last executing test programs: 8m41.87309651s ago: executing program 32 (id=54): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000100)=ANY=[@ANYBLOB="6002000043000701fefffffffcdbdf2503"], 0x260}, 0x1, 0x0, 0x0, 0xc004}, 0xc000) 6m26.969369639s ago: executing program 5 (id=415): prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 6m25.750370648s ago: executing program 5 (id=417): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r4, &(0x7f0000000340)={0x1d, r5, 0x0, {0x1, 0xf0, 0x4}, 0xfd}, 0x18) setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) 6m24.557584953s ago: executing program 5 (id=422): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r0, 0x40187014, 0x0) r1 = socket(0x10, 0x3, 0x0) setuid(0xee00) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) write(r1, 0x0, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000080)) setrlimit(0x6, &(0x7f00000002c0)={0x2, 0x8000000000000000}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x1a, 0x0, 0x0) syz_io_uring_setup(0x3b9b, 0x0, 0x0, 0x0) 6m24.063354808s ago: executing program 5 (id=424): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) 6m21.92464481s ago: executing program 5 (id=429): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8) socket(0x15, 0x5, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3e, &(0x7f0000000000)=0x100000b2, 0x4) socket(0x200000000000011, 0x2, 0x0) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000340)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe) keyctl$search(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0) 6m17.359236322s ago: executing program 5 (id=439): socket(0x28, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffff8}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x75fa, 0xe475, 0x0, 0x0, 0x0) 6m2.101775706s ago: executing program 33 (id=439): socket(0x28, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffff8}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x75fa, 0xe475, 0x0, 0x0, 0x0) 4m21.73426696s ago: executing program 4 (id=683): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) process_vm_writev(0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {&(0x7f0000000400)=""/150, 0x96}], 0x3, 0x0, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 4m17.870251817s ago: executing program 4 (id=692): io_setup(0x239f, &(0x7f0000000380)) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000300)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10) r2 = socket$inet(0x2, 0x801, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) shutdown(r2, 0x1) sendto$inet(r0, 0x0, 0x0, 0x2000cf2c, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) 4m16.658346509s ago: executing program 4 (id=696): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360) 4m14.99750719s ago: executing program 4 (id=698): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) set_mempolicy(0x4003, &(0x7f0000000200)=0x7, 0x3) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) 4m13.701509374s ago: executing program 4 (id=702): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r3, 0x1, 0x2c, &(0x7f00000000c0), 0x4) setsockopt$sock_attach_bpf(r3, 0x1, 0x1b, &(0x7f0000000040), 0x4) 4m12.321998623s ago: executing program 4 (id=704): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8) writev(0xffffffffffffffff, &(0x7f0000000300), 0x0) syz_open_dev$MSR(&(0x7f0000000240), 0xfffffffffffffffe, 0x0) r2 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$binfmt_register(r2, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file1'}, 0x237) recvmmsg(r0, &(0x7f0000001140), 0x0, 0x10122, 0x0) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="20000000100001070000000000000000030000000c0002"], 0x20}}, 0x4000084) 3m56.777994519s ago: executing program 34 (id=704): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8) writev(0xffffffffffffffff, &(0x7f0000000300), 0x0) syz_open_dev$MSR(&(0x7f0000000240), 0xfffffffffffffffe, 0x0) r2 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$binfmt_register(r2, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file1'}, 0x237) recvmmsg(r0, &(0x7f0000001140), 0x0, 0x10122, 0x0) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="20000000100001070000000000000000030000000c0002"], 0x20}}, 0x4000084) 3m8.901179349s ago: executing program 7 (id=476): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x2) r2 = syz_io_uring_setup(0x1000022f, 0x0, 0x0, &(0x7f0000000040)) io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 2m52.553126968s ago: executing program 35 (id=476): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x2) r2 = syz_io_uring_setup(0x1000022f, 0x0, 0x0, &(0x7f0000000040)) io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 1m57.85727501s ago: executing program 1 (id=966): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x5, 0x10}, 0xc) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe654, 0x2, 0x4, 0x48, 0xff}, 0x9c) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x6}}, 0x20) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 1m54.171055548s ago: executing program 1 (id=975): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffeffff}, 0x94) r1 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4) r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a45323, &(0x7f00000003c0)={{0x1, 0x4}, 'port1\x00', 0x2, 0x801, 0x42, 0x0, 0x8001, 0x101, 0x0, 0x0, 0x3, 0x4}) write$fb(r2, &(0x7f0000000340)="732f7f3bab58959d", 0x8) r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40000, 0x19b) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000300)={0x0, 0x19, &(0x7f0000000240)={&(0x7f00000000c0)=@migrate={0x154, 0x21, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, [@encap={0x1c, 0x4, {0x0, 0x0, 0x0, @in=@multicast2}}, @migrate={0xe8}]}, 0x154}}, 0x0) 1m51.575869684s ago: executing program 1 (id=982): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000000)=ANY=[], 0x1, 0x6f6, &(0x7f0000000340)="$eJzs3c1vHGcdB/DvrNeON1Sp0yY0QkGYRCpIEYkTK4VwwSCEcqhQVQ49W4nTWHGSKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7Pr3fX6LfFLAp9PNJ5n5nnmmd/+5pmZ3XWsCfB/6+q5NB+myNVzbz4ol9dWZ5fWVmeP1NVLScpyI2l2ZinuJMWjZK6sL/qm9M03+HjxytufPV77vLPUrKeq/dhW240wou1KPWW67m965JbjO93FSh1eXkpyrZ4PmthpXwMNy6Sdredw6NqDGmmv7Gbz3Zy3wHOme3cqOvfNDaaSo0km6/cBqa8OjYOLcE99vVvY1VUOAAAAXlCf3j3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODFUz3/v9VbbHRWJdMpus//n+iuq8vPobkdt3y4r3EAAAAAAAAAwMH42pM8yYMcK8vjSdpF9Tv/M1XliXzRTr6U93M/C7mX83mQ+SxnOfdyMclUX0cTD+aXl+9d7G1ZGr3lpZFbXjrIVw0AAAAAAAAA/3N+mVbn9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC8KJKxzqyaTtTzTKXRzHpdVpJ/Jpk47Hh3oRi18uHBxwEAAADPZHLUyvGtt3n5SZ7kQY51l9tF9Zn/y9Xn5cm8nztZzmKWs5SFXK8/Q5ef+htrq7NLa6uzt8upXB7s9/v/3lUoE3UPY9XSqD2fqlq0ciOL1ZrzuVYFcz2Nzr7PJqe68fTF1eejMqbie7Wt89LTrNNa7uz3m32LsCcGv4pobNGytR5c0svITB1bueXxTgaK6ouaZDgTw0dnw86aA0tTVZPx3p4uptH75ufEPuT8aD0vX89v9jXnO9Gfi14mGqkycak7+spzZutMJN/465/eubl059bNG/fPHe5L2oWxTdYPj4nZvky89kJnornL9jNVJk72lq/mR/lJzmU6b+VeFvPTzGc5C2nX9fP1eC5/To3MVC8lcwM7emu7SCbq49I5ZjuJaTo/rErzOVNteyyLKXI317OQN6p/l3Ix387lXM6VviN8ctMjXMVenfWN4bO++7L+NjL4s9+sC+XV7bfrV7m5rV7xZqNzr3Su/WVej/fltTPqH/daHe87D2b6svRKNzuj73xPc21sfqUulPv41Tb3iYM1VWeiPIG6d4ludK92MtGs7kUbrwh/aFdvDpbutNs359/bpP+VoeXX63k5rFa/urF1MbxBZZv3Q3uiHC+vZLK+kgyOjrLu1d5Vpq+uvT6WO3WDd9xyu5NVXVF0z9Qf5241ADaeqRP1e7iNPV2q6l4bqjtdX8PLulN9dQPvt3I3S7l+APkD4Gn8451ecSpHJ1r/an3a+qT169bN1puTPzjynSOnJzL+9/HvNmfGXm+cLv6ST/Lz9c//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA07v/wYe35peWFu6NLjQ2rxootDK8ZruehwpF/UCfUW1u1U8p2FWHh1yYTDKwpnrO0YGH0RoOY0Oh/YvkwPPTfYjg6Da/KwvNHR3uuYE1f97Y4UfbxzOWoXG4g/NiHwuN7EvP7Zc3GQljGT0ADuuKBByUC8u337tw/4MPv7V4e/7dhXcX7oxfvnxl5srlN2Yv3FhcWpjp/DzsKIH9sH7TP+xIAAAAAAAAAAAAgJ0a9acCZ17a7o9GNhQaSYb/xsP/LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2xNVzaT5MkYsz52fK5bXV2aVy6pbXWzaTNBpJ8bOkeJTMpTNlqq+7In98lPaI/Xy8eOXtzx6vfb7eV7PTPmnU881tXZtkpZ4ynWSsnj+Dgf6uPXN/xX+6r6FM2Bftdnvu2eKDvfHfAAAA//+0rO1Q") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() ptrace$ARCH_SHSTK_ENABLE(0x1e, r1, 0x2, 0x5001) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000005580)=""/102392, 0x18ff8) timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0) setuid(0xee01) socket$nl_generic(0x10, 0x3, 0x10) writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) 1m49.234490655s ago: executing program 1 (id=986): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20010004, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r0, 0x9) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="8400", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) 1m47.479798314s ago: executing program 1 (id=990): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be8", 0x11) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3) sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)={0x30, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x4}]}, 0x30}}, 0x0) 1m45.119432803s ago: executing program 1 (id=994): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockname$inet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$caif_stream(0x25, 0x1, 0x1) r3 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x3, 0x1d}, &(0x7f00000000c0)=0x0, &(0x7f0000000600)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000040)={&(0x7f0000002000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r2, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}}) io_uring_enter(r3, 0x3516, 0x3e000000, 0x0, 0x0, 0x0) 1m29.995913423s ago: executing program 36 (id=994): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockname$inet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$caif_stream(0x25, 0x1, 0x1) r3 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x3, 0x1d}, &(0x7f00000000c0)=0x0, &(0x7f0000000600)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000040)={&(0x7f0000002000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r2, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}}) io_uring_enter(r3, 0x3516, 0x3e000000, 0x0, 0x0, 0x0) 40.14886577s ago: executing program 8 (id=1110): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0xffff}, 0x1c) listen(r3, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r6, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x800) 35.389158485s ago: executing program 8 (id=1131): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$search(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x55, 0x1e5, 0x0, 0xfffffffd, {0x7, r3}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x1, 0x1, 0x1, {@ip4=@loopback, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x100010, 0xffffffffffffffff, 0xa809c000) 29.42198208s ago: executing program 8 (id=1128): getpgrp(0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$sock_bt_hci(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r2 = accept$alg(r1, 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000600), 0xfec8) recvmmsg(r2, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0x6}, {&(0x7f0000000140)=""/9, 0xa}, {&(0x7f0000000300)=""/225, 0x2}, {&(0x7f0000000400)=""/41, 0xfeb2}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f00000004c0)=""/203, 0xcb}], 0x6, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{&(0x7f00000006c0), 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0xffffffffffffffe0}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680}) 26.547406659s ago: executing program 6 (id=1150): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40040) syz_open_procfs$pagemap(0x0, &(0x7f0000000180)) socket$xdp(0x2c, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0)={0xa00, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0) 22.307150783s ago: executing program 6 (id=1144): socket$inet(0xa, 0x801, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100008b}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r4, 0x0, 0x10, &(0x7f0000000140)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8) 22.271128154s ago: executing program 8 (id=1145): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0xb, &(0x7f00000000c0)={[{@cruft}, {@utf8}, {@nojoliet}, {@showassoc}, {@utf8}, {@map_normal}]}, 0x1, 0x55a, &(0x7f0000000b00)="$eJzs3VFP21YbwPHHFN7StEKv3vdVVSHantJ3Ekg0dUKbKurNPOcknDaxI9up4KpCBSrU0E6lkwY3U2+6Tdou9wF6uw+xj7DLad9gV9UudrlpTLYTCDQhFApB6P+LWh/sxz7PiSI/OhDbAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHJLtp2zpGq8xrzqzS0Ffm2f7e3jTf81liy6dvbr+k6/Ilb8T0ZH5Uq66sr/diIvx/9NykT604SMxotR2bx4+d/3/zs81N5/n4ROxPrG5rPFZnP55aATGZCK9kzom5pT0cqEvioWCvbtuXKoyqaqw4WvftY15QbaifxATbnTKlcsziqdXfAbXqXkVHV75b1bedsuqAfZunaC0PduP8iG7pypVo1XSWLizXHMvfiD+NBEKtJOTamV1ebybL8k46DcQYLy/YLydj6fy+XzucLd4t17tj383gp7D3kvYvAfWgzW8ZzIgUMYatV/qYoRTxoyL6rry5WSBOJLrcf2llbhn/7ktt633876367yV3Y2j0tS/6+lP13rVf975HJyr3XZkE15JovSlKYsy8uBZ3Syr4po8cRIKL4YqYmTrFGtNUqKUpCC2PJY5qQsoSgpi5F/iZZQFiSUSHTyiXIlEC2OROJLIEqmxJVpUZKTohRlVpRoycqC+NIQTypSEkeqomVFVpP3fXafHLeDcgcJyu8TlP+D+o89hlunrAPv8HFP4MARbLXrPwAAAAAAOLOs5Lfv8fx/RK4mrbKpanvQaQEAAAAAgI8o+cv/RLwYiVtXxWL+DwAAAADAWWMl19hZIpKR62mrfSUUvwQAAAAAAOCMSP7+fy1eZOLWdbGY/wMAAAAAcNZ80/ce+2H9vPXT7xIEI9br+vz/rTUnjnPWzqX7ndt7xKg8fvHPrcRwcqzCcOuQrp6wLqVB2zfBfNdarPTLw/qQBKyx1t67E5Dv5EYac2MpXS61t6S9ZMqmqrOuX72fE8cZG4r0fPTF89UvJRn+t15tzJKV1eZy9smL5lKSy+v4KK/XWjdQfO8+ivvk8iq530JyzUXXEY8kF2K0+s2k/dqd4x9Kdx/6gD7fyGQaM5lJl5nd4x+N+8xle42+lUXuiCN/IzfTmJtTN9NFlyzy/bLId2ZxqPfiAFnM9sti9ohZAMCgrPSuQn+nRXxrb909xFnuZKr7G5lKY6bGkxPr8HiXM7rd74xuH7G6/bj9DIR2cK8aG/f7/Z6q+jbe4W3PfsNq3orfwnOv1j6Xy+sbm7dW1xafLj9dfp7PzxbsO7Z9Ny8jyTBaC2oPAKCLbs/YadfcdP7f9yk81p0+s+r/bH+lICtP5IU0ZUlmkqsNkm8cdD1qJtnnQvI1hJk+s9ZMxxNeZvrM6jIdD3rpiP3tl7S1K9bqeLwMAABnyWSfOnyQ+j/Ta979Q7K2o+bGtXz/2XFnLQcAAMdDB++sTPS1FQSm/jhXLOacaE6rwHcfqsCUKloZL9KBO+d4Fa3qgR/5rl+NG49MSYcqbNTrfhCpsh+ouh+a+eTJ7ypcCCNdU6GuOV5k3LBe1U6olet7keNGqmRCV9Ubn1VNOKeDZOewrl1TNq4TGd9Tod8IXJ1VKtS6I9CUtBeZsombnqoHpuYEC+qRX23UtCrp0A1MPfLTA7b7Ml7ZD2rJYbODfrMBADgl1jc2ny02m8sv+zU+PUBMj8agxwgAAHajSgMAAAAAAAAAAAAAAAAAAAAAcPod8pK+s9e49LEOuLVrjSUiOzEX5BSM9BCN8+2PyynJh8bxNwZ7XgJw/P4JAAD//1zPX+o=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x84c18000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) close(0xffffffffffffffff) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder0\x00', 0x0, 0x0) 21.144135125s ago: executing program 0 (id=1146): prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x808}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4018045}, 0x0) syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000080)={[{@mb_optimize_scan}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}]}, 0x3, 0x45c, &(0x7f0000000580)="$eJzs282PU1UbAPDndlq+eWdegh98qKNoJH7MMAMiCzcaTVxoYqILdDfODAQpjGHGRAjR0RhcGhIX7ojuTPwLXOnGKCsTt7o3JMSwAVnV3PbeoS1tKbW0YH+/pPSc3nNznod7T++590wDGFmT6T9JxJaI+D0ixmvVxgaTtbdrV87O/33l7HwSlcqbfyXVdlevnJ3Pm+b7bc4rxYjCZ0nsatHv8ukzx+fK5cVTWX165cT708unzzx77MTc0cWjiydnDx06sH/m+YOzz/UlzzSvqzs/Wtq949W3z78+f/j8u798l+T5N+XRJ5OdNj5RqfS5u+HaWldOivHNV0OMhe6N1YZplKrjfzzGqrWa8Xjl06EGB9xRlUqlcn/7zasV4D8siWFHAAxHfqFP73/z14CmHneFyy/WboDSvK9lr9qWYhSyNqWm+9t+moyIw6vXL6SvuDPPIQAAGvyQzn+eaTX/K0T9c6H/ZWsoExHx/4jYFhEHI2J7RNwXUW37QEQ8eJv9Ny+S3Dz/KVzqKbEupfO/F7K1rcb5Xz77i4mxrLa1mn8pOXKsvLgv+z/ZG6X1aX2mQx8/vvzbF+22Ved/payyev1C2n8+F8ziuFRc37jPwtzKXK/5Nrv8ScTOYqv8k7WVgCQidkTEzh77OPbUt7vbbauf/x5umX8HxR4DqlP5OuLJ2vFfjab8c0nn9cnpDVFe3DednxU3u/jruTfa9f+v8u+D9Phvann+r5lI6tdrl2+/j3N/fN72nubW+bc+/9clb1XL+VH6cG5l5dRMxLrktVrQ9Z/P3tg3r+ft0/z37mk9/rdl+6R97IqI9CR+KCIejohHstgfjYjHImJPh/x/funx93rPv8GGDt30JM1/oeXxXzv/m47/jcK6aP6kdWHs+E/fN3Q6cTv5p8f/QLW0N/ukm++/buLq7WwGAACAe08hIrZEUphaKxcKU1O1v+HfHpsK5aXllaePLH1wcqH2G4GJKBXyJ13jdc9DZ7Lb+rw+21Tfnz03/nJsY7U+Nb9UXhh28jDiNrcZ/6k/x4YdHXDH9WEdDbhHGf8wuox/GF3GP4yuFuN/Y/Z+cdCxAIPV6vr/8RDiAAavafxb9oMR4v4fRlc34/+dAcQBDJ7rP4yk5Y1x6x/JKyjcVIhCN42T7Npyd8Ss0H1h2N9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFPAAAA//8eWuDl") 19.172930019s ago: executing program 0 (id=1149): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff) mq_open(0x0, 0x1, 0x0, &(0x7f0000000040)={0x20001294, 0x2, 0x5}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f00001f8000/0x4000)=nil, 0x4000, 0x0, 