last executing test programs: 2.5514582s ago: executing program 0 (id=1503): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x28f43000) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) get_mempolicy(0x0, 0x0, 0x10001, &(0x7f0000536000/0x1000)=nil, 0x3) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001500)=[@text16={0x10, &(0x7f0000001540)="ba4000ec0fc7ae7017360f01c4baf80c66b814a18b8b66efbafc0c66ed660fdde7baf80c66b86ca8428966efbafc0cec66b80a0000000f23d80f21f86635400000700f23f8b8e7008ed8660f6651590f01bbd0e7"}], 0x1, 0x72, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="865b883dae9f75f708e5d12bfa6614a97f9c38907bf84568b9dbf3fcd6efc0140a2fd75ff098c48edcc929a046eee8ebf4832c35c1eb0268052f19067d1e115e558e8e8b3e28613fe4e6c8c70df476640b950050547857b28ebd3b3193689bdd33cd39aecc75c05abffc05702b88aa4ed00357fd107bda014f261d025d91ab8632541046c66e542947e4c26284bcecf4d03bb50751c346ebac3470759b8967d0b09330e466dab3aeb558937a77c2913916080074de18ea9f812c3a3509958507188bc95ace7847dc803d6ec0ae13278145eb15485828f1eb6c0f77979529f3b583b0e5e114e0d232a52fa2978ac323346b8e13aee9685f2177a818ac3ee492450d4d970184e8b96319924fad345ddebf08d9ebdde58dac2460b5f0a7a7e98fc8b4486062326db660052ee6a79d9936e02b5a5cece230ccb6293198c81e72fb75001c1ef8d29baacd274ccd1b1139b0c65571e303daef6d1e76f79f875b0482cfe05546eb1de3f156273710670e11f600595f07cd55213f72221026495dd9d57236244637dc0c8c8edccfdcf7c1e45a99ca58838d4c3637b2c542596a95857c908e6f6ca8557e9823a4b4732fbe11cf9c1238ada93597c5e84477baf84e9f207561c90d1bb532e2893050aed21a5a30e6ecd7acccf4083e361e564b85dcbcf5bf1c4ae1cc84713d8b54f4dd564afbb2502f008e8d86e80b93eb916c97c9feed0ad24426f0ff19779fd7a93341c466d1dfd13dcb428c7078740463f0379e318ea40ae1bf52b25498e7453d1df83e3407e7fb1e6300ae50dba900ad0d9e7ec5e0df793b858afd5453ec3351a5164ff345d7a959781689d9fd368f5427e64a1c143722ddaf92a350e7750447229aed6fae016c18e5c2e3634caa321a33e757ce26003031bff7651aaf1c3c4bb16c3745c4caf562590823de7492bdf5d55a15d343af2759e3c1b6ad751b988d09675f0be988268ebfc120ac3027e1dfe5069759ee03694ce6791ef6f285e549e7e581f9eef179b9c61e96903332b04d520b63c6e0623afd1e723a4831851be1b9cf42c8b0c5fbd1523290ca5deac0c56978dfb2cb62e360e5f4673996c1ec7e0ce45a5b380412d3b80409e9b9f9cc12de3dd74a6eea6b9a9899bbd44df9b272239f4ac6b2d38f2029187ba34004f7bcd5b22132e98b98e0ff77e0808381d8a3459862a2f94b6e8de96ef35c76cb954bfde3fbe2385325415afdfe433d16c9de015b4428db1c110ebb951f5075472bf4eeca837d38634acc7b182f99c352d918c2d1808dae515a8c1da12732d1d94dd514d0de32bbc5e6145a2ca3ceac9bdf8b11e693c69a98210b5dbeb123cceb123814646ce2dac9de6d7adda51203575ef147f3178d59486270193b9a5e6814960b9244bf576b2415bff0a32a221e10018c4514f0bd60abbbbe8b6aa871faf7c8744b4e54be593e346879a7b128ed019f33f4278aaf4fdd9b91091a8c2d22db38a6775a837ad19ace20ee6e37eb73e9497ae4f99708305bc117678ca1f90b6b50fdf8005b4085cf1e70edad8ab92f94f8d4131faed482188c266e865feb146e12453a0f9750accc90957de9886afc4e75c98dc24acdc10a90f184e76d77b84179b915a08cd2cde6fed1606de9b837bb8548ec2dfe8b643382adcd29680a42c400e6b74196616d288ddf171af67b1e042af2ec63c3240a651e5f2be406a0053bf006715b03a7febc76d19d000f9899d03235d202d41ae447e2c32f5d40f1bc357291d99ec23d8e897922687f564a7ba4604777ca8a832161866fc714819fb4dc05d7e75ae7336d88049e8041181d8d9384d1dcab593e4780cdf4299a53e150cee0853a8c8178b2b829820a28107eb30725208bf853716b4a53953e84fe6b1e24369b8648bf786b6a59df8aa1d4d37f264d09cd3ac90b0581a170a37d77e7a4f05a624df2d279366678711bd6bff5ad00ec1e2a956bcf54be9f489986d34164c9605306650cb8b72da4298b40bcba706ab49d5960663fa55c0627e9db112abc2e775afb0e60e717fd148124adaaeb8b1b67457f1ae490addcb5774e0a776c47b45028d6e746fc772fa6785c292843b7ce1af161b584dfc40fca3266