smsc95xx v2.0.0 [ 361.481627][ T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 361.708894][ T5316] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 361.730413][ T5316] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 361.802257][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 361.822736][ T8957] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 361.828934][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 361.876083][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 361.889570][ T8957] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 361.901661][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 361.943939][ T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 361.957845][ T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 361.967818][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.968530][ T8957] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 361.992431][ T9040] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1077'. [ 362.003804][ T9040] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'. [ 362.018155][ T9040] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1077'. [ 362.022335][ T8957] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 362.192694][ T9] usb 1-1: GET_CAPABILITIES returned 0 [ 362.227439][ T9] usbtmc 1-1:16.0: can't read capabilities [ 362.298852][ T8957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 362.358520][ T8957] 8021q: adding VLAN 0 to HW filter on device team0 [ 362.372693][ T1073] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.379985][ T1073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.484852][ T2896] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.492036][ T2896] bridge0: port 2(bridge_slave_1) entered forwarding state [ 362.506039][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.517985][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.527112][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.536202][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.545268][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.569002][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.578115][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.587177][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.596231][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.613025][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.622144][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.631226][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.640284][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.650274][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.659369][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.668428][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 362.680136][ T940] usb 1-1: USB disconnect, device number 25 [ 362.966739][ T5244] Bluetooth: hci0: command tx timeout [ 363.012082][ T8957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 363.985538][ T5316] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -32 [ 363.996663][ T5316] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -32 [ 364.021340][ T9073] sctp: [Deprecated]: syz.3.1084 (pid 9073) Use of int in maxseg socket option. [ 364.021340][ T9073] Use struct sctp_assoc_value instead [ 364.156357][ T8957] veth0_vlan: entered promiscuous mode [ 364.189994][ T5246] usb 3-1: USB disconnect, device number 34 [ 364.205190][ T8957] veth1_vlan: entered promiscuous mode [ 364.365967][ T8957] veth0_macvtap: entered promiscuous mode [ 364.416084][ T8957] veth1_macvtap: entered promiscuous mode [ 364.519241][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.562833][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.595485][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.648677][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.675850][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.702020][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.748591][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.780371][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.792653][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.832774][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.861211][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.894866][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.954794][ T8957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 364.973513][ T9083] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1086'. [ 365.107892][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.126029][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.145928][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.171251][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.210366][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.256939][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.291733][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.338335][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.373840][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.412764][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.458056][ T8957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.490815][ T8957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.548106][ T8957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 365.600286][ T8957] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.629738][ T8957] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.657863][ T8957] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.683624][ T8957] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 366.602984][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.647674][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.705577][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.725130][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.905846][ T5316] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 367.421009][ T5316] usb 4-1: Using ep0 maxpacket: 32 [ 367.557015][ T5316] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 367.565190][ T5316] usb 4-1: config 0 has no interface number 0 [ 367.574663][ T5316] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 367.589376][ T5316] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.604074][ T5316] usb 4-1: Product: syz [ 367.612962][ T5316] usb 4-1: Manufacturer: syz [ 367.621970][ T5316] usb 4-1: SerialNumber: syz [ 367.633513][ T5316] usb 4-1: config 0 descriptor?? [ 367.649679][ T5316] smsc95xx v2.0.0 [ 368.105913][ T5316] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 368.133906][ T5316] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 368.298768][ T9] libceph: connect (1)[c::]:6789 error -101 [ 368.304933][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 368.443464][ T9121] ceph: No mds server is up or the cluster is laggy [ 368.593087][ T9132] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1102'. [ 368.762734][ T9139] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1103'. [ 368.811280][ T9139] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 368.843545][ T9139] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 368.865987][ T9139] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 368.876812][ T9139] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 368.899508][ T9143] fuse: Unknown parameter 'fd0x0000000000000003' [ 369.155546][ T9148] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1107'. [ 369.518526][ T9153] netlink: 'syz.2.1108': attribute type 1 has an invalid length. [ 369.526958][ T9153] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1108'. [ 370.245020][ T9152] overlayfs: failed to resolve './file1': -2 [ 370.416887][ T5316] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -32 [ 370.427938][ T5316] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -32 [ 370.665558][ T29] audit: type=1326 audit(1729299238.035:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.692189][ T29] audit: type=1326 audit(1729299238.045:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.723188][ T29] audit: type=1326 audit(1729299238.045:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.746645][ T29] audit: type=1326 audit(1729299238.045:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.770975][ T29] audit: type=1326 audit(1729299238.045:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.794912][ T29] audit: type=1326 audit(1729299238.065:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.851582][ T29] audit: type=1326 audit(1729299238.065:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.877133][ T29] audit: type=1326 audit(1729299238.065:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.901567][ T29] audit: type=1326 audit(1729299238.095:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 370.994662][ T29] audit: type=1326 audit(1729299238.095:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 372.106493][ T8] usb 4-1: USB disconnect, device number 27 [ 372.236800][ T9174] fuse: Unknown parameter 'fd0x0000000000000003' [ 372.638052][ T9187] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1119'. [ 372.663235][ T9187] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 372.672255][ T9187] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 372.682294][ T9187] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 372.825798][ T9187] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 373.343520][ T9196] netlink: 'syz.1.1118': attribute type 1 has an invalid length. [ 373.351471][ T9196] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.1118'. [ 374.067768][ T9208] fuse: Unknown parameter 'fd0x0000000000000003' [ 374.185780][ T8] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 374.298889][ T52] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 374.347391][ T8] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 374.364087][ T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 374.381047][ T8] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 374.390416][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 374.399948][ T8] usb 4-1: SerialNumber: syz [ 374.455775][ T52] usb 1-1: Using ep0 maxpacket: 32 [ 374.476959][ T52] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 374.485101][ T52] usb 1-1: config 0 has no interface number 0 [ 374.497978][ T52] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 374.515778][ T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.523870][ T52] usb 1-1: Product: syz [ 374.535744][ T52] usb 1-1: Manufacturer: syz [ 374.540402][ T52] usb 1-1: SerialNumber: syz [ 374.548758][ T52] usb 1-1: config 0 descriptor?? [ 374.556661][ T52] smsc95xx v2.0.0 [ 374.628657][ T8] usb 4-1: 0:2 : does not exist [ 374.633736][ T8] usb 4-1: unit 255 not found! [ 374.720699][ T8] usb 4-1: USB disconnect, device number 28 [ 374.762628][ T5235] udevd[5235]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 374.943226][ T9217] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1131'. [ 374.964855][ T52] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 374.985744][ T52] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 375.241984][ T9226] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1134'. [ 377.372081][ T52] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -32 [ 377.383032][ T52] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -32 [ 378.538442][ T940] usb 1-1: USB disconnect, device number 26 [ 378.706358][ T9262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1145'. [ 378.722412][ T9262] 9pnet_virtio: no channels available for device syz [ 378.746472][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.753004][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.551787][ T9263] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1147'. [ 379.738612][ T9274] netlink: 'syz.2.1151': attribute type 1 has an invalid length. [ 380.025017][ T9279] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 380.034867][ T9279] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 380.086493][ T9274] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 380.112763][ T9274] bond1 (unregistering): Released all slaves [ 381.909097][ T9304] misc userio: No port type given on /dev/userio [ 382.165292][ T9309] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1161'. [ 383.099810][ T9317] netlink: 'syz.0.1164': attribute type 11 has an invalid length. [ 383.112442][ T9317] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1164'. [ 383.425055][ T9318] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 383.918264][ T9325] mkiss: ax0: crc mode is auto. [ 386.855759][ T9349] input: syz1 as /devices/virtual/input/input11 [ 391.365599][ T9390] cgroup: fork rejected by pids controller in /syz2 [ 391.387680][ T9388] misc userio: No port type given on /dev/userio [ 392.786883][ T5237] bridge0: port 3(syz_tun) entered disabled state [ 392.884613][ T5237] syz_tun (unregistering): left allmulticast mode [ 392.902051][ T5237] syz_tun (unregistering): left promiscuous mode [ 392.999229][ T5237] bridge0: port 3(syz_tun) entered disabled state [ 394.202204][ T4629] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 394.212894][ T4629] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 394.222366][ T4629] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 394.231448][ T4629] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 394.243251][ T4629] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 394.252236][ T4629] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 396.330326][ T4629] Bluetooth: hci1: command tx timeout [ 397.319591][ T9419] chnl_net:caif_netlink_parms(): no params data found [ 397.412583][ T9446] input: syz1 as /devices/virtual/input/input12 [ 397.532346][ T9419] bridge0: port 1(bridge_slave_0) entered blocking state [ 397.550367][ T9419] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.560381][ T9419] bridge_slave_0: entered allmulticast mode [ 397.568515][ T9419] bridge_slave_0: entered promiscuous mode [ 397.577975][ T9419] bridge0: port 2(bridge_slave_1) entered blocking state [ 397.585349][ T9419] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.592914][ T9419] bridge_slave_1: entered allmulticast mode [ 397.602660][ T9419] bridge_slave_1: entered promiscuous mode [ 397.652567][ T9419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 397.700071][ T9419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 397.765201][ T9419] team0: Port device team_slave_0 added [ 397.778499][ T9419] team0: Port device team_slave_1 added [ 397.924165][ T9419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 397.932269][ T9419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 397.959601][ T9419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 397.987339][ T9419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 397.994381][ T9419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 398.707054][ T9419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 398.812544][ T4629] Bluetooth: hci1: command tx timeout [ 398.947581][ T9419] hsr_slave_0: entered promiscuous mode [ 398.975029][ T9419] hsr_slave_1: entered promiscuous mode [ 398.987808][ T9419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 398.995420][ T9419] Cannot create hsr debugfs directory [ 399.156439][ T9419] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.167389][ T9419] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 399.322504][ T9419] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.343248][ T9419] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 399.367024][ T9472] netlink: 'syz.1.1209': attribute type 1 has an invalid length. [ 399.441670][ T9419] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.452565][ T9419] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 399.477901][ T9472] bond1 (unregistering): Released all slaves [ 399.541914][ T9419] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.552676][ T9419] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 399.760248][ T9419] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 399.773291][ T9419] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 399.809963][ T9419] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 399.825185][ T9419] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 400.018794][ T9419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 400.070094][ T9419] 8021q: adding VLAN 0 to HW filter on device team0 [ 400.110148][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.117352][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.127650][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.134814][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 400.160364][ T9419] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 400.295851][ T9419] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 401.184213][ T5244] Bluetooth: hci1: command tx timeout [ 401.286891][ T5244] Bluetooth: hci5: command 0x0406 tx timeout [ 401.745343][ T9419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 401.847703][ T9419] veth0_vlan: entered promiscuous mode [ 401.879803][ T9419] veth1_vlan: entered promiscuous mode [ 401.966119][ T9419] veth0_macvtap: entered promiscuous mode [ 401.982387][ T9419] veth1_macvtap: entered promiscuous mode [ 402.027851][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.053353][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.065754][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.087809][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.105755][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.125692][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.135561][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.162581][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.184972][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.205479][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.217792][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.228587][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.238818][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.259453][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.275202][ T9419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 402.296827][ T9506] netlink: 'syz.3.1219': attribute type 1 has an invalid length. [ 402.347264][ T9507] bond1 (unregistering): Released all slaves [ 402.395887][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.427909][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.446346][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.469138][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.486131][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.505964][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.525909][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.543532][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.553423][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.566336][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.576273][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.586792][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.597235][ T9419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.608118][ T9419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.625452][ T9419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 402.661820][ T9419] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.685895][ T9419] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.699172][ T9419] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.710981][ T9419] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.906660][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.914554][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.982241][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 403.007220][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 403.210309][ T4629] Bluetooth: hci1: command tx timeout [ 404.156688][ T11] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 404.772892][ T9554] futex_wake_op: syz.3.1235 tries to shift op by 32; fix this program [ 405.159417][ T9556] binder: 9553:9556 ioctl c0306201 200011c0 returned -14 [ 405.995476][ T9558] random: crng reseeded on system resumption [ 406.238637][ T9558] Restarting kernel threads ... done. [ 406.372335][ T4629] Bluetooth: hci3: unexpected event for opcode 0x201c [ 406.566299][ T9547] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 406.972007][ T9574] mkiss: ax0: crc mode is auto. [ 407.785796][ T9581] sctp: [Deprecated]: syz.0.1243 (pid 9581) Use of int in maxseg socket option. [ 407.785796][ T9581] Use struct sctp_assoc_value instead [ 408.566745][ T52] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 408.739539][ T52] usb 1-1: Using ep0 maxpacket: 8 [ 408.764059][ T52] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 408.777154][ T52] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 408.789269][ T52] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 408.796041][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 408.796061][ T29] audit: type=1326 audit(1729299276.165:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 408.832626][ T52] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 408.871537][ T29] audit: type=1326 audit(1729299276.165:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 408.894610][ T52] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 408.914788][ T52] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.927638][ T29] audit: type=1326 audit(1729299276.225:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 408.960468][ T29] audit: type=1326 audit(1729299276.225:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 408.993639][ T29] audit: type=1326 audit(1729299276.225:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 409.026957][ T29] audit: type=1326 audit(1729299276.225:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 409.093152][ T29] audit: type=1326 audit(1729299276.225:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 409.185775][ T29] audit: type=1326 audit(1729299276.225:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 409.215599][ T29] audit: type=1326 audit(1729299276.225:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 409.241537][ T52] usb 1-1: GET_CAPABILITIES returned 0 [ 409.259131][ T52] usbtmc 1-1:16.0: can't read capabilities [ 409.262985][ T29] audit: type=1326 audit(1729299276.225:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.1.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x7ffc0000 [ 410.086340][ T5315] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 410.251274][ T5315] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 410.307907][ T5315] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 410.355161][ T5315] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 410.415854][ T4629] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 410.425905][ T4629] Bluetooth: hci3: Injecting HCI hardware error event [ 410.438929][ T4629] Bluetooth: hci3: hardware error 0x00 [ 410.447611][ T5315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 410.455896][ T5315] usb 4-1: SerialNumber: syz [ 410.678505][ T5315] usb 4-1: 0:2 : does not exist [ 410.684413][ T5315] usb 4-1: unit 255 not found! [ 410.696192][ T5315] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5) [ 410.745336][ T5315] usb 4-1: 5:0: cannot get min/max values for control 4 (id 5) [ 410.774764][ T5315] usb 4-1: 5:0: cannot get min/max values for control 7 (id 5) [ 410.831866][ T5315] usb 4-1: USB disconnect, device number 29 [ 410.903880][ T5235] udevd[5235]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 411.208902][ T9604] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 411.525184][ T5315] usb 1-1: USB disconnect, device number 27 [ 413.262495][ T4629] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 413.341684][ T4629] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 414.174667][ T9626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1259'. [ 414.213949][ T9615] netlink: 'syz.3.1256': attribute type 2 has an invalid length. [ 414.329560][ T9626] syzkaller1: entered promiscuous mode [ 414.350563][ T9626] syzkaller1: entered allmulticast mode [ 414.396185][ T9632] syz.2.1261 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 414.417575][ T4629] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 414.429079][ T4629] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 414.448127][ T4629] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 414.463354][ T4629] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 414.473545][ T4629] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 414.477901][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 414.477920][ T29] audit: type=1326 audit(1729299281.855:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 414.509874][ T4629] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 414.868261][ T29] audit: type=1326 audit(1729299281.895:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 414.893969][ T29] audit: type=1326 audit(1729299281.895:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 414.917049][ T29] audit: type=1326 audit(1729299281.905:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.194023][ T29] audit: type=1326 audit(1729299281.915:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.217252][ T29] audit: type=1326 audit(1729299281.915:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.240003][ T29] audit: type=1326 audit(1729299281.925:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.263114][ T29] audit: type=1326 audit(1729299281.925:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.286591][ T29] audit: type=1326 audit(1729299281.925:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.309164][ T29] audit: type=1326 audit(1729299282.045:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9631 comm="syz.2.1261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fee4a57dff9 code=0x7ffc0000 [ 415.735344][ T9646] kernel profiling enabled (shift: 