0x12012, r3, 0x0) 19.140569015s ago: executing program 8 (id=1151): syz_usb_connect(0x0, 0xdb, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) getpid() sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000002"], 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48) 17.329803988s ago: executing program 0 (id=1166): setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f00000001c0)=0x4104, 0x4) r0 = syz_io_uring_setup(0x6167, &(0x7f0000000400)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r4 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r4, 0x3518, 0xaddf, 0x2, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2120, 0x1}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000180)=[r0], 0x1) io_uring_enter(r0, 0x2d3e, 0xea37, 0x0, 0x0, 0x0) 16.541833197s ago: executing program 3 (id=1155): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) dup(0xffffffffffffffff) r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 14.436181502s ago: executing program 0 (id=1156): getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r3, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @ext={0x0, 0x0}}, {0x0, 0x3, 0x0, 0x0, @tick=0x9, {}, {0x2}, @connect={{0x2, 0x3}, {0x1}}}, {0x0, 0x0, 0x0, 0x0, @time={0x2, 0xffffffff}, {0x0, 0x8}, {}, @connect={{0xa}, {0x9, 0x9}}}, {0x0, 0x0, 0x1, 0x0, @time={0x1}, {0xd0}, {0x3}, @raw8={"33f9dc44d4e775c85a555d8d"}}], 0x70) syslog(0x4, &(0x7f0000000000)=""/19, 0xb12288e90d7c8384) 14.435768218s ago: executing program 2 (id=1157): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680)) r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000540)={0x0, 0xd4bb, 0x0, 0x1, 0x2}, &(0x7f0000000300)=0x0, &(0x7f0000000280)=0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8) socket(0xa, 0x3, 0x7) r5 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140), 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x10000, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x2, r0, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(r1, 0x3517, 0xc2de, 0x9, 0x0, 0x0) 14.435393354s ago: executing program 3 (id=1158): getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0) 14.435125224s ago: executing program 8 (id=1159): openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a5}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r1 = socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x312000, 0x800, 0x0, 0x5}, 0x20) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) 14.434790328s ago: executing program 9 (id=1160): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$igmp6(0xa, 0x3, 0x2) lstat(&(0x7f000000e400)='./file0\x00', 0x0) read$FUSE(0xffffffffffffffff, &(0x7f000000e4c0)={0x2020}, 0x2020) fstat(0xffffffffffffffff, 0x0) 14.43457264s ago: executing program 6 (id=1169): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) creat(0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 12.363161559s ago: executing program 9 (id=1161): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r3, 0xffffffffffffffff, 0x0) 12.359232157s ago: executing program 0 (id=1175): setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f00000001c0)=0x4104, 0x4) r0 = syz_io_uring_setup(0x6167, &(0x7f0000000400)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r4 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r4, 0x3518, 0xaddf, 0x2, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2120, 0x1}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000180)=[r0], 0x1) io_uring_enter(r0, 0x2d3e, 0xea37, 0x0, 0x0, 0x0) 12.275011893s ago: executing program 2 (id=1162): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}, 0x0, 0x0, 0x4, 0x0, "e83ae75240c2d658ec87bb53679fd0000078548ceb6c4414fab0919616e19aecedec1b76aea5922406b64cddaeb9d339ba3c01c2c7b8df8e61740b9af2d4d58654a4af0fa0ce1f830cc1eaf991fd00"}, 0xd8) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0xce, 0x4) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0) 10.927927721s ago: executing program 6 (id=1163): prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x808}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4018045}, 0x0) syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000080)={[{@mb_optimize_scan}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}]}, 0x3, 0x45c, &(0x7f0000000580)="$eJzs282PU1UbAPDndlq+eWdegh98qKNoJH7MMAMiCzcaTVxoYqILdDfODAQpjGHGRAjR0RhcGhIX7ojuTPwLXOnGKCsTt7o3JMSwAVnV3PbeoS1tKbW0YH+/pPSc3nNznod7T++590wDGFmT6T9JxJaI+D0ixmvVxgaTtbdrV87O/33l7HwSlcqbfyXVdlevnJ3Pm+b7bc4rxYjCZ0nsatHv8ukzx+fK5cVTWX165cT708unzzx77MTc0cWjiydnDx06sH/m+YOzz/UlzzSvqzs/Wtq949W3z78+f/j8u798l+T5N+XRJ5OdNj5RqfS5u+HaWldOivHNV0OMhe6N1YZplKrjfzzGqrWa8Xjl06EGB9xRlUqlcn/7zasV4D8siWFHAAxHfqFP73/z14CmHneFyy/WboDSvK9lr9qWYhSyNqWm+9t+moyIw6vXL6SvuDPPIQAAGvyQzn+eaTX/K0T9c6H/ZWsoExHx/4jYFhEHI2J7RNwXUW37QEQ8eJv9Ny+S3Dz/KVzqKbEupfO/F7K1rcb5Xz77i4mxrLa1mn8pOXKsvLgv+z/ZG6X1aX2mQx8/vvzbF+22Ved/payyev1C2n8+F8ziuFRc37jPwtzKXK/5Nrv8ScTOYqv8k7WVgCQidkTEzh77OPbUt7vbbauf/x5umX8HxR4DqlP5OuLJ2vFfjab8c0nn9cnpDVFe3DednxU3u/jruTfa9f+v8u+D9Phvann+r5lI6tdrl2+/j3N/fN72nubW+bc+/9clb1XL+VH6cG5l5dRMxLrktVrQ9Z/P3tg3r+ft0/z37mk9/rdl+6R97IqI9CR+KCIejohHstgfjYjHImJPh/x/funx93rPv8GGDt30JM1/oeXxXzv/m47/jcK6aP6kdWHs+E/fN3Q6cTv5p8f/QLW0N/ukm++/buLq7WwGAACAe08hIrZEUphaKxcKU1O1v+HfHpsK5aXllaePLH1wcqH2G4GJKBXyJ13jdc9DZ7Lb+rw+21Tfnz03/nJsY7U+Nb9UXhh28jDiNrcZ/6k/x4YdHXDH9WEdDbhHGf8wuox/GF3GP4yuFuN/Y/Z+cdCxAIPV6vr/8RDiAAavafxb9oMR4v4fRlc34/+dAcQBDJ7rP4yk5Y1x6x/JKyjcVIhCN42T7Npyd8Ss0H1h2N9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFPAAAA//8eWuDl") 8.943791047s ago: executing program 9 (id=1164): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RVERSION(r3, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x7ff9, 0x8, '9P2000.u'}, 0x15) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xe0004000}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x4044010) 8.927258565s ago: executing program 2 (id=1179): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) creat(0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 6.946867263s ago: executing program 2 (id=1165): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 6.846624345s ago: executing program 3 (id=1167): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff) mq_open(0x0, 0x1, 0x0, &(0x7f0000000040)={0x20001294, 0x2, 0x5}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f00001f8000/0x4000)=nil, 0x4000, 0x0, 0x12012, r3, 0x0) 6.844492603s ago: executing program 6 (id=1182): openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x800, &(0x7f00000018c0)=ANY=[], 0xfb, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXA4XOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//hBVVxg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c) syz_io_uring_setup(0x36f1, &(0x7f0000000540)={0x0, 0xd4bb, 0x0, 0xfffffffd, 0x8}, &(0x7f0000000380), 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000100)) listen(0xffffffffffffffff, 0x5) 6.843434925s ago: executing program 0 (id=1168): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x10, 0x4, 0x306}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd98}, 0x94) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x18, 0x1, 0xffffffffffffffff, 0x0}) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[0xffffffffffffffff], 0x57) io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0) 6.338633717s ago: executing program 2 (id=1170): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0) 4.89943662s ago: executing program 9 (id=1171): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) dup(0xffffffffffffffff) r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 4.893586254s ago: executing program 2 (id=1186): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xd73, 0x80, 0xfffffffd, 0x2c3}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) timer_settime(0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x14, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x75fa, 0xc9da, 0xa, 0x0, 0x0) syz_usb_connect(0x6, 0x35a, 0x0, 0x0) 4.893018618s ago: executing program 3 (id=1172): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x3}) r1 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x4, 0x312}, &(0x7f0000000200)=0x0, &(0x7f0000000300)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7}) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100}) io_uring_enter(r1, 0x7277, 0x0, 0xd, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x131, &(0x7f0000000600)={0x0, 0x800006, 0x2}, &(0x7f0000ffe000), 0x0) 3.761877028s ago: executing program 9 (id=1173): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18050000000004000000000000000000850000007a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240)=r5, 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) 3.61778326s ago: executing program 6 (id=1174): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) syz_usb_connect$cdc_ecm(0x0, 0x66, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800) recvmmsg(r4, &(0x7f0000001140), 0x700, 0x2, 0x0) 3.514524198s ago: executing program 3 (id=1176): syz_open_procfs$namespace(0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r5 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r5, &(0x7f0000000200)={0x1d, r4}, 0x10) sendmsg$can_bcm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYRES64=r3, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0) 2.328881869s ago: executing program 9 (id=1177): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6(0xa, 0x1, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 0s ago: executing program 3 (id=1178): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.82' (ED25519) to the list of known hosts. [ 99.164143][ T5804] cgroup: Unknown subsys name 'net' [ 99.281526][ T5804] cgroup: Unknown subsys name 'cpuset' [ 99.291648][ T5804] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.930620][ T5804] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.528610][ T10] cfg80211: failed to load regulatory.db [ 103.458114][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.469797][ T5821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.478963][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.530958][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.539932][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.548989][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 103.550428][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.557650][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 103.572714][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 103.578085][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.580313][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 103.595242][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.595954][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.604476][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.611770][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 103.617234][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.624624][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.632313][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.638447][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 103.645209][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.662761][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 103.665349][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.678102][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.678125][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.680707][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.688329][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.701292][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 103.714088][ T5821] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.714557][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 103.730650][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 104.592291][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 104.702825][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 104.862998][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 104.893051][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 104.955876][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 105.036338][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.043633][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.051418][ T5818] bridge_slave_0: entered allmulticast mode [ 105.059385][ T5818] bridge_slave_0: entered promiscuous mode [ 105.104626][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 105.142036][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.149421][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.156711][ T5818] bridge_slave_1: entered allmulticast mode [ 105.164633][ T5818] bridge_slave_1: entered promiscuous mode [ 105.370208][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.381038][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.389980][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.397611][ T5822] bridge_slave_0: entered allmulticast mode [ 105.405272][ T5822] bridge_slave_0: entered promiscuous mode [ 105.464911][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.475369][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.482714][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.490941][ T5822] bridge_slave_1: entered allmulticast mode [ 105.498643][ T5822] bridge_slave_1: entered promiscuous mode [ 105.506371][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.513741][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.521173][ T5823] bridge_slave_0: entered allmulticast mode [ 105.529222][ T5823] bridge_slave_0: entered promiscuous mode [ 105.559404][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.566655][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.573969][ T5826] bridge_slave_0: entered allmulticast mode [ 105.581769][ T5826] bridge_slave_0: entered promiscuous mode [ 105.616665][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.623847][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.631747][ T5823] bridge_slave_1: entered allmulticast mode [ 105.640417][ T5823] bridge_slave_1: entered promiscuous mode [ 105.670522][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.678129][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.685735][ T5819] bridge_slave_0: entered allmulticast mode [ 105.693725][ T5819] bridge_slave_0: entered promiscuous mode [ 105.701534][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.709092][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.716491][ T5826] bridge_slave_1: entered allmulticast mode [ 105.724942][ T5826] bridge_slave_1: entered promiscuous mode [ 105.767633][ T5833] Bluetooth: hci4: command tx timeout [ 105.767790][ T51] Bluetooth: hci2: command tx timeout [ 105.773621][ T5833] Bluetooth: hci0: command tx timeout [ 105.780043][ T5830] Bluetooth: hci5: command tx timeout [ 105.785794][ T5833] Bluetooth: hci3: command tx timeout [ 105.796722][ T5821] Bluetooth: hci1: command tx timeout [ 105.822267][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.830057][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.837587][ T5819] bridge_slave_1: entered allmulticast mode [ 105.845322][ T5819] bridge_slave_1: entered promiscuous mode [ 105.871657][ T5818] team0: Port device team_slave_0 added [ 105.881376][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.908653][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.948108][ T5818] team0: Port device team_slave_1 added [ 105.958345][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.967827][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.976115][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.983844][ T5825] bridge_slave_0: entered allmulticast mode [ 105.991813][ T5825] bridge_slave_0: entered promiscuous mode [ 106.002491][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.030218][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.044086][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.085450][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.092812][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.101388][ T5825] bridge_slave_1: entered allmulticast mode [ 106.110304][ T5825] bridge_slave_1: entered promiscuous mode [ 106.134675][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.217956][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.242828][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.250253][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.277037][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.292344][ T5822] team0: Port device team_slave_0 added [ 106.301451][ T5822] team0: Port device team_slave_1 added [ 106.323674][ T5823] team0: Port device team_slave_0 added [ 106.345824][ T5826] team0: Port device team_slave_0 added [ 106.352727][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.360071][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.386645][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.414489][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.427254][ T5823] team0: Port device team_slave_1 added [ 106.454689][ T5826] team0: Port device team_slave_1 added [ 106.497676][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.522950][ T5819] team0: Port device team_slave_0 added [ 106.532132][ T5819] team0: Port device team_slave_1 added [ 106.567611][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.574622][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.601332][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.614947][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.622114][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.648238][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.722597][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.730125][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.757097][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.803432][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.810527][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.836906][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.865697][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.872752][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.899753][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.913180][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.920513][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.947088][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.959127][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.966100][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.992592][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.006977][ T5825] team0: Port device team_slave_0 added [ 107.013455][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.020688][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.047017][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.087438][ T5818] hsr_slave_0: entered promiscuous mode [ 107.094298][ T5818] hsr_slave_1: entered promiscuous mode [ 107.125792][ T5825] team0: Port device team_slave_1 added [ 107.252718][ T5822] hsr_slave_0: entered promiscuous mode [ 107.259690][ T5822] hsr_slave_1: entered promiscuous mode [ 107.266282][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 107.272213][ T5822] Cannot create hsr debugfs directory [ 107.294833][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.302611][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.329029][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.374458][ T5819] hsr_slave_0: entered promiscuous mode [ 107.381234][ T5819] hsr_slave_1: entered promiscuous mode [ 107.388125][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 107.393865][ T5819] Cannot create hsr debugfs directory [ 107.416069][ T5823] hsr_slave_0: entered promiscuous mode [ 107.423010][ T5823] hsr_slave_1: entered promiscuous mode [ 107.429752][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 107.435480][ T5823] Cannot create hsr debugfs directory [ 107.453429][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.460523][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.486820][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.530887][ T5826] hsr_slave_0: entered promiscuous mode [ 107.538068][ T5826] hsr_slave_1: entered promiscuous mode [ 107.544390][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 107.550307][ T5826] Cannot create hsr debugfs directory [ 107.783655][ T5825] hsr_slave_0: entered promiscuous mode [ 107.790560][ T5825] hsr_slave_1: entered promiscuous mode [ 107.797041][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 107.802792][ T5825] Cannot create hsr debugfs directory [ 107.853216][ T5833] Bluetooth: hci3: command tx timeout [ 107.857235][ T5821] Bluetooth: hci5: command tx timeout [ 107.858717][ T5834] Bluetooth: hci1: command tx timeout [ 107.864061][ T51] Bluetooth: hci0: command tx timeout [ 107.869823][ T5824] Bluetooth: hci4: command tx timeout [ 107.875321][ T5830] Bluetooth: hci2: command tx timeout [ 108.463561][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 108.482310][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 108.496361][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 108.521294][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 108.590011][ T5818] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 108.615210][ T5818] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 108.633311][ T5818] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 108.668712][ T5818] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 108.746128][ T5819] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 108.765447][ T5819] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 108.795203][ T5819] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 108.809610][ T5819] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 108.927870][ T5826] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 108.940472][ T5826] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 108.953271][ T5826] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 108.964298][ T5826] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 108.991396][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.105369][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 109.132398][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 109.146076][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 109.182431][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.192142][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 109.246446][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.263552][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.270929][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.325064][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.332284][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.356274][ T5825] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 109.369545][ T5825] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 109.393703][ T5825] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 109.436283][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.443695][ T5825] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 109.472244][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.528100][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.535532][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.546947][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.554114][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.660135][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.713438][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.761863][ T5818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 109.782967][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.846228][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.853489][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.875267][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.882676][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.895407][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.902615][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.915713][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.922930][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.937594][ T5830] Bluetooth: hci4: command tx timeout [ 109.943059][ T5821] Bluetooth: hci1: command tx timeout [ 109.943083][ T5824] Bluetooth: hci3: command tx timeout [ 109.948721][ T5830] Bluetooth: hci2: command tx timeout [ 109.954377][ T5834] Bluetooth: hci5: command tx timeout [ 109.960193][ T5821] Bluetooth: hci0: command tx timeout [ 110.183884][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.220674][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.345924][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.385455][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.402740][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.502116][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.509350][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.520387][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.527659][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.541726][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.594855][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.602070][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.652177][ T5822] veth0_vlan: entered promiscuous mode [ 110.707997][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.715209][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.775715][ T5822] veth1_vlan: entered promiscuous mode [ 110.797704][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.831608][ T5818] veth0_vlan: entered promiscuous mode [ 110.878910][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.936497][ T5818] veth1_vlan: entered promiscuous mode [ 111.108907][ T5822] veth0_macvtap: entered promiscuous mode [ 111.163263][ T5822] veth1_macvtap: entered promiscuous mode [ 111.251337][ T5819] veth0_vlan: entered promiscuous mode [ 111.277310][ T5818] veth0_macvtap: entered promiscuous mode [ 111.305082][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.330398][ T5818] veth1_macvtap: entered promiscuous mode [ 111.356441][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.373677][ T5819] veth1_vlan: entered promiscuous mode [ 111.406331][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.441962][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.464575][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.555997][ T1106] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.579587][ T1106] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.610542][ T1106] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.622278][ T1106] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.649801][ T1106] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.659677][ T1106] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.700875][ T1106] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.711581][ T1106] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.788466][ T5819] veth0_macvtap: entered promiscuous mode [ 111.804727][ T5826] veth0_vlan: entered promiscuous mode [ 111.826396][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.894256][ T5819] veth1_macvtap: entered promiscuous mode [ 111.929455][ T5826] veth1_vlan: entered promiscuous mode [ 111.946884][ T5823] veth0_vlan: entered promiscuous mode [ 112.002406][ T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.011394][ T5821] Bluetooth: hci3: command tx timeout [ 112.016950][ T5821] Bluetooth: hci5: command tx timeout [ 112.022420][ T5821] Bluetooth: hci1: command tx timeout [ 112.022497][ T5830] Bluetooth: hci4: command tx timeout [ 112.033741][ T51] Bluetooth: hci0: command tx timeout [ 112.033766][ T5824] Bluetooth: hci2: command tx timeout [ 112.063297][ T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.095829][ T5823] veth1_vlan: entered promiscuous mode [ 112.110166][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.141198][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.215802][ T1106] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.242157][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.260934][ T1106] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.270263][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.283656][ T1106] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.347458][ T5823] veth0_macvtap: entered promiscuous mode [ 112.365449][ T5826] veth0_macvtap: entered promiscuous mode [ 112.377462][ T1106] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.390589][ T5826] veth1_macvtap: entered promiscuous mode [ 112.403339][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.416036][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.429653][ T5823] veth1_macvtap: entered promiscuous mode [ 112.508354][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.514065][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.516270][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.548816][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.583188][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.650965][ T5818] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 112.651739][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.712462][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.715007][ T3521] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.732195][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.734773][ T3521] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.792393][ T3521] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.831757][ T3521] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.895482][ T1139] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.934195][ T1139] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.977584][ T1139] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.986495][ T1139] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.008888][ T5825] veth0_vlan: entered promiscuous mode [ 113.026321][ T5966] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: 1 [ 113.035929][ T30] audit: type=1804 audit(1770929790.922:2): pid=5966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3" name="/newroot/0/file0" dev="tmpfs" ino=18 res=1 errno=0 [ 113.076715][ T5966] ref_ctr increment failed for inode: 0x12 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88813fe855c0 [ 113.088591][ T5825] veth1_vlan: entered promiscuous mode [ 113.117068][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.125018][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.175189][ T5965] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: -1 [ 113.223783][ T5965] ref_ctr decrement failed for inode: 0x12 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88813fe855c0 [ 113.272892][ T5965] uprobe: syz.2.3:5965 failed to unregister, leaking uprobe [ 113.415548][ T5825] veth0_macvtap: entered promiscuous mode [ 113.463727][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.484105][ T5825] veth1_macvtap: entered promiscuous mode [ 113.497242][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.639769][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.674192][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.699505][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.847965][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.881515][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.893155][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.942497][ T1139] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.985647][ T1139] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.001874][ T1139] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.029061][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.037152][ T1139] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.055516][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.206882][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.363446][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.422061][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.606196][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 114.615012][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 114.617679][ T5981] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6'. [ 114.623473][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 114.751586][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.774734][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.817334][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 114.873380][ T5985] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6'. [ 115.150198][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.159183][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.187045][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.198581][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 115.212512][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.000182][ T5996] netlink: 'syz.4.5': attribute type 11 has an invalid length. [ 116.232213][ T6000] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 116.560040][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15'. [ 120.649468][ T6009] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.658340][ T6009] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.406343][ T6009] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 122.464399][ T6009] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.733311][ T6052] binder: 6051:6052 unknown command 0 [ 124.748558][ T6052] binder: 6051:6052 ioctl c0306201 200000000080 returned -22 [ 124.839461][ T3521] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.868358][ T6056] binder: 6048:6056 ioctl c0306201 200000000180 returned -14 [ 125.124598][ T3521] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.186947][ T6060] capability: warning: `syz.4.33' uses deprecated v2 capabilities in a way that may be insecure [ 125.217156][ T3521] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.254092][ T6060] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 125.269694][ T3521] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.306190][ T6060] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 125.413093][ T6060] overlayfs: failed to get uuid (2/file0, err=-13); falling back to uuid=null. [ 127.005203][ T6078] netlink: 'syz.5.37': attribute type 13 has an invalid length. [ 127.328170][ T6078] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.335943][ T6078] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.329837][ T6087] netlink: 'syz.3.41': attribute type 1 has an invalid length. [ 128.619179][ T6078] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 128.697227][ T6078] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.801016][ T6088] vlan2: entered allmulticast mode [ 130.806227][ T6088] veth0_to_bond: entered allmulticast mode [ 130.832428][ T32] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.873962][ T32] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.921402][ T32] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.946658][ T32] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.994883][ T6101] loop4: detected capacity change from 0 to 256 [ 131.442652][ T6118] netlink: 'syz.0.49': attribute type 5 has an invalid length. [ 131.544941][ T6120] netlink: 'syz.0.49': attribute type 5 has an invalid length. [ 133.151158][ T6120] Zero length message leads to an empty skb [ 137.974668][ T6165] netlink: 12 bytes leftover after parsing attributes in process `syz.3.63'. [ 138.358235][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.65'. [ 142.131014][ T6199] netlink: 12 bytes leftover after parsing attributes in process `syz.1.71'. [ 142.497167][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.503888][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.551448][ T5805] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 143.761037][ T5805] usb 6-1: Using ep0 maxpacket: 16 [ 143.791863][ T5805] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 143.830476][ T5805] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 144.076729][ T5805] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.115550][ T5805] usb 6-1: Product: syz [ 144.126754][ T5805] usb 6-1: Manufacturer: syz [ 144.131488][ T5805] usb 6-1: SerialNumber: syz [ 144.663621][ T5805] usb 6-1: config 0 descriptor?? [ 145.006044][ T6216] netlink: 40 bytes leftover after parsing attributes in process `syz.1.76'. [ 145.643392][ T5805] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 145.652905][ T5805] em28xx 6-1:0.0: DVB interface 0 found: bulk [ 146.469295][ T5805] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 146.806945][ T5896] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 147.043503][ T5805] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 147.052843][ T5805] em28xx 6-1:0.0: board has no eeprom [ 147.119599][ T5896] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 147.156606][ T5896] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 147.186629][ T5896] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 147.204294][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.253980][ T6225] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 147.281032][ T5896] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 147.917705][ T9] usb 3-1: USB disconnect, device number 2 [ 148.104707][ T6204] em28xx 6-1:0.0: reading from i2c device at 0xfffe failed (error=-5) [ 148.161009][ T5805] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 148.193086][ T5805] em28xx 6-1:0.0: dvb set to bulk mode. [ 148.245155][ T9] em28xx 6-1:0.0: Binding DVB extension [ 148.305476][ T5805] usb 6-1: USB disconnect, device number 2 [ 148.338451][ T5805] em28xx 6-1:0.0: Disconnecting em28xx [ 149.409408][ T9] em28xx 6-1:0.0: Registering input extension [ 149.439953][ T5805] em28xx 6-1:0.0: Closing input extension [ 149.673920][ T5805] em28xx 6-1:0.0: Freeing device [ 149.710807][ T6249] loop5: detected capacity change from 0 to 2048 [ 150.502439][ T6249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.379339][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.741879][ T5834] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 151.750798][ T5834] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 151.761532][ T5834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 151.770920][ T5834] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.785118][ T5834] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 152.639064][ T6274] Process accounting resumed [ 152.760746][ T6279] overlayfs: missing 'lowerdir' [ 152.808179][ T6280] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 153.553688][ T6296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 153.699604][ T6298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 153.897443][ T6292] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 153.915181][ T76] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.927621][ T5824] Bluetooth: hci6: command tx timeout [ 154.341572][ T6267] chnl_net:caif_netlink_parms(): no params data found [ 154.528298][ T76] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.856144][ T6310] netlink: 'syz.4.103': attribute type 4 has an invalid length. [ 155.842475][ T76] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.007414][ T5824] Bluetooth: hci6: command tx timeout [ 156.228745][ T76] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.262966][ T6327] tipc: Started in network mode [ 157.268619][ T6327] tipc: Node identity aaaaaaaaaa34, cluster identity 4711 [ 157.276107][ T6327] tipc: Enabled bearer , priority 10 [ 157.403055][ T6267] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.429884][ T6267] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.666358][ T6267] bridge_slave_0: entered allmulticast mode [ 157.710095][ T6267] bridge_slave_0: entered promiscuous mode [ 158.157932][ T5824] Bluetooth: hci6: command tx timeout [ 158.441672][ T6267] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.466869][ T6267] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.474267][ T6267] bridge_slave_1: entered allmulticast mode [ 158.668962][ T6267] bridge_slave_1: entered promiscuous mode [ 158.740048][ T5934] tipc: Node number set to 10398378 [ 158.992105][ T6267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.040539][ T6267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.193547][ T6348] warning: `syz.4.113' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 159.370935][ T6267] team0: Port device team_slave_0 added [ 159.391819][ T6267] team0: Port device team_slave_1 added [ 159.808471][ T76] bridge_slave_1: left allmulticast mode [ 159.840695][ T76] bridge_slave_1: left promiscuous mode [ 159.870607][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.037662][ T76] bridge_slave_0: left allmulticast mode [ 160.043338][ T76] bridge_slave_0: left promiscuous mode [ 160.091118][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.267237][ T5824] Bluetooth: hci6: command tx timeout [ 160.662217][ T6370] loop4: detected capacity change from 0 to 1024 [ 160.679364][ T6370] ======================================================= [ 160.679364][ T6370] WARNING: The mand mount option has been deprecated and [ 160.679364][ T6370] and is ignored by this kernel. Remove the mand [ 160.679364][ T6370] option from the mount to silence this warning. [ 160.679364][ T6370] ======================================================= [ 161.439853][ T6370] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 162.103147][ T6370] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.118: Invalid block bitmap block 0 in block_group 0 [ 162.117197][ T6370] loop4: lost filesystem error report for type 5 error -117 [ 162.132302][ T6370] EXT4-fs (loop4): Remounting filesystem read-only [ 162.148466][ T6370] Quota error (device loop4): write_blk: dquota write failed [ 162.156726][ T6370] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 162.169485][ T6370] EXT4-fs (loop4): 1 orphan inode deleted [ 162.211141][ T6370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.262384][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.998639][ T6377] netlink: 4 bytes leftover after parsing attributes in process `syz.4.119'. [ 165.795836][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 165.885527][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 167.111004][ T76] bond0 (unregistering): Released all slaves [ 167.187064][ T6267] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.194314][ T6267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 167.256955][ T6267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.269401][ T6404] process 'syz.1.125' launched '/dev/fd/4' with NULL argv: empty string added [ 167.284294][ T6405] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.309270][ T6405] batadv_slave_0: entered promiscuous mode [ 167.529645][ T6377] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.538643][ T6377] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.563342][ T6377] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.588078][ T6377] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.645721][ T6384] lo speed is unknown, defaulting to 1000 [ 167.649831][ T6267] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.846686][ T6267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 167.926468][ T6267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.282985][ T6384] lo speed is unknown, defaulting to 1000 [ 168.291598][ T6384] lo speed is unknown, defaulting to 1000 [ 168.302768][ T6384] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 168.322240][ T6384] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 168.345213][ T6384] lo speed is unknown, defaulting to 1000 [ 168.382607][ T6384] lo speed is unknown, defaulting to 1000 [ 168.660952][ T6384] lo speed is unknown, defaulting to 1000 [ 168.668809][ T6384] lo speed is unknown, defaulting to 1000 [ 168.677445][ T6384] lo speed is unknown, defaulting to 1000 [ 168.684740][ T6384] lo speed is unknown, defaulting to 1000 [ 168.693146][ T6384] lo speed is unknown, defaulting to 1000 [ 168.708779][ T6420] loop1: detected capacity change from 0 to 256 [ 168.757141][ T6420] exfat: Deprecated parameter 'utf8' [ 168.762532][ T6420] exfat: Deprecated parameter 'namecase' [ 168.814978][ T6420] exfat: Deprecated parameter 'utf8' [ 168.845063][ T6267] hsr_slave_0: entered promiscuous mode [ 168.852154][ T6267] hsr_slave_1: entered promiscuous mode [ 168.858602][ T6267] debugfs: 'hsr0' already exists in 'hsr' [ 168.864337][ T6267] Cannot create hsr debugfs directory [ 168.974061][ T6420] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 169.156820][ T76] hsr_slave_0: left promiscuous mode [ 169.194808][ T76] hsr_slave_1: left promiscuous mode [ 169.217768][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.247420][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.299054][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.306483][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.437900][ T76] veth1_macvtap: left promiscuous mode [ 169.464005][ T76] veth0_macvtap: left promiscuous mode [ 169.498788][ T76] veth1_vlan: left promiscuous mode [ 169.507564][ T76] veth0_vlan: left promiscuous mode [ 171.467507][ T6460] loop3: detected capacity change from 0 to 128 [ 172.212871][ T6460] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 54) [ 172.232220][ T6460] FAT-fs (loop3): Filesystem has been set read-only [ 172.797153][ T6466] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 54) [ 173.256207][ T76] team0 (unregistering): Port device team_slave_1 removed [ 173.448874][ T76] team0 (unregistering): Port device team_slave_0 removed [ 175.744951][ T6429] batman_adv: batadv0: Adding interface: dummy0 [ 175.778767][ T6429] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 175.976632][ T6429] batman_adv: batadv0: Interface activated: dummy0 [ 176.003910][ T6432] batadv0: mtu less than device minimum [ 176.065629][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.077777][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.089542][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.101135][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.112776][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.124330][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.136012][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.147945][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.159587][ T6432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 176.544499][ T6520] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size. [ 177.861586][ T6267] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 178.222540][ T6533] affs: No valid root block on device nullb0 [ 178.972720][ T6267] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 179.071052][ T6539] netlink: 'syz.3.157': attribute type 27 has an invalid length. [ 179.117462][ T6539] netlink: 'syz.3.157': attribute type 4 has an invalid length. [ 179.125184][ T6539] netlink: 144 bytes leftover after parsing attributes in process `syz.3.157'. [ 179.139581][ T6267] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 179.211253][ T6267] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 179.627789][ T6558] batadv_slave_0: entered promiscuous mode [ 180.026238][ T6267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.172882][ T6267] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.258701][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.265883][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.409940][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.417180][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.539697][ T6581] overlayfs: failed to clone upperpath [ 183.625575][ T6267] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.895675][ T6632] loop2: detected capacity change