bd5084dfc4c421ff567f0c7e2e135edc5ff70443964e34625a2c718fe81697c390b12723c87a741756fc45490876e19b6be32d3b946716be7a2182cc8f93615c3164e509a0cc9936498d340825ed47d1ceac5639aec027795119dbc1152943bea58778934912b8654a4fbf96810a443869a71d7b20b17bb0770620232629e44a3213cfcb489b995822f9234a3ae91b1754a665e843244e89d7a22157d2f7828ba803e2d1e6a66479ad0f3c6a23df8db6d172462bad44454d9e6e3c1379440cb52d3ac726c068ad9eb4a0ec0fc3cdf3d5749441bfb5038b7aa9e2e200a32383078499be5a9d61a255166a905c3d713361d77574babc7ddeeb21b4070608212b5fcaa0e08530883092ee8751c6c2e02b9f5075873f650cb14ffee1e44000dce08844693ac9437d0676f9bb99991dc82db2b90bd02b4ebb66d7db7a07ab6768a1c6a10ce8692b9ad972c1221f3e436030616bc9fdb53bd59e9c0b63717bebe91da512c0698cac4099c63b8fa8653b3792c214f0021df3908a82efce71211cf0d158b9085cfa81f798d698aa74a828c5a9266250a163501a7844b26041a3172f12b66b36f634c9c95eda0b5054da805402ab9b26b6e9f607325ccd1f7b86bdb81d12b53c906b6149ca8e0d16d9a76c58cead8a00b9ee73ca35e867c0a66db03470714d5b38311917507d4c23194979143f59c77947bf46bc8b37c0e6bf4ffc860bb93419d93d1b108443f8d96b35ab31ac6b1b84114b3acde190f92e2daecceaca07b17a31b6b7bf08c0afe5f9e15482008e3230f5563089fc205a8968764f941738292652847c77924d1dd7f23752e0c4cbeee5c3b6831dfc8ef6a0e72f0975c6edb2f0a9c17a5dd5f51c17e2a08f49c57c9d1703ffdbe1a2f3f2ad1e917bd2fb22743b13cb9767a8e07f35177a97fe8b3d3ce744f06298b513f81a77033b8a22da8a4859412fe950c1d2e76866905e00e162c16fa5f4f043b0f4e6116a04c412a83214b900fcae6c7dac8cb5fc9001f087b9d2b7b11cddf941942d3a00d051a301c15acc018a0c2357e18a0ae157cb4bc418b2447c5668a1271f6e7aeb41fc9fe75da94a2d65aa353947fc50e22e8a3cdc2b7b448781615d22b234ede47ab7e6d9a5e3abd2b3e76b9630e53df17bc0bf3e9cf239e7b9423ab1a392e69c05d88a8427f18a93b8d2de128bebe6a5e882f6efae9ee10f025a62b30225ddfa587d408f6cce6af43fb3afea164866aa10351416633a2f0ece2cacd3d70057e27c70d10ae6d7e0477ce1579caf8c463c59a884b42d44666286fe3e835b86e07fe238c42d4924516f8a3b0a77361859ba636ceb8da488fd9516ce865b2544635350ae0413a1cc4e1ce58eb77f3f9c4b4ca2968626983431ad9187305b4b1eadd2ec625aaa9015cd38a8b5b492ec08d563c57977065162bd1c1b0251d5b8222d21106a81b7fb0ee60d46b442ac777448fb4044a73a0e1493413498070358c2830e9b4c9cf218bce6a6d04cef6a398bdc5a3d496571d95fd21f9ce9cfd356d753ee25eb320d9ad52452fe09c087d4bcdc5fb0453152fe6eb0d14f43099ef94a3ae32bf33b2a0888dbfc1f869e5a8d6e5b892c04e95c147d19a4c12044a81943f63395da3cc59195f0e7ced6ed5cb9d0e2ac657dfe043bdb2e11d07902b126170296d171e1aeda80c9e3d9194b5c5a4ebd325fa703b2120ddbd48c86c901171e47622f2a5a9e7e4d4a78f2ecc3a27307e4f29d162ba12ba5cc2afd8882a92c5e2dc71f9db8fa61acffc9143968b090639845d078a09692d4052fd15ec8acac640b11ede754024eaba3ec056cc324bd2189be80104be4786bb4dbfe8965379388df4cbf52ecd94fc81490efa015b48f0ebf130f8bd456c5d06d0383ca8e8497748cadabe14a26cba6615c2bc040b15e61b8abba71b04abfde527abaa031e0f54fa81d5b502c8efc499c167c857c519b492d696e68d067a54c0f5d5d7ca8508f7a52d54013dd8f3fbf4fcd8c2db7748e563471f45419d8b8ca7caa2a088890eea06ce884ef0126f5c66ee6e3ae8c8d9c0cbdea19c7608f4cbb8fcb3d3ccc4d82384916b09f366f817d011a883c71df497ec857984440bed8ae5b19a59fc09aa3cbea61636e2011790bec480c54243135739a8770a452e63fc80e86c753bcc33771e27a7d95a6e9bbe3448f6adbd5ffc5051e6f7ed975f88b4c40baba8bc8e9682074da6d8424edb1c7879969b508a4d4dfd582e24578850e8075a51720fc60d23de0ab766a36646b920915b8385c7b8d6dd7512723e79c8988c27d5e7d96f9d48c83c8153b28ab59a6eb982ffd4da9553e4ae861038b3ba38f8ad0ae8488d5131e57c8b60a5be9248cf2e0a94de6e2dc6cd4901ea684b7ef12deecb65b010e4ce1455a5d2662b3aedd1d7ab3ea8f5d4dcbff1d2db6410095a697be2aed4d85d8d7f0e9de55f1681728b8af51dc9759bbddc1751a99fc4aed9b21c33bcce48a233fb25d32d40ad253c89529f092fb796a857750de62735ceda71cbcc20e054a4838096