7) [ 416.370477][ T62] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.566212][ T4629] Bluetooth: hci0: command tx timeout [ 416.690478][ T62] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.735222][ T9652] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1266'. [ 416.845245][ T62] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.049822][ T62] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.125524][ T9646] can0: slcan on ptm0. [ 417.276959][ T9645] can0 (unregistered): slcan off ptm0. [ 417.739496][ T62] bridge_slave_1: left allmulticast mode [ 417.785874][ T62] bridge_slave_1: left promiscuous mode [ 417.806503][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.874597][ T62] bridge_slave_0: left allmulticast mode [ 417.881590][ T62] bridge_slave_0: left promiscuous mode [ 417.891897][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.904816][ T4629] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 417.915049][ T4629] CPU: 1 UID: 0 PID: 4629 Comm: kworker/u9:1 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 417.925411][ T4629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 417.935499][ T4629] Workqueue: hci1 hci_rx_work [ 417.940233][ T4629] Call Trace: [ 417.943546][ T4629] [ 417.946502][ T4629] dump_stack_lvl+0x241/0x360 [ 417.951221][ T4629] ? __pfx_dump_stack_lvl+0x10/0x10 [ 417.956459][ T4629] ? __pfx__printk+0x10/0x10 [ 417.961101][ T4629] ? __kmalloc_cache_noprof+0x243/0x390 [ 417.966694][ T4629] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 417.972022][ T4629] sysfs_create_dir_ns+0x2ce/0x3a0 [ 417.977184][ T4629] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 417.982832][ T4629] kobject_add_internal+0x435/0x8d0 [ 417.988056][ T4629] kobject_add+0x152/0x220 [ 417.992481][ T4629] ? do_raw_spin_unlock+0x13c/0x8b0 [ 417.997697][ T4629] ? device_add+0x3e7/0xbf0 [ 418.002206][ T4629] ? __pfx_kobject_add+0x10/0x10 [ 418.007153][ T4629] ? _raw_spin_unlock+0x28/0x50 [ 418.012020][ T4629] ? get_device_parent+0x165/0x410 [ 418.017164][ T4629] device_add+0x4e5/0xbf0 [ 418.021512][ T4629] hci_conn_add_sysfs+0xe8/0x200 [ 418.026471][ T4629] le_conn_complete_evt+0xc9f/0x12e0 [ 418.031817][ T4629] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 418.037550][ T4629] ? __mutex_unlock_slowpath+0x21d/0x750 [ 418.043185][ T4629] ? __copy_skb_header+0x437/0x5b0 [ 418.048314][ T4629] ? skb_pull_data+0x112/0x230 [ 418.053093][ T4629] hci_le_conn_complete_evt+0x18c/0x420 [ 418.058662][ T4629] hci_event_packet+0xa55/0x1540 [ 418.063609][ T4629] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 418.068904][ T4629] ? __pfx_hci_event_packet+0x10/0x10 [ 418.074278][ T4629] ? do_raw_spin_unlock+0x13c/0x8b0 [ 418.079487][ T4629] ? hci_send_to_monitor+0xd8/0x7f0 [ 418.084697][ T4629] ? kcov_remote_start+0x97/0x7d0 [ 418.089741][ T4629] hci_rx_work+0x3df/0xdd0 [ 418.094177][ T4629] ? process_scheduled_works+0x976/0x1850 [ 418.099912][ T4629] process_scheduled_works+0xa63/0x1850 [ 418.105522][ T4629] ? __pfx_process_scheduled_works+0x10/0x10 [ 418.111520][ T4629] ? assign_work+0x364/0x3d0 [ 418.116128][ T4629] worker_thread+0x870/0xd30 [ 418.120741][ T4629] ? __kthread_parkme+0x169/0x1d0 [ 418.125815][ T4629] ? __pfx_worker_thread+0x10/0x10 [ 418.130981][ T4629] kthread+0x2f0/0x390 [ 418.135062][ T4629] ? __pfx_worker_thread+0x10/0x10 [ 418.140192][ T4629] ? __pfx_kthread+0x10/0x10 [ 418.144791][ T4629] ret_from_fork+0x4b/0x80 [ 418.149208][ T4629] ? __pfx_kthread+0x10/0x10 [ 418.153804][ T4629] ret_from_fork_asm+0x1a/0x30 [ 418.158590][ T4629] [ 418.164034][ T4629] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 418.180908][ T4629] Bluetooth: hci1: failed to register connection device [ 418.283950][ T9680] sctp: [Deprecated]: syz.3.1271 (pid 9680) Use of int in maxseg socket option. [ 418.283950][ T9680] Use struct sctp_assoc_value instead [ 419.736540][ T9659] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 420.823551][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 420.843252][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 420.863903][ T62] bond0 (unregistering): Released all slaves [ 421.291276][ T9692] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 421.820704][ T9633] chnl_net:caif_netlink_parms(): no params data found [ 423.473546][ T9752] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 423.483178][ T9752] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 423.970114][ T9633] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.984464][ T9633] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.030273][ T9633] bridge_slave_0: entered allmulticast mode [ 424.054303][ T9633] bridge_slave_0: entered promiscuous mode [ 424.087982][ T9633] bridge0: port 2(bridge_slave_1) entered blocking state [ 424.128410][ T9633] bridge0: port 2(bridge_slave_1) entered disabled state [ 424.147421][ T9633] bridge_slave_1: entered allmulticast mode [ 424.172285][ T9633] bridge_slave_1: entered promiscuous mode [ 424.199904][ T9755] netlink: 'syz.0.1287': attribute type 1 has an invalid length. [ 424.301269][ T9762] bond1 (unregistering): Released all slaves [ 424.338804][ T4629] Bluetooth: hci1: command 0x0406 tx timeout [ 424.849298][ T9788] trusted_key: encrypted_key: keyword 'upÇ-~î(:qYault' not recognized [ 425.600297][ T62] hsr_slave_0: left promiscuous mode [ 425.616472][ T62] hsr_slave_1: left promiscuous mode [ 425.685774][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 425.702575][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.717423][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.725311][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.846666][ T62] veth1_macvtap: left promiscuous mode [ 425.852864][ T62] veth0_macvtap: left promiscuous mode [ 425.858580][ T62] veth1_vlan: left promiscuous mode [ 425.864125][ T62] veth0_vlan: left promiscuous mode [ 426.305841][ T5319] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 426.565863][ T5319] usb 4-1: Using ep0 maxpacket: 8 [ 426.594408][ T5319] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 426.657012][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 426.788823][ T5319] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 426.833101][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 426.875720][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 426.891406][ T5319] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 426.899543][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 426.911493][ T5319] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 426.925951][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 426.939757][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 426.953414][ T5319] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 426.961208][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 426.974618][ T5319] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 426.986924][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 426.998589][ T5319] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 427.015701][ T5319] usb 4-1: string descriptor 0 read error: -22 [ 427.022147][ T5319] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 427.042400][ T5319] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.078534][ T5319] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 427.372601][ T62] team0 (unregistering): Port device team_slave_1 removed [ 427.427816][ T62] team0 (unregistering): Port device team_slave_0 removed [ 427.559304][ T5319] usb 4-1: USB disconnect, device number 30 [ 427.973964][ T9633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 428.003902][ T9797] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 428.014551][ T9797] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 428.146965][ T9633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 428.255153][ T9633] team0: Port device team_slave_0 added [ 428.260376][ T940] libceph: connect (1)[c::]:6789 error -101 [ 428.269472][ T940] libceph: mon0 (1)[c::]:6789 connect error [ 428.287632][ T9633] team0: Port device team_slave_1 added [ 428.402584][ T9802] ceph: No mds server is up or the cluster is laggy [ 428.452827][ T9633] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.509430][ T9633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.548432][ T940] libceph: connect (1)[c::]:6789 error -101 [ 428.556127][ T940] libceph: mon0 (1)[c::]:6789 connect error [ 428.580792][ T9633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 428.617808][ T9633] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 428.624895][ T9633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.901504][ T9633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 429.035040][ T9823] netlink: 'syz.3.1301': attribute type 1 has an invalid length. [ 429.253461][ T9815] mkiss: ax0: crc mode is auto. [ 429.295614][ T9826] bond1 (unregistering): Released all slaves [ 429.534601][ T9633] hsr_slave_0: entered promiscuous mode [ 429.553770][ T9633] hsr_slave_1: entered promiscuous mode [ 429.576064][ T9633] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 429.602741][ T9633] Cannot create hsr debugfs directory [ 430.688879][ T9856] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 430.698467][ T9856] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 432.856352][ T9898] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1320'. [ 432.880558][ T9898] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1320'. [ 432.901580][ T9898] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1320'. [ 432.921571][ T9898] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1320'. [ 433.250281][ T9633] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 433.291290][ T9633] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 433.319247][ T9633] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 433.364189][ T9633] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 433.657202][ T9633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 433.721419][ T9633] 8021q: adding VLAN 0 to HW filter on device team0 [ 433.755564][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.762764][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 433.814441][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 433.821628][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 434.370593][ T9633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 434.777792][ T9949] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1330'. [ 434.832971][ T9949] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1330'. [ 434.857464][ T9949] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1330'. [ 434.867363][ T9949] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1330'. [ 435.993260][ T9633] veth0_vlan: entered promiscuous mode [ 436.010501][ T9633] veth1_vlan: entered promiscuous mode [ 436.040257][ T9633] veth0_macvtap: entered promiscuous mode [ 436.051194][ T9633] veth1_macvtap: entered promiscuous mode [ 436.066959][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.077484][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.087394][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.097895][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.107873][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.118598][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.128702][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.139187][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.149550][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.160602][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.170625][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.181205][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.191326][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.201956][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.214081][ T9633] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 436.237870][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.249124][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.259586][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.270219][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.280461][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.290956][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.300871][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.311354][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.321247][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.331934][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.341919][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.353064][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.363563][ T9633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.374153][ T9633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.385985][ T9633] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 436.403927][ T9633] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.413309][ T9633] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.422307][ T9633] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.431105][ T9633] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.524054][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 436.545863][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 436.589837][ T3023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 436.612404][ T3023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 438.123766][T10007] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1341'. [ 438.145817][T10007] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1341'. [ 438.154821][T10007] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1341'. [ 438.175735][ T9964] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 438.191579][T10007] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1341'. [ 438.339468][ T5246] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 438.486164][ T5246] usb 3-1: device descriptor read/64, error -71 [ 438.736128][ T5246] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 438.895768][ T5246] usb 3-1: device descriptor read/64, error -71 [ 439.006247][ T5246] usb usb3-port1: attempt power cycle [ 439.357052][ T5246] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 439.379154][ T5246] usb 3-1: device descriptor read/8, error -71 [ 439.646338][ T5246] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 439.666703][ T5246] usb 3-1: device descriptor read/8, error -71 [ 439.806089][ T5246] usb usb3-port1: unable to enumerate USB device [ 440.606355][T10061] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 440.615949][T10061] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 441.055390][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 441.065826][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 442.633832][T10087] syzkaller0: entered promiscuous mode [ 442.668240][T10087] syzkaller0: entered allmulticast mode [ 444.046290][T10085] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 445.570061][T10133] misc userio: No port type given on /dev/userio [ 447.948095][T10139] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1358'. [ 448.468299][ T5246] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 448.639752][ T5246] usb 1-1: device descriptor read/64, error -71 [ 449.755354][ T5246] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 449.814871][ T5244] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 449.817083][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 449.817101][ T29] audit: type=1326 audit(1729299317.185:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10157 comm="syz.2.1364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x0 [ 449.917616][ T5246] usb 1-1: device descriptor read/64, error -71 [ 450.036137][ T5246] usb usb1-port1: attempt power cycle [ 450.385809][ T5246] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 450.416472][ T5246] usb 1-1: device descriptor read/8, error -71 [ 450.675908][ T5246] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 450.716595][ T5246] usb 1-1: device descriptor read/8, error -71 [ 450.836630][ T5246] usb usb1-port1: unable to enumerate USB device [ 452.006023][T10160] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 453.010681][T10196] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1371'. [ 453.064609][ T5244] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 453.065371][ T29] audit: type=1326 audit(1729299320.435:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10197 comm="syz.0.1376" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08e317dff9 code=0x0 [ 455.557799][ T5244] Bluetooth: hci1: Malformed MSFT vendor event: 0x02 [ 456.314164][T10230] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1387'. [ 456.835504][T10241] mkiss: ax0: crc mode is auto. [ 457.781202][T10217] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 459.159979][ T5319] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 459.476241][ T5319] usb 3-1: Using ep0 maxpacket: 8 [ 459.502472][ T5319] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 459.936642][ T5319] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 459.945891][ T5319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.959097][ T5319] usb 3-1: Product: syz [ 460.000652][ T5319] usb 3-1: Manufacturer: syz [ 460.021458][ T5319] usb 3-1: SerialNumber: syz [ 460.098283][ T5319] usb 3-1: config 0 descriptor?? [ 460.236458][T10278] fuse: Unknown parameter '0x0000000000000003' [ 462.063397][T10310] fuse: Unknown parameter '0x0000000000000003' [ 462.197857][ T5319] usb 3-1: USB disconnect, device number 39 [ 462.273497][T10319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1420'. [ 462.362634][T10319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1420'. [ 462.371947][T10319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1420'. [ 463.159265][T10333] fuse: Unknown parameter '0x0000000000000003' [ 464.386076][T10352] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1432'. [ 464.412043][T10352] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1432'. [ 464.446533][T10352] nbd: socks must be embedded in a SOCK_ITEM attr [ 464.836076][ T5284] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 465.386791][ T5284] usb 3-1: device descriptor read/64, error -71 [ 465.684165][T10375] fuse: Unknown parameter '0x0000000000000003' [ 465.785740][ T5284] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 466.885706][ T5284] usb 3-1: device descriptor read/64, error -71 [ 466.996136][ T5284] usb usb3-port1: attempt power cycle [ 467.335711][ T5284] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 467.356410][ T5284] usb 3-1: device descriptor read/8, error -71 [ 467.602968][ T5284] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 468.185872][ T5284] usb 3-1: device descriptor read/8, error -71 [ 468.304539][ T5284] usb usb3-port1: unable to enumerate USB device [ 468.333626][T10410] fuse: Unknown parameter '0x0000000000000003' [ 469.026624][T10424] Cannot find add_set index 0 as target [ 469.095509][T10426] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1455'. [ 469.312128][T10436] mac80211_hwsim hwsim17 ÿ: renamed from wlan1 (while UP) [ 470.421746][T10453] fuse: Unknown parameter '0x0000000000000003' [ 470.478914][T10455] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 470.633471][T10459] input: syz1 as /devices/virtual/input/input14 [ 471.229284][T10472] mkiss: ax0: crc mode is auto. [ 472.443479][T10481] fuse: Unknown parameter 'fd0x0000000000000003' [ 472.558024][T10486] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1478'. [ 472.699688][T10486] smc: net device lo applied user defined pnetid SYZ2 [ 474.321632][ T4629] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 474.331884][ T4629] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 474.417216][ T4629] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 474.425243][ T4629] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 474.436579][ T4629] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 474.506058][ T4629] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 474.726069][T10519] fuse: Unknown parameter 'fd0x0000000000000003' [ 474.816143][T10521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1490'. [ 474.863989][T10523] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1489'. [ 474.897140][T10523] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1489'. [ 474.916129][T10523] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1489'. [ 474.986286][T10523] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1489'. [ 474.999349][ T7791] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.154964][ T7791] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.494660][ T7791] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.663106][ T7791] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.848621][ T52] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 476.018621][ T52] usb 1-1: Using ep0 maxpacket: 8 [ 476.064632][ T52] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 476.178197][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 476.415223][ T52] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.500524][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 476.557272][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 476.581002][ T4629] Bluetooth: hci0: command tx timeout [ 476.655976][ T52] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 476.677383][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 476.716721][T10528] loop3: detected capacity change from 0 to 32768 [ 476.730058][ T52] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.752702][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 476.764015][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 476.773342][T10555] fuse: Unknown parameter 'fd0x0000000000000003' [ 476.778010][ T52] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 476.790413][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 476.806671][ T52] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.819032][ T7791] bridge_slave_1: left allmulticast mode [ 476.824722][ T7791] bridge_slave_1: left promiscuous mode [ 476.831102][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 476.842915][ T7791] bridge0: port 2(bridge_slave_1) entered disabled state [ 476.851096][ T52] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 476.868959][ T7791] bridge_slave_0: left allmulticast mode [ 476.874736][ T7791] bridge_slave_0: left promiscuous mode [ 476.881036][ T7791] bridge0: port 1(bridge_slave_0) entered disabled state [ 476.898640][ T52] usb 1-1: string descriptor 0 read error: -22 [ 476.900110][T10528] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 476.906748][ T52] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 476.945636][ T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.987753][ T52] adutux 1-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 477.014646][T10528] XFS (loop3): Ending clean mount [ 477.123571][T10528] xt_hashlimit: size too large, truncated to 1048576 [ 477.452871][ T25] usb 1-1: USB disconnect, device number 32 [ 477.467399][T10577] adutux: No device or device unplugged -19 [ 477.509160][T10579] adutux: No device or device unplugged -19 [ 478.020962][ T7791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 478.061905][ T7791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 478.089896][ T7791] bond0 (unregistering): Released all slaves [ 478.131718][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1502'. [ 478.159080][T10586] smc: net device lo applied user defined pnetid SYZ2 [ 478.168637][T10510] chnl_net:caif_netlink_parms(): no params data found [ 478.656523][ T4629] Bluetooth: hci0: command tx timeout [ 478.717208][T10510] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.724404][T10510] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.745933][T10510] bridge_slave_0: entered allmulticast mode [ 478.759377][T10510] bridge_slave_0: entered promiscuous mode [ 479.032104][T10510] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.039758][T10510] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.047358][T10510] bridge_slave_1: entered allmulticast mode [ 479.056666][T10510] bridge_slave_1: entered promiscuous mode [ 479.960438][T10510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 480.121894][T10510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 480.212485][ T7791] hsr_slave_0: left promiscuous mode [ 480.291891][ T7791] hsr_slave_1: left promiscuous mode [ 480.303803][ T7791] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 480.311404][ T7791] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 480.324796][ T7791] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 480.332370][ T7791] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 480.379791][ T7791] veth1_macvtap: left promiscuous mode [ 480.386530][ T7791] veth0_macvtap: left promiscuous mode [ 480.392162][ T7791] veth1_vlan: left promiscuous mode [ 480.397561][ T7791] veth0_vlan: left promiscuous mode [ 480.595717][ T5315] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 480.736661][ T4629] Bluetooth: hci0: command tx timeout [ 480.763753][ T5315] usb 1-1: Using ep0 maxpacket: 8 [ 480.771693][ T5315] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 480.779575][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 480.792259][ T5315] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 480.804423][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 480.816119][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 480.829028][ T5315] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 480.866914][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 480.885918][ T5315] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 480.914476][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 480.926683][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 480.939645][ T5315] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 