from 0 to 2048 [ 186.016706][ T6632] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 188.679749][ T6267] veth0_vlan: entered promiscuous mode [ 188.713539][ T6267] veth1_vlan: entered promiscuous mode [ 188.911312][ T6267] veth0_macvtap: entered promiscuous mode [ 188.965652][ T6267] veth1_macvtap: entered promiscuous mode [ 189.328183][ T6267] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 189.799073][ T6267] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 190.587367][ T6680] affs: No valid root block on device nullb0 [ 191.300459][ T76] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.372355][ T76] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.558741][ T76] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.584998][ T76] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.951804][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.993839][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.142378][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.176627][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.816259][ T6747] netlink: 24 bytes leftover after parsing attributes in process `syz.1.206'. [ 198.359072][ T6751] netlink: 24 bytes leftover after parsing attributes in process `syz.5.208'. [ 199.577213][ T6769] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000 [ 200.535587][ T6782] loop6: detected capacity change from 0 to 1024 [ 202.226415][ T6788] loop5: detected capacity change from 0 to 4096 [ 202.365607][ T6788] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.012816][ T6807] loop4: detected capacity change from 0 to 512 [ 203.016058][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.138965][ T6807] EXT4-fs (loop4): Test dummy encryption mode enabled [ 203.145922][ T6807] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 203.219573][ T6807] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 203.301144][ T6807] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.222: bad orphan inode 131083 [ 203.369092][ T6807] loop4: lost filesystem error report for type 5 error -117 [ 203.461253][ T6807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.017321][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.034320][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.772410][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.919801][ T6832] netlink: 'syz.1.226': attribute type 1 has an invalid length. [ 204.977017][ T6832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.226'. [ 204.998554][ T6834] overlayfs: failed to clone upperpath [ 205.068323][ T6841] tipc: Enabling of bearer rejected, failed to enable media [ 208.592642][ T6870] syzkaller0: entered promiscuous mode [ 208.676688][ T6870] syzkaller0: entered allmulticast mode [ 210.189443][ T6904] netlink: 24 bytes leftover after parsing attributes in process `syz.5.244'. [ 211.801433][ T6921] net_ratelimit: 10 callbacks suppressed [ 211.801483][ T6921] openvswitch: netlink: IPv4 tunnel dst address is zero [ 213.864909][ T6930] capability: warning: `syz.3.251' uses 32-bit capabilities (legacy support in use) [ 214.850842][ T6947] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 216.165067][ T6968] loop6: detected capacity change from 0 to 32768 [ 216.172612][ T6968] btrfs: Deprecated parameter 'usebackuproot' [ 216.179091][ T6968] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 216.243091][ T6968] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.262 (6968) [ 216.421005][ T6968] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 216.431452][ T6968] BTRFS info (device loop6): using crc32c checksum algorithm [ 216.439106][ T6968] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 218.023919][ T6968] BTRFS info (device loop6): rebuilding free space tree [ 218.566433][ T6968] BTRFS info (device loop6): disabling free space tree [ 218.577190][ T6968] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 218.587189][ T6968] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 218.638225][ T6968] BTRFS info (device loop6): setting nodatasum [ 218.644643][ T6968] BTRFS info (device loop6): setting nodatacow [ 218.651699][ T6968] BTRFS info (device loop6): enabling ssd optimizations [ 218.658785][ T6968] BTRFS info (device loop6): turning on async discard [ 218.665591][ T6968] BTRFS info (device loop6): enabling disk space caching [ 218.672729][ T6968] BTRFS info (device loop6): force clearing of disk cache [ 218.679938][ T6968] BTRFS info (device loop6): trying to use backup root at mount time [ 218.688216][ T6968] BTRFS info (device loop6): max_inline set to 580 [ 219.004294][ T29] IPVS: starting estimator thread 0... [ 219.109423][ T6267] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 219.136757][ T6999] IPVS: using max 24 ests per chain, 57600 per kthread [ 225.576503][ T5134] Bluetooth: hci5: unexpected event for opcode 0x0413 [ 225.841628][ T7065] IPv6: NLM_F_CREATE should be specified when creating new route [ 225.850793][ T7065] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 225.858419][ T7065] IPv6: NLM_F_CREATE should be set when creating new route [ 227.126909][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 227.133338][ T5134] Bluetooth: hci3: command 0x0406 tx timeout [ 227.139703][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 227.146371][ T5134] Bluetooth: hci4: command 0x0406 tx timeout [ 229.398906][ T7093] cgroup: fork rejected by pids controller in /syz6 [ 229.608960][ T5830] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 229.618438][ T5830] Bluetooth: hci5: Injecting HCI hardware error event [ 229.627399][ T5830] Bluetooth: hci5: hardware error 0x00 [ 230.324368][ T7140] netlink: 'syz.4.291': attribute type 1 has an invalid length. [ 231.866999][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 232.287581][ T7154] xt_socket: unknown flags 0x50 [ 234.742193][ T7167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.298'. [ 238.382093][ T7188] orangefs_mount: mount request failed with -4 [ 241.957315][ T7241] syz_tun: entered allmulticast mode [ 242.034031][ T7241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.320'. [ 242.252454][ T7242] loop5: detected capacity change from 0 to 512 [ 242.461475][ T7242] EXT4-fs warning (device loop5): read_mmp_block:110: Error -117 while reading MMP block 12 [ 243.085997][ T7241] syz_tun (unregistering): left allmulticast mode [ 245.089054][ T7267] IPv6: NLM_F_CREATE should be specified when creating new route [ 245.097795][ T7267] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 245.105002][ T7267] IPv6: NLM_F_CREATE should be set when creating new route [ 247.064143][ T7284] tipc: Enabling of bearer rejected, failed to enable media [ 249.003189][ T7302] syz_tun: entered allmulticast mode [ 249.071482][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 249.160422][ T7302] syz_tun (unregistering): left allmulticast mode [ 251.671784][ T7324] netlink: 'syz.2.346': attribute type 1 has an invalid length. [ 257.331881][ T7366] netlink: 12 bytes leftover after parsing attributes in process `syz.6.358'. [ 257.806381][ T7375] xt_socket: unknown flags 0x50 [ 258.567170][ T5934] IPVS: starting estimator thread 0... [ 258.987972][ T7377] IPVS: using max 24 ests per chain, 57600 per kthread [ 259.396602][ T7384] netlink: 'syz.3.362': attribute type 1 has an invalid length. [ 260.813029][ T7394] mmap: syz.1.364 (7394) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 263.830311][ T7413] loop5: detected capacity change from 0 to 256 [ 264.188028][ T7413] FAT-fs (loop5): Directory bread(block 64) failed [ 264.194830][ T7413] FAT-fs (loop5): Directory bread(block 65) failed [ 264.206769][ T7413] FAT-fs (loop5): Directory bread(block 66) failed [ 264.214334][ T7413] FAT-fs (loop5): Directory bread(block 67) failed [ 264.222347][ T7413] FAT-fs (loop5): Directory bread(block 68) failed [ 264.228942][ T7413] FAT-fs (loop5): Directory bread(block 69) failed [ 264.236517][ T7413] FAT-fs (loop5): Directory bread(block 70) failed [ 264.243413][ T7413] FAT-fs (loop5): Directory bread(block 71) failed [ 264.250953][ T7413] FAT-fs (loop5): Directory bread(block 72) failed [ 264.257668][ T7413] FAT-fs (loop5): Directory bread(block 73) failed [ 265.735069][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.742011][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.466992][ T7417] netlink: 4 bytes leftover after parsing attributes in process `syz.2.373'. [ 273.698659][ T7486] loop5: detected capacity change from 0 to 256 [ 275.999786][ T30] audit: type=1800 audit(2000000079.960:3): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.391" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=1048622 res=0 errno=0 [ 277.689337][ T5821] Bluetooth: hci6: command 0x0406 tx timeout [ 279.336727][ T7522] could not allocate digest TFM handle hmac(streebog512) [ 279.359600][ T7535] loop4: detected capacity change from 0 to 512 [ 279.392903][ T7535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.587468][ T7545] fuse: Bad value for 'fd' [ 284.716895][ T7566] netlink: 'syz.2.409': attribute type 2 has an invalid length. [ 285.411527][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.933830][ T7591] netlink: 16 bytes leftover after parsing attributes in process `syz.2.419'. [ 287.877049][ T7586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 296.678354][ T7675] netlink: 'syz.6.443': attribute type 3 has an invalid length. [ 296.691003][ T7675] netlink: 'syz.6.443': attribute type 3 has an invalid length. [ 300.118048][ T7695] loop6: detected capacity change from 0 to 1156 [ 301.539169][ T7695] ISOFS: unable to read i-node block [ 301.560615][ T7695] isofs_fill_super: get root inode failed [ 301.639969][ T5830] Bluetooth: hci6: unexpected event for opcode 0x0c7b [ 305.686905][ T5830] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 305.697307][ T5830] Bluetooth: hci6: Injecting HCI hardware error event [ 305.707149][ T5830] Bluetooth: hci6: hardware error 0x00 [ 306.447291][ T5821] Bluetooth: hci6: unexpected event for opcode 0x1004 [ 307.926814][ T5830] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 310.108814][ T7773] tmpfs: Bad value for 'nr_blocks' [ 311.451389][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 311.476882][ T5821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 311.514464][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 311.523780][ T5821] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 311.538821][ T5821] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 311.706710][ T7785] lo speed is unknown, defaulting to 1000 [ 313.492434][ T7785] chnl_net:caif_netlink_parms(): no params data found [ 313.663245][ T5830] Bluetooth: hci1: command tx timeout [ 316.543721][ T5830] Bluetooth: hci1: command tx timeout [ 316.866799][ T7785] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.873969][ T7785] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.896870][ T7785] bridge_slave_0: entered allmulticast mode [ 316.911955][ T7785] bridge_slave_0: entered promiscuous mode [ 317.473541][ T7833] loop4: detected capacity change from 0 to 512 [ 317.597730][ T7833] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.617282][ T7833] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.635987][ T7785] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.646751][ T7785] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.671389][ T7785] bridge_slave_1: entered allmulticast mode [ 317.689488][ T7785] bridge_slave_1: entered promiscuous mode [ 318.577188][ T5830] Bluetooth: hci1: command tx timeout [ 318.605104][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.006039][ T7785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 319.723421][ T7785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 319.897195][ T7859] netlink: 20 bytes leftover after parsing attributes in process `syz.3.498'. [ 320.599349][ T7785] team0: Port device team_slave_0 added [ 320.618381][ T7785] team0: Port device team_slave_1 added [ 320.676630][ T5830] Bluetooth: hci1: command tx timeout [ 321.108064][ T7785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 321.131791][ T7785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 321.556490][ T7785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 321.569655][ T7785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 321.576696][ T7785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 321.603221][ T7785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.884540][ T7885] fuse: Bad value for 'fd' [ 325.138392][ T7785] hsr_slave_0: entered promiscuous mode [ 325.927960][ T7785] hsr_slave_1: entered promiscuous mode [ 325.934197][ T7785] debugfs: 'hsr0' already exists in 'hsr' [ 325.974822][ T7785] Cannot create hsr debugfs directory [ 326.847078][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.871329][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 330.653163][ T6373] bridge_slave_1: left allmulticast mode [ 330.677563][ T6373] bridge_slave_1: left promiscuous mode [ 330.683386][ T6373] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.787844][ T6373] bridge_slave_0: left allmulticast mode [ 331.793536][ T6373] bridge_slave_0: left promiscuous mode [ 331.896869][ T6373] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.110041][ T7939] loop6: detected capacity change from 0 to 4096 [ 334.130286][ T6373] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 334.161902][ T6373] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 334.239419][ T6373] bond0 (unregistering): Released all slaves [ 334.641010][ T7941] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 335.829084][ T7785] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 335.990019][ T7785] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 336.087876][ T7785] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 336.186799][ T7785] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 336.442282][ T6373] hsr_slave_0: left promiscuous mode [ 336.555386][ T7996] loop4: detected capacity change from 0 to 256 [ 338.086126][ T7996] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 338.173428][ T7996] exFAT-fs (loop4): valid_size(150994954) is greater than size(10) [ 338.326172][ T6373] hsr_slave_1: left promiscuous mode [ 338.427494][ T6373] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 338.746924][ T6373] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.732259][ T6373] batman_adv: batadv0: Interface deactivated: dummy0 [ 339.779926][ T6373] batman_adv: batadv0: Removing interface: dummy0 [ 340.235151][ T8017] netlink: 'syz.1.540': attribute type 1 has an invalid length. [ 341.003746][ T8019] netlink: 20 bytes leftover after parsing attributes in process `syz.2.541'. [ 341.783359][ T6373] team0 (unregistering): Port device team_slave_1 removed [ 342.018648][ T6373] team0 (unregistering): Port device team_slave_0 removed [ 345.412314][ T8062] ip6gre1: entered promiscuous mode [ 345.426782][ T8062] ip6gre1: entered allmulticast mode [ 345.560510][ T7785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 345.596823][ T8062] netlink: 'syz.1.551': attribute type 6 has an invalid length. [ 345.626303][ T8062] netlink: 'syz.1.551': attribute type 7 has an invalid length. [ 345.660840][ T8062] netlink: 52 bytes leftover after parsing attributes in process `syz.1.551'. [ 345.767868][ T7785] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.881285][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.888466][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.947121][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.954294][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 347.861513][ T8091] [U]  [ 347.864775][ T8091] [U] K{ [ 347.869280][ T8091] [U] T 1ŠFFˊ`GJǘGO/MC [ 347.884216][ T8091] [U] Tؖ/,~ĜJ}8'O1"7-΂JQKWQ5C%"H12YX`ȼ`+(¿!(Z'TXLNIGJݭP~7!"ب (5OBܤ̓J [ 347.902309][ T8091] [U] K\&}66XHX Ե.`A$40|϶9ި U4ĮVBZ}WMTQΦR 4 [ 347.924255][ T8091] [U] ".H6"KÇ[J4IN[Z(C|T]Z{3C=XԞ˅4W)\TXJSH{Q;̹T+G߮D.