bf951532d6709abe79f13af1712f5a442218147b9f796b8d01634dced1d0c684e99d977f345d5c432a67d2e3bf04d1312f098264f927df18421eb5e340302a6f51f9b40d9310e4a89df7fd08dc46b83b0241601c83971c1da7481e409df997fc5387b2535472d75c8ea22a1531a5d4b04d96120a1160d81e9219535e032348a093b4eddda03b7207971c33818e3d23167548a6120ba919076aa38d27e566819807169cd505d506e0aadf60c5f6f048dffcb0e7121910057d81be5ca85acf6e85b6d5a443d4931bd1444a73ee8cf06415e52aebc97b52785162bfa2c26d40eb30288f7293b0a3d68adf0f24173e158b1a7b24badc29ccf72bf327822ea19d66dfc3fe08868225c8e006b4e9ca2570623223259e09fe9f7d5e8246c6132505b0b54e257f1c936f8b1400c8714256be5640092da974fa1a1ef6ad16618d106dbae768011aa9f5b7ec6fdd8451c94a79e8a1799728180a23f9412dc9c4307fea6e50146ca00bcac7d012cb64981a90efd08fd9eae74b18188e72f53b20b0a748e38b888fd4ed1699da7eb9f2a3a09c007b66d4fb3d3ec5b795d389a6d240b56c37ea8d28aefccb3c3a749ae07b35fec2eba40a3580656d91fcecc8843efe1ebf2cca23bf4bacbc87d9887d6688e1fc3f6de4a5ff895e8cdd4026c98cc7c520627cff769ad98e123a7072f6412dc0993a99fd1a80dae184de8291e09f2008d5526b20fcd14fe5ba0ba4a26aac2d66fb519f39bb281e01e0fb91ab8eeb9d3747947ef027724c2f8c8a1a627c4bbc61d1011d125eedea2df6458bbec0df11137651e4396d59dacea1837cbdffccde082567e2b8dd8f36d9747783b880cde9065ccb10a8368ec9fe88a4d2734258cb356fca2e906828e84f753644e176092369eb6774ba1d715a2b98646bb8ead82edfc5787a12850af4ce14f5b22c8d6fd5f3d0c67fcd609908d05faa5023cb86afae876d974a3bfd353293e759e1bca931092f86bf3f3bcc98e4e834ee7b8ee29970a3e36f6a5045b96d1d84967ba1c0b49c0544e0019993cd2989fee4e742fd1e56025388f2382cace5272b31db16736903372ac29113b755e0c68bcf3d71516516f91e2257e1d3f36905bf892650c744783659e7561f5f7bf2a50cdce5e602da1a37bbaa642b1", 0x1000}], 0x1, &(0x7f00000011c0)=[@assoc={0x18, 0x117, 0x4, 0x3}, @iv={0xb0, 0x117, 0x2, 0x9a, "2cc313591d171aac1ccc05acde4e64f28f17c5f5e2826049b98af7fe581fb7fa59c47a6b6d615c8ff3d678a7d6a880e76bf0d43cdc498c88df5f364ba186bf03b107f6cb5e7457baf004a55b9f74b8a2841b77de7b6e65435b75b08cf4c553f4d706fd213afb4ea85f1559fa0ef39107dc967e96498a102f458fb7dfd8fc72f98f5cdaba6ebf90ffa73fa154654c3d1f8f016991a1307a0fd66b"}, @iv={0x80, 0x117, 0x2, 0x6a, "fa340b9877ee7fa3532dff6f7f3406e4571409c80bbc4fcd6d282d11fd26e8e254dc3b23a3e061ae729781161afccbb81a957c622cedcc6a41cb372b37887b1a05f73d625e856073d80afe0df47f68cd9a940b7a44e8d5598adf8dfe5339662bdc7fa8cb4ab20fef4915"}, @iv={0x100, 0x117, 0x2, 0xeb, "7443cb95bb67cb2f689546ea0f9ededcb9184226930ae1de000303b1a1c02e8f6d144d5f2ded4d806c490e8f6760aa1dfa2f5bf24c619f41542a8686fa0767a4cf15832de4a90053bc12acf1b24cb0ab1ec0c7b24d7b28597d7b2655ad5ad548a9720393d615a79296209b9e65d99e595eb8e619e782e8739b7d6cc4dd6c8c526f9b79635d48f2b7e463f55601e79beaf396dba340a743ea015691f92cbd58f68c9239a03f2ef0347c5a91480b0443942071c5e2c5e05b7223d31439df53dc3d531598469f35019bd5f6b436c75fc9ac8ee8551fa996f88f4f8613ef77a5b10f3673590489bb09a9e34775"}, @iv={0x80, 0x117, 0x2, 0x69, "37103ca4e05a6d34dabe9b88933cd8e45374326d216ddcd030c5d89824881d0025f04e6e9b3dc144d240713af89569bd1607b2f50b8aae5425ac77d039176def94024e98b5d69da3801d1661a2e257a8ece802d09228dc4afcc3ad70881858cf01b0a33b3586bd94d0"}, @iv={0x28, 0x117, 0x2, 0x13, "087224adcc12cfa16eed6e01377236866c9842"}], 0x2f0, 0x24004814}], 0x1, 0xe040) 2.54661433s ago: executing program 3 (id=1504): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) syz_emit_ethernet(0x19e, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6000000001683afffe8000000000000000000000000000aaff020000000000000000000000000001860090780000040000"], 0x0) 2.377092497s ago: executing program 3 (id=1505): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB='noswap,huge=never,nr_blocks=']) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, 