480.947503][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 480.959323][ T5315] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 480.972479][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 480.984693][ T5315] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 481.021628][ T5315] usb 1-1: string descriptor 0 read error: -22 [ 481.031912][ T5315] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 481.065519][ T5315] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.105942][ T5315] adutux 1-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 481.210146][ T5245] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 481.550453][ T5284] usb 1-1: USB disconnect, device number 33 [ 481.648289][ T7791] team0 (unregistering): Port device team_slave_1 removed [ 481.698290][ T7791] team0 (unregistering): Port device team_slave_0 removed [ 481.725844][ T5315] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 481.885951][ T5315] usb 4-1: Using ep0 maxpacket: 8 [ 481.893870][ T5315] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 481.915658][ T5315] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 481.928568][ T5315] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 481.938756][ T5315] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 481.952112][ T5315] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 481.961267][ T5315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.197962][ T5315] usb 4-1: GET_CAPABILITIES returned 0 [ 482.203627][ T5315] usbtmc 4-1:16.0: can't read capabilities [ 482.463457][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'. [ 482.495004][T10615] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 482.507260][T10640] smc: net device lo applied user defined pnetid SYZ2 [ 482.514181][T10615] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 482.553628][T10510] team0: Port device team_slave_0 added [ 482.599981][T10510] team0: Port device team_slave_1 added [ 482.766580][T10510] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 482.798247][T10510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 482.829854][ T4629] Bluetooth: hci0: command tx timeout [ 482.921346][T10510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.097302][T10510] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.124882][T10510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.195833][T10510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 483.647105][T10510] hsr_slave_0: entered promiscuous mode [ 483.670163][T10510] hsr_slave_1: entered promiscuous mode [ 483.688550][T10510] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 483.724687][T10510] Cannot create hsr debugfs directory [ 484.031794][T10615] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 484.055787][T10615] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 484.266738][T10615] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 484.292120][T10615] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 484.750348][T10615] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 484.775682][T10615] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 485.025706][ T5315] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 485.198478][ T5315] usb 3-1: Using ep0 maxpacket: 8 [ 485.221863][ T5315] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 485.229648][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 485.247130][ T25] usb 4-1: USB disconnect, device number 31 [ 485.284230][ T5315] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 485.337368][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 485.376379][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 485.400834][ T5315] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 485.408705][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 485.430347][ T5315] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 485.579586][T10510] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 485.667183][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 485.679001][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 485.691598][ T5315] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 485.699193][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 485.701414][T10510] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 485.710637][ T5315] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 485.710673][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 485.710714][ T5315] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 485.713651][ T5315] usb 3-1: string descriptor 0 read error: -22 [ 485.860931][ T5315] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 486.152130][ T5315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 486.215222][T10510] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 486.283207][T10701] orangefs_mount: mount request failed with -4 [ 486.368686][T10510] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 486.385986][ T5315] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 486.515028][T10680] loop0: detected capacity change from 0 to 32768 [ 486.577357][T10680] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 486.734893][T10680] XFS (loop0): Ending clean mount [ 486.813075][ T52] usb 3-1: USB disconnect, device number 44 [ 486.842452][T10680] xt_hashlimit: size too large, truncated to 1048576 [ 486.990993][T10717] syzkaller0: entered promiscuous mode [ 486.997380][T10717] syzkaller0: entered allmulticast mode [ 487.165778][T10510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 487.220746][ T5240] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 487.267029][T10510] 8021q: adding VLAN 0 to HW filter on device team0 [ 487.332898][ T6250] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.340127][ T6250] bridge0: port 1(bridge_slave_0) entered forwarding state [ 491.183471][T10738] netlink: 'syz.2.1530': attribute type 1 has an invalid length. [ 491.193884][T10738] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 491.207883][ T1073] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.223301][ T1073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 491.858740][T10766] loop3: detected capacity change from 0 to 1024 [ 492.265102][T10772] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 492.274845][T10772] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 493.049331][ T8] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 493.225864][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 493.336133][ T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 494.004134][T10797] orangefs_mount: mount request failed with -4 [ 494.132482][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 494.142674][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 494.154412][ T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 494.168128][ T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 494.211504][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.392599][T10510] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 494.525889][ T8] usb 3-1: GET_CAPABILITIES returned 0 [ 494.531462][ T8] usbtmc 3-1:16.0: can't read capabilities [ 494.647126][T10803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1539'. [ 495.386178][T10828] netlink: 'syz.3.1543': attribute type 1 has an invalid length. [ 495.860999][T10838] mkiss: ax0: crc mode is auto. [ 496.113645][T10845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1546'. [ 496.164651][T10845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1546'. [ 496.363336][T10510] veth0_vlan: entered promiscuous mode [ 496.541202][T10510] veth1_vlan: entered promiscuous mode [ 497.257607][T10860] orangefs_mount: mount request failed with -4 [ 497.617444][T10510] veth0_macvtap: entered promiscuous mode [ 497.647472][T10510] veth1_macvtap: entered promiscuous mode [ 497.755420][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.799585][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.861415][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.877151][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.976057][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 498.026405][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.064434][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 498.109122][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.138653][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 498.217734][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.261779][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 498.306324][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.345525][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 498.393833][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.472904][T10510] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 498.525168][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.571158][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.601182][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.700988][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.727201][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.768338][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.811403][T10862] loop1: detected capacity change from 0 to 32768 [ 498.815847][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.860173][T10862] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 498.866434][T10876] loop3: detected capacity change from 0 to 1024 [ 498.886042][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.896634][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.907913][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.918086][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.928743][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.939047][T10510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 498.950265][T10510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 498.962870][T10510] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 498.969603][T10876] EXT4-fs: Ignoring removed bh option [ 499.022996][T10876] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 499.073688][ T52] usb 3-1: USB disconnect, device number 45 [ 499.103356][T10862] XFS (loop1): Ending clean mount [ 499.126329][ T8] XFS (loop1): Metadata CRC error detected at xfs_agfl_read_verify+0x160/0x230, xfs_agfl block 0x3 [ 499.152557][T10510] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 499.161512][ T8] XFS (loop1): Unmount and run xfs_repair [ 499.178450][ T8] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 499.191239][T10510] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 499.206493][ T8] 00000000: 58 41 46 4c 00 00 00 00 d7 dc 42 4e 79 90 42 cb XAFL......BNy.B. [ 499.215392][ T8] 00000010: 9f 91 9c b7 20 0a 10 1d 00 00 00 00 00 00 00 00 .... ........... [ 499.228514][T10510] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 499.254510][T10510] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 499.263831][ T8] 00000020: e6 0a 0e bb ff ff ff ff 00 00 0b f0 00 00 0b f1 ................ [ 499.289219][ T8] 00000030: 00 00 0b 08 00 00 00 00 00 00 00 f4 00 00 0b f5 ................ [ 499.318697][ T8] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 499.357917][ T8] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 499.389033][ T8] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 499.436131][ T8] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 499.463829][T10862] XFS (loop1): metadata I/O error in "xfs_alloc_read_agfl+0x273/0x4c0" at daddr 0x3 len 1 error 74 [ 499.485930][T10862] XFS (loop1): page discard on page ffffea00016eb900, inode 0x1809, pos 0. [ 499.522232][T10893] netlink: 'syz.2.1552': attribute type 1 has an invalid length. [ 499.696325][ T29] audit: type=1800 audit(1729299367.015:133): pid=10902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1551" name="bus" dev="loop3" ino=19 res=0 errno=0 [ 499.996819][ T7362] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 500.042422][T10896] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 500.058393][ T7362] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair. [ 500.127196][T10896] bond1: (slave batadv2): Enslaving as a backup interface with an up link [ 500.249632][T10897] bond1 (unregistering): (slave batadv2): Releasing backup interface [ 500.286398][ T5245] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 500.316311][T10897] bond1 (unregistering): Released all slaves [ 500.746356][T10916] random: crng reseeded on system resumption [ 500.767668][ T9639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.775530][ T9639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 500.785842][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.810065][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.612418][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.620731][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.096290][T10952] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 502.106010][T10952] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 503.347713][T10967] loop0: detected capacity change from 0 to 1024 [ 504.266068][T10972] netlink: 'syz.1.1565': attribute type 1 has an invalid length. [ 504.565375][T10978] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 504.605376][T10978] bond1: (slave batadv2): Enslaving as a backup interface with an up link [ 505.009725][T10972] bond1 (unregistering): (slave batadv2): Releasing backup interface [ 505.324843][T10972] bond1 (unregistering): Released all slaves [ 505.582679][T10996] random: crng reseeded on system resumption [ 506.318748][T10996] Restarting kernel threads ... done. [ 506.530408][T11015] ptrace attach of "./syz-executor exec"[11016] was attempted by "./syz-executor exec"[11015] [ 507.310852][T11025] loop1: detected capacity change from 0 to 128 [ 507.412651][T11025] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 507.493957][T11025] ext4 filesystem being mounted at /213/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 507.727403][ T7362] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 507.866753][T11045] sctp: [Deprecated]: syz.0.1579 (pid 11045) Use of int in maxseg socket option. [ 507.866753][T11045] Use struct sctp_assoc_value instead [ 508.696034][T11051] input: syz1 as /devices/virtual/input/input15 [ 510.078341][T11060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1584'. [ 510.125832][T11060] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1584'. [ 510.167070][T11060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1584'. [ 510.445678][T11060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1584'. [ 511.436593][T11073] random: crng reseeded on system resumption [ 512.215001][T11098] sctp: [Deprecated]: syz.2.1593 (pid 11098) Use of int in maxseg socket option. [ 512.215001][T11098] Use struct sctp_assoc_value instead [ 512.401000][T11073] Restarting kernel threads ... done. [ 512.524664][T11107] 9pnet_virtio: no channels available for device syz [ 512.622523][T11108] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 512.737287][T11109] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 1 [ 512.769399][ T9] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 512.779606][T11113] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 2 [ 512.787685][T11114] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 3 [ 512.833709][T11116] ./file0: Can't lookup blockdev [ 512.833839][T11115] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 4 [ 512.995733][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 513.045953][T11117] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 5 [ 513.076004][T11119] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 6 [ 513.107891][ T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 513.127087][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 513.140539][T11121] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 7 [ 513.145756][ T9] usb 4-1: Product: syz [ 513.159099][T11122] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 8 [ 513.175687][ T9] usb 4-1: Manufacturer: syz [ 513.180326][ T9] usb 4-1: SerialNumber: syz [ 513.191806][T11123] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 9 [ 513.201204][T11125] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 10 [ 513.212022][T11126] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 11 [ 513.212459][T11127] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 12 [ 513.232120][ T9] usb 4-1: config 0 descriptor?? [ 513.242647][T11128] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 13 [ 513.251626][T11129] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 14 [ 513.366005][T11135] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1597'. [ 513.395391][T11135] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1597'. [ 513.438856][T11135] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1597'. [ 513.463872][ T9] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 513.475784][T11135] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1597'. [ 514.945865][ T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 515.581589][T11177] random: crng reseeded on system resumption [ 515.605072][T11179] sctp: [Deprecated]: syz.2.1605 (pid 11179) Use of int in maxseg socket option. [ 515.605072][T11179] Use struct sctp_assoc_value instead [ 515.970379][ T25] usb 4-1: USB disconnect, device number 32 [ 516.324265][T11196] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1609'. [ 516.341501][T11196] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1609'. [ 516.350674][T11196] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1609'. [ 516.361601][T11196] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1609'. [ 516.501081][T11198] loop3: detected capacity change from 0 to 1024 [ 516.538094][T11198] hfsplus: request for non-existent node 1280 in B*Tree [ 516.545696][T11198] hfsplus: request for non-existent node 1280 in B*Tree [ 516.993331][T11204] syzkaller0: entered promiscuous mode [ 517.035902][T11204] syzkaller0: entered allmulticast mode [ 517.900925][T11216] mkiss: ax0: crc mode is auto. [ 518.294376][T11226] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1616'. [ 518.481015][T11231] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 518.502976][T11231] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 519.891201][T11238] loop3: detected capacity change from 0 to 2048 [ 524.267613][T11271] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1627'. [ 526.578107][T11290] misc userio: No port type given on /dev/userio [ 526.963878][T11299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1636'. [ 527.127524][T11301] loop2: detected capacity change from 0 to 512 [ 527.152931][T11301] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 527.212316][T11301] EXT4-fs (loop2): 1 truncate cleaned up [ 527.220229][T11301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 527.599225][T11310] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1639'. [ 527.718741][T11313] hub 6-0:1.0: USB hub found [ 527.726125][T11313] hub 6-0:1.0: 1 port detected [ 528.330228][ T9419] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.284769][T11321] orangefs_mount: mount request failed with -4 [ 531.339286][T11328] loop1: detected capacity change from 0 to 512 [ 531.568473][T11328] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 531.618653][T11328] EXT4-fs (loop1): 1 truncate cleaned up [ 531.648604][T11328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 531.842326][ T7362] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 531.920733][T11341] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 533.125344][T11350] orangefs_mount: mount request failed with -4 [ 533.993551][ T29] audit: type=1326 audit(1729299401.215:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.1.1654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdca157dff9 code=0x0 [ 534.646282][T11361] orangefs_mount: mount request failed with -4 [ 536.171242][T11378] misc userio: No port type given on /dev/userio [ 536.504282][ T5244] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 536.523125][ T5244] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 536.539408][ T5244] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 536.556095][ T5244] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 536.567448][ T5244] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 536.575194][ T5244] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 536.884653][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 537.750163][T11393] orangefs_mount: mount request failed with -4 [ 538.002674][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.764918][ T4629] Bluetooth: hci0: command tx timeout [ 539.242572][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.382145][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.408856][ T29] audit: type=1326 audit(1729299406.785:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11404 comm="syz.0.1666" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08e317dff9 code=0x0 [ 539.662150][T11382] chnl_net:caif_netlink_parms(): no params data found [ 539.818980][ T12] bridge_slave_1: left allmulticast mode [ 539.839355][ T12] bridge_slave_1: left promiscuous mode [ 539.869957][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 539.927025][ T12] bridge_slave_0: left allmulticast mode [ 539.943469][ T12] bridge_slave_0: left promiscuous mode [ 539.972706][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 540.388554][T11417] misc userio: No port type given on /dev/userio [ 540.762949][T11427] misc userio: No port type given on /dev/userio [ 540.923969][ T4629] Bluetooth: hci0: command tx timeout [ 541.154165][T11438] sctp: [Deprecated]: syz.3.1667 (pid 11438) Use of int in maxseg socket option. [ 541.154165][T11438] Use struct sctp_assoc_value instead [ 541.237633][T11430] misc userio: No port type given on /dev/userio [ 541.574926][T11437] loop1: detected capacity change from 0 to 32768 [ 541.582035][T11437] XFS: ikeep mount option is deprecated. [ 541.614897][T11437] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 541.728954][T11437] XFS (loop1): Ending clean mount [ 541.756754][T11437] XFS (loop1): Quotacheck needed: Please wait. [ 541.763928][T11440] syz.3.1667 (11440) used greatest stack depth: 16568 bytes left [ 541.984737][T11437] XFS (loop1): Quotacheck: Done. [ 542.597829][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 542.640869][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 542.654269][ T12] bond0 (unregistering): Released all slaves [ 542.966964][ T4629] Bluetooth: hci0: command tx timeout [ 543.632369][ T7362] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 543.718315][T11382] bridge0: port 1(bridge_slave_0) entered blocking state [ 543.725545][T11382] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.732862][T11382] bridge_slave_0: entered allmulticast mode [ 543.766887][T11382] bridge_slave_0: entered promiscuous mode [ 543.850353][ T29] audit: type=1326 audit(1729299411.225:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.3.1678" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7dad7dff9 code=0x0 [ 544.252741][T11382] bridge0: port 2(bridge_slave_1) entered blocking state [ 544.458493][T11382] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.666000][T11382] bridge_slave_1: entered allmulticast mode [ 544.673794][T11382] bridge_slave_1: entered promiscuous mode [ 545.046035][ T4629] Bluetooth: hci0: command tx timeout [ 545.789178][T11493] misc userio: No port type given on /dev/userio [ 546.255711][T11492] netlink: 'syz.3.1681': attribute type 1 has an invalid length. [ 546.269490][T11492] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 546.658571][T11382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 546.703732][T11382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 547.129401][T11382] team0: Port device team_slave_0 added [ 547.225647][ T29] audit: type=1326 audit(1729299414.565:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.0.1690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08e317dff9 code=0x0 [ 547.284281][T11382] team0: Port device team_slave_1 added [ 547.377403][ T12] hsr_slave_0: left promiscuous mode [ 547.398047][ T12] hsr_slave_1: left promiscuous mode [ 547.444039][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 547.474252][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 547.697694][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 547.705339][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 548.225109][ T12] veth1_macvtap: left promiscuous mode [ 548.285533][ T12] veth0_macvtap: left promiscuous mode [ 548.292344][ T12] veth1_vlan: left promiscuous mode [ 548.297957][ T12] veth0_vlan: left promiscuous mode [ 548.370499][T11558] loop0: detected capacity change from 0 to 512 [ 548.395779][T11558] EXT4-fs (loop0): Test dummy encryption mode enabled [ 548.514533][T11558] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.1695: corrupted in-inode xattr: invalid ea_ino [ 548.530789][T11558] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1695: couldn't read orphan inode 12 (err -117) [ 548.544350][T11558] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.418592][ T5240] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 549.585504][T11570] loop0: detected capacity change from 0 to 1024 [ 549.615152][T11570] EXT4-fs: Ignoring removed oldalloc option [ 549.716579][T11570] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 549.789645][T11570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 550.774875][ T5240] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.207860][T11588] 9pnet_virtio: no channels available for device syz [ 551.358930][T11590] ./file0: Can't lookup blockdev [ 552.017159][ T12] team0 (unregistering): Port device team_slave_1 removed [ 552.120010][ T12] team0 (unregistering): Port device team_slave_0 removed [ 553.326187][T11382] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 