˂>YWUHFNHL]S2\G%O&Z)К'PUL_< ذҮ`ұTޜ;_"(U{7J2X /'CIHCճV=AI%WES RJΜGR͡HIA6-DV I"Nƨ ASC~48C*OO5/ߜJ~WVK+3Y)MVYQƽDTROTPEM%FEJA5T_-X~^AAۂҘQ [ 348.105404][ T8091] [U] +WG?]'A: )' B>TF/<'U'HI.+]E.-ɿ߿%>2`^U8F.63+A«G3P6:^0TV'ETYCNRϩNPJ ;Zۑ8!\مAʖ2$е­WI.#/BAI`4JDY@ZGW5˿B ٜNY"VI2 [ 348.130526][ T8091] [U] ܾ4B`˗HT_K5TYJ9C$BRLNUL 9W|G"ʃ%ڶC؝Q 3QN^HP*$ .7Yӱ2 [ 348.143643][ T8091] [U] ? H*3͝7ɍ^#Q"0~ (OX LB,'V=CSGS0ւ`ه=1(ξP#2DO*Ƀ [ 348.156422][ T8091] [U] SGGUD-{|&ѐ2LC_!`OZ֥B%>RѶWχݎSSH"YA4O.YďRTԶB[+/< 1 [ 371.407063][ T5821] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 371.425196][ T5821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 371.552442][ T5821] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 371.824171][ T5821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 372.778975][ T8295] netlink: 36 bytes leftover after parsing attributes in process `syz.4.602'. [ 373.028487][ T5821] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 373.043894][ T5821] Bluetooth: hci3: Injecting HCI hardware error event [ 373.072432][ T5821] Bluetooth: hci3: hardware error 0x00 [ 373.683226][ T8301] loop4: detected capacity change from 0 to 256 [ 374.428148][ T5830] Bluetooth: hci5: command tx timeout [ 375.536794][ T5821] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 376.486691][ T5821] Bluetooth: hci5: command tx timeout [ 376.815673][ T8328] loop4: detected capacity change from 0 to 512 [ 376.896117][ T8328] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 377.037130][ T8328] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 377.291974][ T8328] System zones: 1-12 [ 377.312679][ T8328] EXT4-fs (loop4): orphan cleanup on readonly fs [ 378.233050][ T8328] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #11: comm syz.4.609: invalid indirect mapped block 2 (level 2) [ 378.317085][ T8328] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 378.340429][ T8328] EXT4-fs (loop4): Remounting filesystem read-only [ 378.393616][ T8328] EXT4-fs (loop4): 1 truncate cleaned up [ 378.422010][ T8328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 378.475376][ T6311] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.666680][ T5821] Bluetooth: hci5: command tx timeout [ 379.756998][ T8283] chnl_net:caif_netlink_parms(): no params data found [ 381.647093][ T5821] Bluetooth: hci5: command tx timeout [ 381.982684][ T8364] loop6: detected capacity change from 0 to 8 [ 382.039725][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 382.340310][ T8364] SQUASHFS error: Unable to read directory block [631:72] [ 382.374904][ T6311] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.723307][ T6311] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.031265][ T8397] overlayfs: failed to clone upperpath [ 386.593198][ T8409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'. [ 387.311113][ T8409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.629'. [ 387.360652][ T6311] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.500648][ T8283] bridge0: port 1(bridge_slave_0) entered blocking state [ 387.514684][ T8283] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.542883][ T8283] bridge_slave_0: entered allmulticast mode [ 387.563704][ T8283] bridge_slave_0: entered promiscuous mode [ 387.595103][ T8283] bridge0: port 2(bridge_slave_1) entered blocking state [ 387.613767][ T8283] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.625656][ T8283] bridge_slave_1: entered allmulticast mode [ 387.634846][ T8283] bridge_slave_1: entered promiscuous mode [ 387.676780][ T8358] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 387.732942][ T8417] loop4: detected capacity change from 0 to 512 [ 387.788835][ T8358] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 388.039453][ T8358] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 388.272332][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.285072][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.328067][ T5821] Bluetooth: hci2: command 0x0406 tx timeout [ 388.764465][ T8423] FAT-fs (loop4): error, invalid FAT chain (i_pos 51, last_block 64) [ 388.943155][ T8283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 389.075739][ T8283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 389.322885][ T8283] team0: Port device team_slave_0 added [ 389.388803][ T8283] team0: Port device team_slave_1 added [ 390.509241][ T8283] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 390.516258][ T8283] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 390.632724][ T8283] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 391.162052][ T8283] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 391.203214][ T8452] fuse: Bad value for 'fd' [ 391.217911][ T30] audit: type=1800 audit(2000000195.180:4): pid=8452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.640" name="file1" dev="tmpfs" ino=634 res=0 errno=0 [ 392.276742][ T8283] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 392.439471][ T8283] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 392.733234][ T8457] loop4: detected capacity change from 0 to 1024 [ 392.891633][ T8464] Driver unsupported XDP return value 0 on prog (id 68) dev N/A, expect packet loss! [ 393.627971][ T8457] EXT4-fs: Ignoring removed orlov option [ 393.729014][ T8457] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.765797][ T6311] bridge_slave_1: left allmulticast mode [ 393.788268][ T30] audit: type=1800 audit(2000000197.740:5): pid=8457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.643" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 393.789279][ T8457] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4214: comm syz.4.643: Allocating blocks 385-513 which overlap fs metadata [ 393.808679][ T6311] bridge_slave_1: left promiscuous mode [ 393.837244][ T8457] EXT4-fs (loop4): pa ffff888036556d98: logic 16, phys. 129, len 24 [ 393.845659][ T8457] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5464: group 0, free 0, pa_free 8 [ 393.891660][ T5909] Process accounting resumed [ 393.962153][ T6311] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.020103][ T8471] Process accounting resumed [ 394.031232][ T6311] bridge_slave_0: left allmulticast mode [ 394.076342][ T30] audit: type=1326 audit(2000000198.030:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.1.649" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81a259bf79 code=0x0 [ 394.086822][ T6311] bridge_slave_0: left promiscuous mode [ 394.106236][ T5825] Trying to write to read-only block-device loop4 [ 394.122349][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.162399][ T6311] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.872796][ T8491] fuse: Bad value for 'fd' [ 398.127172][ T6311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 398.317307][ T6311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 398.372575][ T8511] loop4: detected capacity change from 0 to 512 [ 398.440105][ T6311] bond0 (unregistering): Released all slaves [ 399.593399][ T8283] hsr_slave_0: entered promiscuous mode [ 399.641194][ T8283] hsr_slave_1: entered promiscuous mode [ 399.671234][ T8283] debugfs: 'hsr0' already exists in 'hsr' [ 399.708338][ T8283] Cannot create hsr debugfs directory [ 406.886782][ C1] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967292. macoff=76 [ 407.559580][ T8587] Invalid source name [ 407.563681][ T8587] UBIFS error (pid: 8587): cannot open "./file0", error -22 [ 408.951094][ T6311] hsr_slave_0: left promiscuous mode [ 409.296735][ T6311] hsr_slave_1: left promiscuous mode [ 409.303004][ T6311] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 409.311051][ T6311] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 410.287543][ T6311] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 410.294980][ T6311] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 410.717736][ T6311] veth1_macvtap: left promiscuous mode [ 410.746915][ T6311] veth0_macvtap: left promiscuous mode [ 410.784741][ T6311] veth1_vlan: left promiscuous mode [ 410.816766][ T6311] veth0_vlan: left promiscuous mode [ 411.354158][ T5909] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 412.490191][ T5909] usb 7-1: Using ep0 maxpacket: 16 [ 412.498414][ T5909] usb 7-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=a3.85 [ 412.507728][ T5909] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.730891][ T5909] usb 7-1: config 0 descriptor?? [ 413.580273][ T5909] usb 7-1: interface 1 not found [ 414.462458][ T5910] usb 7-1: USB disconnect, device number 2 [ 415.692841][ T6311] team0 (unregistering): Port device team_slave_1 removed [ 415.847689][ T6311] team0 (unregistering): Port device team_slave_0 removed [ 421.574840][ T8283] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 421.634574][ T8283] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 421.805931][ T8283] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 422.551010][ T8283] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 425.090052][ T8283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 426.249687][ T8283] 8021q: adding VLAN 0 to HW filter on device team0 [ 426.428585][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.435775][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 428.720018][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state [ 428.727248][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 430.348476][ T8808] loop6: detected capacity change from 0 to 256 [ 430.373676][ T8808] exfat: Deprecated parameter 'namecase' [ 430.382783][ T8808] exfat: Deprecated parameter 'namecase' [ 430.388919][ T8808] exfat: Deprecated parameter 'namecase' [ 431.731404][ T8808] exFAT-fs (loop6): Medium has reported failures. Some data may be lost. [ 431.776947][ T8808] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 434.263907][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 434.280564][ T5821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 434.289114][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 434.316038][ T5821] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 434.328236][ T5821] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 437.248100][ T5821] Bluetooth: hci1: command tx timeout [ 437.831065][ T8849] netlink: 'syz.1.736': attribute type 1 has an invalid length. [ 438.950376][ T5821] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 438.959988][ T5821] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 438.968546][ T5821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 438.997036][ T5821] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 439.008180][ T5821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 439.025951][ T8849] 8021q: adding VLAN 0 to HW filter on device bond1 [ 439.218160][ T8853] macvlan2: entered promiscuous mode [ 439.223515][ T8853] macvlan2: entered allmulticast mode [ 439.299115][ T5830] Bluetooth: hci1: command tx timeout [ 439.485813][ T8857] bond1: (slave ip6gretap1): making interface the new active one [ 439.508236][ T8857] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 439.683995][ T8867] netlink: 36 bytes leftover after parsing attributes in process `syz.2.738'. [ 439.749061][ T8867] netlink: 16 bytes leftover after parsing attributes in process `syz.2.738'. [ 439.827113][ T8867] netlink: 36 bytes leftover after parsing attributes in process `syz.2.738'. [ 440.036797][ T8867] netlink: 36 bytes leftover after parsing attributes in process `syz.2.738'. [ 442.176822][ T5830] Bluetooth: hci5: command tx timeout [ 442.183711][ T5830] Bluetooth: hci1: command tx timeout [ 442.190412][ T30] audit: type=1326 audit(2000000245.310:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8876 comm="syz.6.741" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b44f9bf79 code=0x0 [ 442.632144][ T8890] xt_CT: You must specify a L4 protocol and not use inversions on it [ 444.646500][ T5821] Bluetooth: hci1: command tx timeout [ 444.653250][ T5830] Bluetooth: hci5: command tx timeout [ 445.279854][ T8826] chnl_net:caif_netlink_parms(): no params data found [ 446.158208][ T8914] slcan: can't register candev [ 447.450888][ T5824] Bluetooth: hci5: command tx timeout [ 449.757259][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.763808][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.776701][ T5824] Bluetooth: hci5: command tx timeout [ 454.042222][ T8970] tipc: Enabling of bearer rejected, failed to enable media [ 454.117824][ T8976] overlayfs: failed to clone upperpath [ 454.132785][ T8826] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.163413][ T8826] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.196178][ T8826] bridge_slave_0: entered allmulticast mode [ 454.471303][ T8826] bridge_slave_0: entered promiscuous mode [ 454.496484][ T8826] bridge0: port 2(bridge_slave_1) entered blocking state [ 454.504172][ T8826] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.174141][ T8984] netlink: 14 bytes leftover after parsing attributes in process `syz.3.764'. [ 455.236878][ T8826] bridge_slave_1: entered allmulticast mode [ 455.258734][ T8826] bridge_slave_1: entered promiscuous mode [ 456.270637][ T8860] chnl_net:caif_netlink_parms(): no params data found [ 456.472641][ T8826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 457.350590][ T8826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 457.506878][ T6311] bridge_slave_1: left allmulticast mode [ 457.528633][ T6311] bridge_slave_1: left promiscuous mode [ 457.566854][ T6311] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.628072][ T6311] bridge_slave_0: left allmulticast mode [ 457.649962][ T6311] bridge_slave_0: left promiscuous mode [ 457.658173][ T6311] bridge0: port 1(bridge_slave_0) entered disabled state [ 458.877839][ T9033] netlink: 36 bytes leftover after parsing attributes in process `syz.2.774'. [ 458.898914][ T9033] netlink: 16 bytes leftover after parsing attributes in process `syz.2.774'. [ 458.908054][ T9033] netlink: 36 bytes leftover after parsing attributes in process `syz.2.774'. [ 458.917215][ T9033] netlink: 36 bytes leftover after parsing attributes in process `syz.2.774'. [ 460.404206][ T6311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 460.519158][ T6311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 460.555051][ T6311] bond0 (unregistering): Released all slaves [ 460.682261][ T9053] loop6: detected capacity change from 0 to 512 [ 461.477753][ T9054] 9p: Bad value for 'rfdno' [ 461.548762][ T9053] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 461.799971][ T9053] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 461.883130][ T8826] team0: Port device team_slave_0 added [ 462.003286][ T6311] hsr_slave_0: left promiscuous mode [ 462.029883][ T6311] hsr_slave_1: left promiscuous mode [ 462.043173][ T9053] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.053849][ T6311] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 462.328276][ T6311] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 464.682219][ T6311] team0 (unregistering): Port device team_slave_1 removed [ 464.729595][ T6311] team0 (unregistering): Port device team_slave_0 removed [ 467.418946][ T30] audit: type=1326 audit(2000000270.430:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9120 comm="syz.1.798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81a259bf79 code=0x0 [ 468.633533][ T8826] team0: Port device team_slave_1 added [ 468.987962][ T8860] bridge0: port 1(bridge_slave_0) entered blocking state [ 469.033700][ T8860] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.084344][ T8860] bridge_slave_0: entered allmulticast mode [ 469.283997][ T8860] bridge_slave_0: entered promiscuous mode [ 469.697640][ T8826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 469.740383][ T8826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 469.795366][ T8826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 469.809320][ T8860] bridge0: port 2(bridge_slave_1) entered blocking state [ 469.845107][ T8860] bridge0: port 2(bridge_slave_1) entered disabled state [ 469.858445][ T8860] bridge_slave_1: entered allmulticast mode [ 469.877255][ T8860] bridge_slave_1: entered promiscuous mode [ 469.957994][ T8826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 469.987524][ T8826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 470.087898][ T8826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 471.328307][ T8860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.379301][ T8860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 471.492413][ T8826] hsr_slave_0: entered promiscuous mode [ 471.532797][ T8826] hsr_slave_1: entered promiscuous mode [ 471.558946][ T8826] debugfs: 'hsr0' already exists in 'hsr' [ 471.564713][ T8826] Cannot create hsr debugfs directory [ 471.831013][ T8860] team0: Port device team_slave_0 added [ 471.850384][ T8860] team0: Port device team_slave_1 added [ 472.356251][ T6311] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 473.162850][ T8860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 473.402969][ T8860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 473.476635][ T8860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 474.526829][ T30] audit: type=1326 audit(2000000277.700:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9188 comm="syz.2.810" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fc579bf79 code=0x0 [ 474.601028][ T8860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 474.623341][ T8860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 474.659386][ T8860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 474.757801][ T6311] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 474.829542][ T9200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 474.938675][ T8860] hsr_slave_0: entered promiscuous mode [ 474.945399][ T8860] hsr_slave_1: entered promiscuous mode [ 474.954369][ T8860] debugfs: 'hsr0' already exists in 'hsr' [ 474.961710][ T9208] netlink: 8 bytes leftover after parsing attributes in process `syz.3.815'. [ 474.971283][ T8860] Cannot create hsr debugfs directory [ 475.766290][ T6311] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.913337][ T6311] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.235979][ T5824] Bluetooth: hci0: unexpected event for opcode 0x0c7b [ 479.696446][ T9252] netlink: 'syz.1.825': attribute type 3 has an invalid length. [ 479.704596][ T9252] netlink: 'syz.1.825': attribute type 3 has an invalid length. [ 479.723839][ T6311] bridge_slave_1: left allmulticast mode [ 479.743811][ T6311] bridge_slave_1: left promiscuous mode [ 479.760023][ T6311] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.776113][ T6311] bridge_slave_0: left allmulticast mode [ 479.782299][ T6311] bridge_slave_0: left promiscuous mode [ 479.788741][ T6311] bridge0: port 1(bridge_slave_0) entered disabled state [ 480.152081][ T6311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 480.164169][ T6311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 480.180673][ T6311] bond0 (unregistering): Released all slaves [ 480.500831][ T8826] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 480.513978][ T8826] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 480.529143][ T8826] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 480.545618][ T8826] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 480.583819][ T6311] hsr_slave_0: left promiscuous mode [ 480.589823][ T6311] hsr_slave_1: left promiscuous mode [ 480.601683][ T6311] veth1_macvtap: left promiscuous mode [ 480.611112][ T6311] veth0_macvtap: left promiscuous mode [ 480.616743][ T6311] veth1_vlan: left promiscuous mode [ 480.622040][ T6311] veth0_vlan: left promiscuous mode [ 480.844106][ T6311] team0 (unregistering): Port device team_slave_1 removed [ 480.862201][ T6311] team0 (unregistering): Port device team_slave_0 removed [ 481.083351][ T8860] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 481.104745][ T8860] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 481.141957][ T8860] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 481.158921][ T8860] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 481.289866][ T5824] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 481.301719][ T5824] Bluetooth: hci0: Injecting HCI hardware error event [ 481.311677][ T5830] Bluetooth: hci0: hardware error 0x00 [ 481.316530][ T6311] IPVS: stop unused estimator thread 0... [ 481.373272][ T8826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 481.444904][ T8826] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.498561][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.505774][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 481.551312][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.558565][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 481.621607][ T8860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 481.689420][ T8860] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.722420][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.729671][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 481.752099][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.759369][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 481.827261][ T8860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 482.164031][ T8826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 482.283367][ T8860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 482.737154][ T8826] veth0_vlan: entered promiscuous mode [ 482.752836][ T8826] veth1_vlan: entered promiscuous mode [ 482.850330][ T8826] veth0_macvtap: entered promiscuous mode [ 482.863318][ T8860] veth0_vlan: entered promiscuous mode [ 482.891070][ T8826] veth1_macvtap: entered promiscuous mode [ 482.913601][ T8860] veth1_vlan: entered promiscuous mode [ 482.942881][ T8826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 482.969712][ T8826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 482.990325][ T6574] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.002709][ T6574] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.020905][ T6574] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.031126][ T6574] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.071096][ T8860] veth0_macvtap: entered promiscuous mode [ 483.085112][ T8860] veth1_macvtap: entered promiscuous mode [ 483.191338][ T8860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 483.204414][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 483.223728][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 483.236526][ T8860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 483.292665][ T6574] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.313491][ T8358] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 483.314597][ T6574] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.331348][ T6574] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.337529][ T8358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 483.359567][ T6574] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.378358][ T5830] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 485.067002][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 485.074872][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 486.258733][ T3521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 486.276742][ T3521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 490.413578][ T30] audit: type=1326 audit(2000000293.660:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.8.826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c8ad9bf79 code=0x0 [ 492.135506][ T30] audit: type=1800 audit(2000000296.090:11): pid=9381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.829" name="bus" dev="ramfs" ino=21777 res=0 errno=0 [ 493.083245][ T9398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 495.735564][ T9434] netlink: 20 bytes leftover after parsing attributes in process `syz.6.841'. [ 502.854758][ T5824] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 502.906766][ T5824] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 502.917139][ T5824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 502.925664][ T5824] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 502.934340][ T5824] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 504.827483][ T9495] chnl_net:caif_netlink_parms(): no params data found [ 505.056883][ T5824] Bluetooth: hci4: command tx timeout [ 505.135638][ T9495] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.145982][ T9495] bridge0: port 1(bridge_slave_0) entered disabled state [ 505.153278][ T9495] bridge_slave_0: entered allmulticast mode [ 505.163508][ T9495] bridge_slave_0: entered promiscuous mode [ 505.173494][ T9495] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.181358][ T9495] bridge0: port 2(bridge_slave_1) entered disabled state [ 505.188672][ T9495] bridge_slave_1: entered allmulticast mode [ 505.198140][ T9495] bridge_slave_1: entered promiscuous mode [ 505.294874][ T9495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 505.309139][ T9495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 505.353606][ T9495] team0: Port device team_slave_0 added [ 505.362407][ T9495] team0: Port device team_slave_1 added [ 505.429646][ T6574] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 505.447962][ T9495] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 505.454914][ T9495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 505.481571][ T9495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 505.494904][ T9495] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 505.503210][ T9495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 505.531368][ T9495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 505.562647][ T6574] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 505.625933][ T9495] hsr_slave_0: entered promiscuous mode [ 505.632729][ T9495] hsr_slave_1: entered promiscuous mode [ 505.639299][ T9495] debugfs: 'hsr0' already exists in 'hsr' [ 505.645028][ T9495] Cannot create hsr debugfs directory [ 505.669206][ T6574] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 505.744806][ T6574] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 506.037760][ T6574] bridge_slave_1: left allmulticast mode [ 506.043458][ T6574] bridge_slave_1: left promiscuous mode [ 506.062720][ T6574] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.073801][ T6574] bridge_slave_0: left allmulticast mode [ 506.080008][ T6574] bridge_slave_0: left promiscuous mode [ 506.085840][ T6574] bridge0: port 1(bridge_slave_0) entered disabled state [ 506.318643][ T6574] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 506.337391][ T6574] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 506.353125][ T6574] bond0 (unregistering): Released all slaves [ 506.419646][ T9495] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 506.444691][ T9495] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 506.518798][ T9495] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 506.534257][ T9495] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 506.651241][ T6574] hsr_slave_0: left promiscuous mode [ 506.658689][ T6574] hsr_slave_1: left promiscuous mode [ 506.664775][ T6574] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 506.673093][ T6574] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 506.683104][ T6574] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 506.691060][ T6574] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 506.706747][ T6574] veth1_macvtap: left promiscuous mode [ 506.712250][ T6574] veth0_macvtap: left promiscuous mode [ 506.718379][ T6574] veth1_vlan: left promiscuous mode [ 506.723697][ T6574] veth0_vlan: left promiscuous mode [ 506.980810][ T6574] team0 (unregistering): Port device team_slave_1 removed [ 507.007726][ T6574] team0 (unregistering): Port device team_slave_0 removed [ 507.137894][ T5824] Bluetooth: hci4: command tx timeout [ 507.203980][ T9495] 8021q: adding VLAN 0 to HW filter on device bond0 [ 507.243077][ T9495] 8021q: adding VLAN 0 to HW filter on device team0 [ 507.261875][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.269086][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.332736][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.339963][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 507.745436][ T9495] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 508.155138][ T9495] veth0_vlan: entered promiscuous mode [ 508.170190][ T9495] veth1_vlan: entered promiscuous mode [ 508.219518][ T9495] veth0_macvtap: entered promiscuous mode [ 508.231628][ T9495] veth1_macvtap: entered promiscuous mode [ 508.258375][ T9495] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 508.275645][ T9495] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 508.295382][ T3521] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.308037][ T3521] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.319531][ T3521] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.331598][ T3521] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.448638][ T8358] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.456511][ T8358] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.514051][ T6574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.526130][ T6574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.738097][ T9595] Bluetooth: MGMT ver 1.23 [ 509.254792][ T5824] Bluetooth: hci4: command tx timeout [ 511.045058][ T30] audit: type=1326 audit(2000000314.920:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9619 comm="syz.9.865" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5728f9bf79 code=0x0 [ 511.533808][ T5824] Bluetooth: hci4: command tx timeout [ 511.567732][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.574658][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 520.499781][ T9701] netlink: 124 bytes leftover after parsing attributes in process `syz.9.889'. [ 520.509416][ T9701] netlink: 40 bytes leftover after parsing attributes in process `syz.9.889'. [ 521.510031][ T9713] fuse: Bad value for 'fd' [ 554.771921][ T30] audit: type=1800 audit(2000000358.710:13): pid=10014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.965" name="bus" dev="tmpfs" ino=93 res=0 errno=0 [ 560.771363][T10072] syz.2.978 (10072): attempted to duplicate a private mapping with mremap. This is not supported. [ 561.140548][T10078] netlink: 'syz.8.980': attribute type 1 has an invalid length. [ 562.124699][T10091] Bluetooth: MGMT ver 1.23 [ 564.985504][T10096] Bluetooth: hci5: command 0x0406 tx timeout [ 565.719199][T10096] Bluetooth: hci2: command 0x0406 tx timeout [ 565.746457][ T5830] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 569.302387][T10158] netlink: 'syz.9.997': attribute type 1 has an invalid length. [ 573.101921][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.117373][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 583.011743][T10244] loop9: detected capacity change from 0 to 512 [ 583.331897][T10244] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 583.400773][T10264] IPv6: NLM_F_CREATE should be specified when creating new route [ 583.409633][T10264] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 583.416902][T10264] IPv6: NLM_F_CREATE should be set when creating new route [ 583.571821][T10244] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 585.080766][ T9495] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.118480][T10272] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 585.304703][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 585.315337][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 585.326818][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 585.335729][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 585.346115][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 585.451919][ T30] audit: type=1326 audit(2000000389.410:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10271 