553.343534][T11382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 553.435934][T11382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 553.473704][T11382] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 553.486627][T11382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 553.521934][ T29] audit: type=1326 audit(1729299420.895:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz.2.1704" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x0 [ 553.531361][T11382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 553.863207][T11606] loop0: detected capacity change from 0 to 1024 [ 554.182734][T11615] loop0: detected capacity change from 0 to 512 [ 554.197705][T11382] hsr_slave_0: entered promiscuous mode [ 554.251316][T11382] hsr_slave_1: entered promiscuous mode [ 554.278831][T11382] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 555.038219][T11382] Cannot create hsr debugfs directory [ 557.284581][T11647] 9pnet_virtio: no channels available for device syz [ 557.503848][T11654] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 557.513980][T11650] IPVS: stopping master sync thread 11654 ... [ 558.425687][T11657] ./file0: Can't lookup blockdev [ 558.949332][ T29] audit: type=1326 audit(1729299426.325:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.2.1719" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x0 [ 558.971195][ C1] vkms_vblank_simulate: vblank timer overrun [ 558.981048][T11656] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 558.991700][T11656] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 559.385790][ T5319] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 559.567655][ T5319] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 559.664825][ T5319] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 559.747542][T11382] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 559.762486][ T5319] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 559.801274][T11382] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 559.808749][ T5319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 559.832945][T11382] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 559.840264][ T5319] usb 4-1: SerialNumber: syz [ 559.874086][T11382] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 560.148199][ T5319] usb 4-1: 0:2 : does not exist [ 560.153200][ T5319] usb 4-1: unit 16 not found! [ 561.119615][ T5319] usb 4-1: USB disconnect, device number 33 [ 561.866883][T11250] udevd[11250]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 563.053892][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.061436][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.777766][T11710] orangefs_mount: mount request failed with -4 [ 564.001825][T11382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 564.103556][T11715] loop1: detected capacity change from 0 to 1024 [ 564.122564][T11715] EXT4-fs: Ignoring removed nomblk_io_submit option [ 564.158565][T11382] 8021q: adding VLAN 0 to HW filter on device team0 [ 564.316511][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.323696][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 564.340718][T11722] loop2: detected capacity change from 0 to 512 [ 564.370043][T11715] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 564.421158][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.428387][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 564.440259][T11722] loop2: detected capacity change from 0 to 736 [ 564.447863][T11722] iso9660: Bad value for 'mode' [ 564.753807][ T29] audit: type=1800 audit(1729299432.125:140): pid=11715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1727" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 565.887043][ T9] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 565.915340][T11732] loop2: detected capacity change from 0 to 2048 [ 565.988660][T11732] loop2: p1 < > p4 [ 566.049047][T11732] loop2: p4 size 8388608 extends beyond EOD, truncated [ 566.368825][T11265] udevd[11265]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 566.399230][T11250] udevd[11250]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 566.569401][T11749] loop2: detected capacity change from 0 to 256 [ 566.813511][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 566.831893][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 566.847224][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 566.935315][ T29] audit: type=1326 audit(1729299434.305:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11745 comm="syz.2.1733" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee4a57dff9 code=0x0 [ 567.623449][ T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 567.632723][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 567.719531][ T9] usb 1-1: config 0 descriptor?? [ 567.727638][T11382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 567.781988][ T9] usb 1-1: can't set config #0, error -71 [ 567.849568][ T9] usb 1-1: USB disconnect, device number 34 [ 568.659981][T11773] netlink: 'syz.3.1736': attribute type 12 has an invalid length. [ 569.558634][T11783] orangefs_mount: mount request failed with -4 [ 570.641522][T11382] veth0_vlan: entered promiscuous mode [ 570.741502][T11382] veth1_vlan: entered promiscuous mode [ 570.895898][T11382] veth0_macvtap: entered promiscuous mode [ 570.921563][T11382] veth1_macvtap: entered promiscuous mode [ 571.016559][ T7362] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 571.021919][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.070138][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.119092][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.158856][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.175676][ T25] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 571.185610][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.212548][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.232105][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.246683][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.257351][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.269319][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.285112][T11813] vimc link validate: Sensor A:src:16x16 (0x33424752, 0, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 571.301246][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.345898][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 571.359399][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.373666][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 571.396994][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 571.407607][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 571.420635][ T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 571.434072][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.446426][T11136] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 571.447929][T11382] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 571.461598][ T25] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 571.495916][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.540246][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.563839][ T25] usb 3-1: config 0 descriptor?? [ 571.604620][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.622811][T11136] usb 1-1: Using ep0 maxpacket: 16 [ 571.661509][T11136] usb 1-1: config 0 has an invalid interface number: 29 but max is 0 [ 571.682369][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.694085][T11136] usb 1-1: config 0 has no interface number 0 [ 571.715128][T11136] usb 1-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16 [ 571.728990][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.748125][T11136] usb 1-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 571.760225][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.773574][T11136] usb 1-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 571.784978][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.809672][T11136] usb 1-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 571.833160][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.844765][T11136] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 571.893210][T11136] usb 1-1: Product: syz [ 571.896031][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.915996][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.927558][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.927822][T11136] usb 1-1: Manufacturer: syz [ 571.942747][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.953710][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.964197][T11382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 571.975049][T11382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 571.999383][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.014608][T11136] usb 1-1: SerialNumber: syz [ 572.029108][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.045757][T11382] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 572.054797][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.060132][T11136] usb 1-1: config 0 descriptor?? [ 572.089546][T11809] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 572.097902][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.100600][T11809] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 572.108321][T11382] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.132154][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.157702][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.166111][T11382] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.179591][T11382] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.181655][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.204384][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.205367][T11382] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.211943][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.212007][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 572.213461][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.256166][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.271593][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.278929][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.284962][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.296364][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.302540][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.308992][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.314969][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.321635][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 572.429625][ T25] microsoft 0003:045E:07DA.0002: No inputs registered, leaving [ 572.460073][ T7791] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 572.482717][ T25] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 572.494966][ T7791] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 572.513005][ T25] microsoft 0003:045E:07DA.0002: no inputs found [ 572.521733][ T25] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway [ 572.550432][ T25] usb 3-1: USB disconnect, device number 46 [ 572.610369][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 572.667267][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 572.775147][T11830] loop0: detected capacity change from 0 to 1024 [ 572.776835][T11832] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1746'. [ 573.460617][T11830] syz.0.1744: attempt to access beyond end of device [ 573.460617][T11830] loop0: rw=2049, sector=5778, nr_sectors = 2 limit=1024 [ 573.475181][T11830] buffer_io_error: 40 callbacks suppressed [ 573.475219][T11830] Buffer I/O error on dev loop0, logical block 2889, lost async page write [ 573.545619][T11830] syz.0.1744: attempt to access beyond end of device [ 573.545619][T11830] loop0: rw=2049, sector=2054, nr_sectors = 504 limit=1024 [ 573.793738][T11842] loop2: detected capacity change from 0 to 1024 [ 573.856278][T11842] EXT4-fs: Ignoring removed oldalloc option [ 574.362030][T11842] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 575.056364][T11851] orangefs_mount: mount request failed with -4 [ 575.170796][T11842] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 575.956040][ T5287] usb 1-1: USB disconnect, device number 35 [ 576.036909][ T9419] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 681.245546][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 681.252553][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11864/1:b..l P11857/1:b..l [ 681.262484][ C0] rcu: (detected by 0, t=10502 jiffies, g=55353, q=212 ncpus=2) [ 681.270232][ C0] task:syz.3.1749 state:R running task stack:24496 pid:11857 tgid:11853 ppid:5245 flags:0x00004000 [ 681.283180][ C0] Call Trace: [ 681.286483][ C0] [ 681.289439][ C0] __schedule+0x18af/0x4bd0 [ 681.293992][ C0] ? __pfx_lock_release+0x10/0x10 [ 681.299088][ C0] ? __pfx_validate_chain+0x10/0x10 [ 681.304322][ C0] ? __pfx___schedule+0x10/0x10 [ 681.309211][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 681.315242][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 