comm="syz.3.1024" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f58af19bf79 code=0x0 [ 587.203649][T10301] netlink: 'syz.9.1026': attribute type 1 has an invalid length. [ 587.896377][ T5830] Bluetooth: hci1: command tx timeout [ 589.366356][T10278] chnl_net:caif_netlink_parms(): no params data found [ 590.256832][ T5830] Bluetooth: hci1: command tx timeout [ 590.496352][T10278] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.566546][T10278] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.132406][T10278] bridge_slave_0: entered allmulticast mode [ 591.231577][T10278] bridge_slave_0: entered promiscuous mode [ 591.529746][T10278] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.591800][T10333] IPv6: NLM_F_CREATE should be specified when creating new route [ 591.600645][T10333] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 591.607902][T10333] IPv6: NLM_F_CREATE should be set when creating new route [ 592.291344][T10278] bridge0: port 2(bridge_slave_1) entered disabled state [ 592.326716][ T5830] Bluetooth: hci1: command tx timeout [ 592.550876][T10278] bridge_slave_1: entered allmulticast mode [ 593.982765][T10278] bridge_slave_1: entered promiscuous mode [ 594.423468][ T5830] Bluetooth: hci1: command tx timeout [ 595.307043][T10353] [U]  [ 595.309863][T10353] [U] K{ [ 595.312896][T10353] [U] t 1ŠFfˊ`GJgo/mC [ 595.319962][T10353] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 595.335628][T10353] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 595.346197][T10353] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 595.383615][T10353] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 595.408172][T10353] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 595.419466][T10353] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 595.432540][T10353] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 595.626737][T10353] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 595.635359][T10353] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 595.649093][T10353] [U] 22Ʃx?0;3u [ 595.654700][T10353] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 595.681216][T10353] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 595.691141][T10353] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 595.699890][T10353] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 595.708112][T10353] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 595.722033][T10353] [U] ec [ 595.725178][T10353] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 596.748299][T10278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.049612][T10351] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 597.089889][T10278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 598.248542][T10278] team0: Port device team_slave_0 added [ 598.293899][T10278] team0: Port device team_slave_1 added [ 598.513963][T10278] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 598.536670][T10278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 598.603790][T10379] loop8: detected capacity change from 0 to 8 [ 598.620976][ T5830] Bluetooth: hci5: unexpected event for opcode 0x0803 [ 598.628131][T10278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 598.672015][T10379] SQUASHFS error: lzo decompression failed, data probably corrupt [ 598.698759][T10278] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 598.742489][T10379] SQUASHFS error: Failed to read block 0x91: -5 [ 598.792542][T10278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 599.136807][T10379] SQUASHFS error: Unable to read metadata cache entry [8f] [ 599.286285][T10390] netlink: 'syz.6.1045': attribute type 1 has an invalid length. [ 599.757319][T10379] SQUASHFS error: Unable to read inode 0x11f [ 599.766364][T10278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 599.844625][ T30] audit: type=1326 audit(2000000403.800:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.2.1046" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fc579bf79 code=0x0 [ 601.097805][T10278] hsr_slave_0: entered promiscuous mode [ 601.104719][T10278] hsr_slave_1: entered promiscuous mode [ 601.187665][T10278] debugfs: 'hsr0' already exists in 'hsr' [ 601.193504][T10278] Cannot create hsr debugfs directory [ 601.996340][T10421] xt_socket: unknown flags 0x50 [ 602.496669][ T30] audit: type=1326 audit(2000000406.450:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.6.1065" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b44f9bf79 code=0x0 [ 602.656839][ T5830] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 602.666434][ T5830] Bluetooth: hci5: Injecting HCI hardware error event [ 603.233785][ T5830] Bluetooth: hci5: hardware error 0x00 [ 603.783686][T10437] binder: BINDER_SET_CONTEXT_MGR already set [ 603.792415][T10437] binder: 10435:10437 ioctl 4018620d 200000004a80 returned -16 [ 604.615795][T10459] netlink: 'syz.8.1063': attribute type 1 has an invalid length. [ 606.127022][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 610.749951][ T30] audit: type=1326 audit(2000000414.630:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.8.1077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c8ad9bf79 code=0x0 [ 611.690354][T10278] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 611.954162][T10278] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 612.731284][T10278] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 612.897400][T10278] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 613.064157][T10520] loop9: detected capacity change from 0 to 4096 [ 613.973964][T10278] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.132053][T10278] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.179015][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.186235][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.232442][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.239700][ T6574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 621.250403][T10278] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 621.784203][T10278] veth0_vlan: entered promiscuous mode [ 622.088433][T10611] IPv6: NLM_F_CREATE should be specified when creating new route [ 622.097015][T10611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 622.104217][T10611] IPv6: NLM_F_CREATE should be set when creating new route [ 623.426847][T10618] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1095'. [ 623.816869][T10278] veth1_vlan: entered promiscuous mode [ 625.863726][ T5830] Bluetooth: hci4: command 0x0406 tx timeout [ 626.183751][T10629] loop9: detected capacity change from 0 to 256 [ 626.560871][T10635] dlm: no local IP address has been set [ 626.566907][T10635] dlm: cannot start dlm midcomms -107 [ 627.285660][T10278] veth0_macvtap: entered promiscuous mode [ 627.594280][T10278] veth1_macvtap: entered promiscuous mode [ 627.650912][T10278] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 628.192335][T10278] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 628.247520][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.256352][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.330532][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.381328][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 632.462077][ T6574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 632.529157][ T6574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 633.459877][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 633.497618][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.549527][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.555901][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 636.316462][T10699] netlink: 277 bytes leftover after parsing attributes in process `syz.9.1115'. [ 643.361186][T10755] loop9: detected capacity change from 0 to 512 [ 643.454236][T10755] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 643.552345][T10755] EXT4-fs error (device loop9): xattr_find_entry:337: inode #15: comm syz.9.1126: corrupted xattr entries [ 643.564433][T10755] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 643.579303][T10755] EXT4-fs warning (device loop9): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 643.608366][T10755] EXT4-fs (loop9): 1 orphan inode deleted [ 643.648214][T10755] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 644.111195][ T9495] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.449507][T10798] dlm: no local IP address has been set [ 647.455177][T10798] dlm: cannot start dlm midcomms -107 [ 650.481095][T10822] random: crng reseeded on system resumption [ 651.350674][T10826] loop8: detected capacity change from 0 to 164 [ 658.048012][T10880] netlink: 'syz.3.1158': attribute type 1 has an invalid length. [ 659.227999][T10893] dlm: no local IP address has been set [ 659.233621][T10893] dlm: cannot start dlm midcomms -107 [ 661.458194][T10889] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 662.838123][T10915] random: crng reseeded on system resumption [ 663.867291][T10898] veth3: entered promiscuous mode [ 664.855315][T10898] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 667.820522][T10964] hub 8-0:1.0: USB hub found [ 667.828830][T10964] hub 8-0:1.0: 1 port detected [ 673.398489][ T1106] ------------[ cut here ]------------ [ 673.404826][ T1106] time_after(jiffies, timeout) [ 673.404850][ T1106] WARNING: io_uring/io_uring.c:2341 at io_ring_exit_work+0x42d/0xcdb, CPU#0: kworker/u8:5/1106 [ 673.420445][ T1106] Modules linked in: [ 673.425803][ T1106] CPU: 0 UID: 0 PID: 1106 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) [ 673.435979][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 673.446190][ T1106] Workqueue: iou_exit io_ring_exit_work [ 673.452058][ T1106] RIP: 0010:io_ring_exit_work+0x42d/0xcdb [ 673.458088][ T1106] Code: 8e e8 77 25 3c 01 48 8b 05 d0 f5 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 3e cb d1 00 4d 85 ed 79 12 e8 54 d0 d1 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 42 d0 d1 00 48 8b 74 24 38 [ 673.477863][ T1106] RSP: 0018:ffffc90003ddfab0 EFLAGS: 00010293 [ 673.483965][ T1106] RAX: 0000000000000000 RBX: ffff8880321a6778 RCX: ffffffff81351cc2 [ 673.492012][ T1106] RDX: ffff888028a69e40 RSI: ffffffff81351ccc RDI: ffff888028a69e40 [ 673.500087][ T1106] RBP: ffffc90003ddfc40 R08: 0000000000000007 R09: 0000000000000000 [ 673.508174][ T1106] R10: fffffffffffffffd R11: 0000000000000000 R12: ffff8880321a6000 [ 673.516194][ T1106] R13: fffffffffffffffd R14: dffffc0000000000 R15: 0000000000000000 [ 673.524253][ T1106] FS: 0000000000000000(0000) GS:ffff88812439e000(0000) knlGS:0000000000000000 [ 673.533851][ T1106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 673.540914][ T1106] CR2: 00007f5728fe96c0 CR3: 000000005f787000 CR4: 0000000000350ef0 [ 673.548947][ T1106] Call Trace: [ 673.552240][ T1106] [ 673.555186][ T1106] ? __pfx_io_ring_exit_work+0x10/0x10 [ 673.560725][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.566433][ T1106] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 673.572390][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.578113][ T1106] ? debug_object_deactivate+0x2e4/0x3b0 [ 673.583804][ T1106] ? process_one_work+0x80b/0x1840 [ 673.589120][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.594826][ T1106] ? rcu_is_watching+0x12/0xc0 [ 673.599751][ T1106] process_one_work+0x9c2/0x1840 [ 673.604782][ T1106] ? __pfx_process_one_work+0x10/0x10 [ 673.610274][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.616003][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.621771][ T1106] worker_thread+0x5da/0xe40 [ 673.626524][ T1106] ? __pfx_worker_thread+0x10/0x10 [ 673.632455][ T1106] ? kthread+0x13a/0x450 [ 673.637172][ T1106] ? __pfx_worker_thread+0x10/0x10 [ 673.642340][ T1106] kthread+0x370/0x450 [ 673.646465][ T1106] ? __pfx_kthread+0x10/0x10 [ 673.651225][ T1106] ret_from_fork+0x754/0xd80 [ 673.655872][ T1106] ? __pfx_ret_from_fork+0x10/0x10 [ 673.661318][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.667029][ T1106] ? __switch_to+0x7b4/0x10c0 [ 673.671713][ T1106] ? __pfx_kthread+0x10/0x10 [ 673.676314][ T1106] ret_from_fork_asm+0x1a/0x30 [ 673.681187][ T1106] [ 673.684214][ T1106] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 673.691505][ T1106] CPU: 0 UID: 0 PID: 1106 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) [ 673.700976][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 673.711132][ T1106] Workqueue: iou_exit io_ring_exit_work [ 673.716727][ T1106] Call Trace: [ 673.720011][ T1106] [ 673.722968][ T1106] dump_stack_lvl+0x100/0x190 [ 673.727672][ T1106] vpanic+0x20d/0x630 [ 673.731673][ T1106] panic+0xd1/0xd1 [ 673.735397][ T1106] ? __pfx_panic+0x10/0x10 [ 673.739828][ T1106] ? check_panic_on_warn+0x1f/0x90 [ 673.744976][ T1106] check_panic_on_warn.cold+0x19/0x34 [ 673.750372][ T1106] ? io_ring_exit_work+0x42d/0xcdb [ 673.755500][ T1106] __warn.cold+0x191/0x2f8 [ 673.759921][ T1106] __report_bug+0x296/0x3d0 [ 673.764435][ T1106] ? io_ring_exit_work+0x42d/0xcdb [ 673.769561][ T1106] ? __pfx___report_bug+0x10/0x10 [ 673.774596][ T1106] ? irqentry_exit+0x180/0x670 [ 673.779377][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.785016][ T1106] ? lockdep_hardirqs_on+0x78/0x100 [ 673.790245][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.795987][ T1106] ? irqentry_exit+0x180/0x670 [ 673.800802][ T1106] ? io_ring_exit_work+0x42d/0xcdb [ 673.805940][ T1106] ? io_ring_exit_work+0x42d/0xcdb [ 673.811086][ T1106] report_bug+0xb2/0x220 [ 673.815390][ T1106] ? io_ring_exit_work+0x42d/0xcdb [ 673.820559][ T1106] handle_bug+0x166/0x2a0 [ 673.824903][ T1106] exc_invalid_op+0x17/0x50 [ 673.829425][ T1106] asm_exc_invalid_op+0x1a/0x20 [ 673.834313][ T1106] RIP: 0010:io_ring_exit_work+0x42d/0xcdb [ 673.840113][ T1106] Code: 8e e8 77 25 3c 01 48 8b 05 d0 f5 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 3e cb d1 00 4d 85 ed 79 12 e8 54 d0 d1 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 42 d0 d1 00 48 8b 74 24 38 [ 673.859752][ T1106] RSP: 0018:ffffc90003ddfab0 EFLAGS: 00010293 [ 673.865836][ T1106] RAX: 0000000000000000 RBX: ffff8880321a6778 RCX: ffffffff81351cc2 [ 673.873821][ T1106] RDX: ffff888028a69e40 RSI: ffffffff81351ccc RDI: ffff888028a69e40 [ 673.881797][ T1106] RBP: ffffc90003ddfc40 R08: 0000000000000007 R09: 0000000000000000 [ 673.889764][ T1106] R10: fffffffffffffffd R11: 0000000000000000 R12: ffff8880321a6000 [ 673.897819][ T1106] R13: fffffffffffffffd R14: dffffc0000000000 R15: 0000000000000000 [ 673.905792][ T1106] ? io_ring_exit_work+0x422/0xcdb [ 673.910914][ T1106] ? io_ring_exit_work+0x42c/0xcdb [ 673.916049][ T1106] ? __pfx_io_ring_exit_work+0x10/0x10 [ 673.921526][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.927165][ T1106] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 673.932984][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.938618][ T1106] ? debug_object_deactivate+0x2e4/0x3b0 [ 673.944275][ T1106] ? process_one_work+0x80b/0x1840 [ 673.949401][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.955043][ T1106] ? rcu_is_watching+0x12/0xc0 [ 673.959823][ T1106] process_one_work+0x9c2/0x1840 [ 673.964783][ T1106] ? __pfx_process_one_work+0x10/0x10 [ 673.970165][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.975816][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 673.981464][ T1106] worker_thread+0x5da/0xe40 [ 673.986071][ T1106] ? __pfx_worker_thread+0x10/0x10 [ 673.991191][ T1106] ? kthread+0x13a/0x450 [ 673.995442][ T1106] ? __pfx_worker_thread+0x10/0x10 [ 674.000561][ T1106] kthread+0x370/0x450 [ 674.004639][ T1106] ? __pfx_kthread+0x10/0x10 [ 674.009451][ T1106] ret_from_fork+0x754/0xd80 [ 674.014073][ T1106] ? __pfx_ret_from_fork+0x10/0x10 [ 674.019211][ T1106] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.024860][ T1106] ? __switch_to+0x7b4/0x10c0 [ 674.029544][ T1106] ? __pfx_kthread+0x10/0x10 [ 674.034157][ T1106] ret_from_fork_asm+0x1a/0x30 [ 674.038962][ T1106] [ 674.042572][ T1106] Kernel Offset: disabled [ 674.046902][ T1106] Rebooting in 86400 seconds..