681.320651][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 681.325829][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 681.331601][ C0] irqentry_exit+0x5e/0x90 [ 681.336047][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 681.342081][ C0] RIP: 0010:lock_acquire+0x264/0x550 [ 681.347396][ C0] Code: 2b 00 74 08 4c 89 f7 e8 ca 75 8e 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 681.367028][ C0] RSP: 0000:ffffc90004af75e0 EFLAGS: 00000206 [ 681.373124][ C0] RAX: 0000000000000001 RBX: 1ffff9200095eec8 RCX: cfcb61a6e66aab00 [ 681.381124][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0ae0e0 RDI: ffffffff8c611a00 [ 681.389140][ C0] RBP: ffffc90004af7730 R08: ffffffff942e9807 R09: 1ffffffff285d300 [ 681.397135][ C0] R10: dffffc0000000000 R11: fffffbfff285d301 R12: 1ffff9200095eec4 [ 681.405125][ C0] R13: dffffc0000000000 R14: ffffc90004af7640 R15: 0000000000000246 [ 681.413152][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 681.418199][ C0] ? __pfx_try_charge_memcg+0x10/0x10 [ 681.423612][ C0] ? percpu_ref_get_many+0x19/0x140 [ 681.428845][ C0] percpu_ref_get_many+0x36/0x140 [ 681.433980][ C0] ? percpu_ref_get_many+0x19/0x140 [ 681.439260][ C0] charge_memcg+0xd2/0x1e0 [ 681.443725][ C0] __mem_cgroup_charge+0x27/0x80 [ 681.448695][ C0] shmem_alloc_and_add_folio+0x8a1/0x13d0 [ 681.454463][ C0] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 681.460653][ C0] ? shmem_allowable_huge_orders+0x1f2/0x3d0 [ 681.466671][ C0] shmem_get_folio_gfp+0x5a9/0x20a0 [ 681.471906][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 681.477944][ C0] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 681.483629][ C0] shmem_write_begin+0x17e/0x460 [ 681.488688][ C0] ? __pfx_shmem_write_begin+0x10/0x10 [ 681.494183][ C0] ? fault_in_iov_iter_readable+0x229/0x280 [ 681.500116][ C0] generic_perform_write+0x344/0x6d0 [ 681.505441][ C0] ? __pfx_generic_perform_write+0x10/0x10 [ 681.511268][ C0] ? _raw_spin_unlock+0x28/0x50 [ 681.516147][ C0] ? __mark_inode_dirty+0x5b2/0xe90 [ 681.521375][ C0] ? preempt_count_add+0x93/0x190 [ 681.526429][ C0] ? mnt_put_write_access_file+0xb8/0x100 [ 681.532174][ C0] ? file_update_time+0x3dd/0x450 [ 681.537262][ C0] shmem_file_write_iter+0xf9/0x120 [ 681.542492][ C0] vfs_write+0xa6d/0xc90 [ 681.546757][ C0] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 681.552589][ C0] ? __pfx_vfs_write+0x10/0x10 [ 681.557381][ C0] ? __fget_files+0x28/0x430 [ 681.562006][ C0] ? __fget_files+0x28/0x430 [ 681.566653][ C0] ksys_write+0x183/0x2b0 [ 681.571021][ C0] ? __pfx_ksys_write+0x10/0x10 [ 681.575903][ C0] ? exc_page_fault+0x590/0x8c0 [ 681.580794][ C0] ? do_syscall_64+0xb6/0x230 [ 681.585492][ C0] do_syscall_64+0xf3/0x230 [ 681.590014][ C0] ? clear_bhb_loop+0x35/0x90 [ 681.594721][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.600635][ C0] RIP: 0033:0x7fe7dad7cadf [ 681.605078][ C0] RSP: 002b:00007fe7da7dddf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 681.613515][ C0] RAX: ffffffffffffffda RBX: 0000000000400000 RCX: 00007fe7dad7cadf [ 681.621510][ C0] RDX: 0000000000400000 RSI: 00007fe7d0400000 RDI: 0000000000000007 [ 681.629499][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000001262 [ 681.637490][ C0] R10: 0000000020002502 R11: 0000000000000293 R12: 0000000000000007 [ 681.645479][ C0] R13: 00007fe7da7ddef0 R14: 00007fe7da7ddeb0 R15: 00007fe7d0400000 [ 681.653488][ C0] [ 681.656529][ C0] task:dhcpcd-run-hook state:R running task stack:26784 pid:11864 tgid:11864 ppid:11859 flags:0x00000002 [ 681.668318][ C0] Call Trace: [ 681.671614][ C0] [ 681.674567][ C0] __schedule+0x18af/0x4bd0 [ 681.679101][ C0] ? __pfx_validate_chain+0x10/0x10 [ 681.684343][ C0] ? __pfx_validate_chain+0x10/0x10 [ 681.689574][ C0] ? __pfx___schedule+0x10/0x10 [ 681.694458][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 681.700483][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 681.705808][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 681.710989][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 681.716741][ C0] ? mark_lock+0x9a/0x360 [ 681.721108][ C0] irqentry_exit+0x5e/0x90 [ 681.725559][ C0] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 681.731045][ C0] RIP: 0010:lock_release+0x658/0xa30 [ 681.736447][ C0] Code: 3c 3b 00 74 08 4c 89 f7 e8 c5 4a 8e 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25 [ 681.756077][ C0] RSP: 0018:ffffc9000526f720 EFLAGS: 00000206 [ 681.762170][ C0] RAX: 0000000000000001 RBX: 1ffff92000a4def6 RCX: ffffc9000526f703 [ 681.770163][ C0] RDX: 0000000000000000 RSI: ffffffff8c0ae0e0 RDI: ffffffff8c611a00 [ 681.778157][ C0] RBP: ffffc9000526f858 R08: ffffffff901db3ef R09: 1ffffffff203b67d [ 681.786150][ C0] R10: dffffc0000000000 R11: fffffbfff203b67e R12: 1ffff92000a4def0 [ 681.794231][ C0] R13: 0000000000000246 R14: ffffc9000526f7b0 R15: dffffc0000000000 [ 681.802254][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 681.807303][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 681.812539][ C0] ? __pfx_lock_release+0x10/0x10 [ 681.817592][ C0] ? unwind_next_frame+0x18e6/0x22d0 [ 681.822912][ C0] ? preempt_count_add+0x93/0x190 [ 681.827966][ C0] ? 0xffffffffa0003b40 [ 681.832141][ C0] ? 0xffffffffa0003b40 [ 681.836338][ C0] is_bpf_text_address+0x280/0x2a0 [ 681.841477][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 681.846706][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 681.852899][ C0] kernel_text_address+0xa7/0xe0 [ 681.857865][ C0] __kernel_text_address+0xd/0x40 [ 681.862927][ C0] unwind_get_return_address+0x4d/0x90 [ 681.868411][ C0] arch_stack_walk+0xfd/0x150 [ 681.873133][ C0] stack_trace_save+0x118/0x1d0 [ 681.878017][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 681.883422][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 681.889446][ C0] kasan_save_track+0x3f/0x80 [ 681.894150][ C0] ? kasan_save_track+0x3f/0x80 [ 681.899029][ C0] ? kasan_save_free_info+0x40/0x50 [ 681.904263][ C0] ? __kasan_slab_free+0x59/0x70 [ 681.909230][ C0] ? kmem_cache_free+0x1a2/0x440 [ 681.914201][ C0] ? do_sys_openat2+0x17a/0x1d0 [ 681.919087][ C0] ? __x64_sys_openat+0x247/0x2a0 [ 681.924143][ C0] ? do_syscall_64+0xf3/0x230 [ 681.928841][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.934979][ C0] ? alloc_fd+0x61a/0x690 [ 681.939343][ C0] kasan_save_free_info+0x40/0x50 [ 681.944402][ C0] __kasan_slab_free+0x59/0x70 [ 681.949188][ C0] ? do_sys_openat2+0x17a/0x1d0 [ 681.954157][ C0] kmem_cache_free+0x1a2/0x440 [ 681.958949][ C0] ? do_sys_openat2+0x17a/0x1d0 [ 681.963840][ C0] do_sys_openat2+0x17a/0x1d0 [ 681.968554][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 681.973805][ C0] __x64_sys_openat+0x247/0x2a0 [ 681.978780][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 681.984189][ C0] ? do_syscall_64+0x100/0x230 [ 681.988976][ C0] ? do_syscall_64+0xb6/0x230 [ 681.993681][ C0] do_syscall_64+0xf3/0x230 [ 681.998204][ C0] ? clear_bhb_loop+0x35/0x90 [ 682.002916][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.008832][ C0] RIP: 0033:0x7f3bca428477 [ 682.013359][ C0] RSP: 002b:00007ffdbbcafee8 EFLAGS: 00000287 ORIG_RAX: 0000000000000101 [ 682.021801][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3bca428477 [ 682.029811][ C0] RDX: 0000000000090800 RSI: 00005626dc2d4160 RDI: 00000000ffffff9c [ 682.037815][ C0] RBP: 00005626dc2cef3f R08: 0000000000090800 R09: 00005626dc2d4160 [ 682.045805][ C0] R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffdbbcb0048 [ 682.053798][ C0] R13: 00005626dc2cef38 R14: 00005626dc2d4187 R15: 000000000000002f [ 682.061819][ C0] [ 682.064856][ C0] rcu: rcu_preempt kthread starved for 10486 jiffies! g55353 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 682.076074][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 682.086053][ C0] rcu: RCU grace-period kthread stack dump: [ 682.091950][ C0] task:rcu_preempt state:R running task stack:25264 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 682.103729][ C0] Call Trace: [ 682.107023][ C0] [ 682.109976][ C0] __schedule+0x18af/0x4bd0 [ 682.114540][ C0] ? __pfx___schedule+0x10/0x10 [ 682.119440][ C0] ? __pfx_lock_release+0x10/0x10 [ 682.124498][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 682.130882][ C0] ? schedule+0x90/0x320 [ 682.135168][ C0] schedule+0x14b/0x320 [ 682.139363][ C0] schedule_timeout+0x15a/0x290 [ 682.144247][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 682.149651][ C0] ? __pfx_process_timeout+0x10/0x10 [ 682.154966][ C0] ? prepare_to_swait_event+0x330/0x350 [ 682.160556][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 682.165434][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 682.170671][ C0] ? rcu_gp_init+0x1256/0x1630 [ 682.175463][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 682.180420][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 682.186595][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 682.191904][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 682.197831][ C0] ? finish_swait+0xd4/0x1e0 [ 682.202462][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 682.207077][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 682.212295][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 682.218223][ C0] ? __kthread_parkme+0x169/0x1d0 [ 682.223284][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 682.228506][ C0] kthread+0x2f0/0x390 [ 682.232601][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 682.237820][ C0] ? __pfx_kthread+0x10/0x10 [ 682.242439][ C0] ret_from_fork+0x4b/0x80 [ 682.246878][ C0] ? __pfx_kthread+0x10/0x10 [ 682.251489][ C0] ret_from_fork_asm+0x1a/0x30 [ 682.256295][ C0] [ 682.259330][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 682.265697][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 682.275522][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 682.285594][ C0] RIP: 0010:acpi_safe_halt+0x21/0x30 [ 682.290908][ C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 00 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 35 81 9e 00 f3 0f 1e fa fb f4 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 [ 682.310638][ C0] RSP: 0018:ffffffff8e607ca8 EFLAGS: 00000246 [ 682.316743][ C0] RAX: ffffffff8e6945c0 RBX: ffff888142eef864 RCX: 000000000041df41 [ 682.324732][ C0] RDX: 0000000000000001 RSI: ffff888142eef800 RDI: ffff888142eef864 [ 682.332751][ C0] RBP: 000000000003a5b8 R08: ffff8880b8637a7b R09: 1ffff110170c6f4f [ 682.340743][ C0] R10: dffffc0000000000 R11: ffffffff8bcc6540 R12: ffff8881446ff000 [ 682.348736][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f1343a0 [ 682.356730][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 682.365681][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 682.372286][ C0] CR2: 000000110c433780 CR3: 000000007f4fa000 CR4: 00000000003526f0 [ 682.380279][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 682.388320][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 682.396339][ C0] Call Trace: [ 682.399644][ C0] [ 682.402511][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 682.408877][ C0] ? print_other_cpu_stall+0x1475/0x15b0 [ 682.414536][ C0] ? notifier_call_chain+0x19f/0x3e0 [ 682.419869][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 682.425704][ C0] ? timekeeping_advance+0x7ce/0xa90 [ 682.431027][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 682.437398][ C0] ? rcu_sched_clock_irq+0xa1a/0x10d0 [ 682.442808][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 682.448472][ C0] ? hrtimer_run_queues+0x16c/0x460 [ 682.453699][ C0] ? update_process_times+0x1ce/0x230 [ 682.459105][ C0] ? tick_nohz_handler+0x37c/0x500 [ 682.464246][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 682.469736][ C0] ? __hrtimer_run_queues+0x551/0xd50 [ 682.475160][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 682.481186][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 682.486935][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 682.493040][ C0] ? hrtimer_interrupt+0x396/0x990 [ 682.498196][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 682.504380][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 682.510222][ C0] [ 682.513173][ C0] [ 682.516125][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 682.522305][ C0] ? __pfx_acpi_idle_enter+0x10/0x10 [ 682.527624][ C0] ? acpi_safe_halt+0x21/0x30 [ 682.532329][ C0] acpi_idle_enter+0xe4/0x140 [ 682.537051][ C0] cpuidle_enter_state+0x109/0x470 [ 682.542190][ C0] ? __pfx_menu_select+0x10/0x10 [ 682.547156][ C0] cpuidle_enter+0x5d/0xa0 [ 682.551609][ C0] do_idle+0x375/0x5d0 [ 682.555721][ C0] ? __pfx_do_idle+0x10/0x10 [ 682.560343][ C0] ? rest_init+0x30/0x300 [ 682.564709][ C0] ? rest_init+0x31/0x300 [ 682.569068][ C0] cpu_startup_entry+0x42/0x60 [ 682.573855][ C0] rest_init+0x2dc/0x300 [ 682.578128][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 682.583721][ C0] start_kernel+0x47f/0x500 [ 682.588277][ C0] x86_64_start_reservations+0x2a/0x30 [ 682.593791][ C0] x86_64_start_kernel+0x9f/0xa0 [ 682.598770][ C0] common_startup_64+0x13e/0x147 [ 682.603758][ C0]