0x0) 2.139825877s ago: executing program 3 (id=1509): r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003ac0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f00000014c0)=""/200, 0xc8}], 0x2}}], 0x1, 0x2, 0x0) 1.452213087s ago: executing program 2 (id=1516): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet(0x2, 0x2, 0x1) connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r2, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2004000) 1.352179002s ago: executing program 2 (id=1517): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB='noswap,huge=never,nr_blocks=']) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, 0x0) 1.147764171s ago: executing program 1 (id=1519): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000600)=0x9, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000600)=0x9, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x26}}], 0x10) listen(r1, 0x7) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x26}}], 0x10) listen(r0, 0x7) 1.14748859s ago: executing program 3 (id=1520): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x28) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000080)={0x40000009, 0xe74e, 0x80000006, 0x10009, 0x9, 0xed}) 1.122336332s ago: executing program 2 (id=1521): socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x28) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0x40000009, 0xe74e, 0x80000006, 0x10009, 0x9, 0xed}) 1.077921593s ago: executing program 1 (id=1522): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="28000000100001"], 0x28}], 0x1}, 0x0) 910.730591ms ago: executing program 1 (id=1523): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x6, 0x8}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4) sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) 792.212885ms ago: executing program 0 (id=1524): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0xa, 0x0, 0x300, 0x0, 0x10, 0x1, 0x2, 0xfffffffd, 0x4}}) 648.065292ms ago: executing program 0 (id=1525): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000005cc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x50, 0x3, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x409}]}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x3a}}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4884}, 0x4000) 629.882693ms ago: executing program 0 (id=1526): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988ca00", 0xf}, {&(0x7f0000000500)="e98314d58ce4b24ee137cea9c243c2", 0xf}], 0x2) 563.234155ms ago: executing program 1 (id=1527): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40004) 533.701747ms ago: executing program 3 (id=1528): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)={0x14, r3, 0x1, 0x0, 0x0, {0x1a}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) 482.624778ms ago: executing program 2 (id=1529): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x5c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x0, @loopback={0x2d21}}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}]}]}, 0x5c}}, 0x0) 363.104674ms ago: executing program 0 (id=1530): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0) 298.771047ms ago: executing program 1 (id=1531): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000003ac0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f00000014c0)=""/200, 0xc8}], 0x2}}], 0x1, 0x2, 0x0) 193.217781ms ago: executing program 3 (id=1532): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 164.503512ms ago: executing program 2 (id=1533): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0) 80.148007ms ago: executing program 1 (id=1534): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000005cc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x50, 0x3, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x409}]}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x3a}}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4884}, 0x4000) 79.404816ms ago: executing program 0 (id=1542): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket(0x2b, 0x1, 0x1) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x5) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=1535): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000040)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.77' (ED25519) to the list of known hosts. [ 75.048544][ T5778] cgroup: Unknown subsys name 'net' [ 75.211782][ T5778] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 76.914026][ T5778] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 79.002248][ T5790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.024289][ T5797] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.033131][ T5797] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.041355][ T5797] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.049368][ T5797] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.059949][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.084250][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.103958][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.111938][ T5804] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 79.119677][ T5802] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.139749][ T5803] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.141752][ T5802] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.147751][ T5803] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.155049][ T5805] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.162098][ T5803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.169575][ T5805] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.177581][ T5803] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.184090][ T5805] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.190378][ T5803] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.199872][ T5805] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 79.204270][ T5803] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.217877][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.226832][ T5104] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 79.237015][ T5803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.683664][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 79.895058][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 79.906169][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 79.970172][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.977454][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.985626][ T5788] bridge_slave_0: entered allmulticast mode [ 79.992760][ T5788] bridge_slave_0: entered promiscuous mode [ 80.012768][ T5794] chnl_net:caif_netlink_parms(): no params data found [ 80.035987][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.043885][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.051059][ T5788] bridge_slave_1: entered allmulticast mode [ 80.058358][ T5788] bridge_slave_1: entered promiscuous mode [ 80.168034][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.175493][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.182668][ T5793] bridge_slave_0: entered allmulticast mode [ 80.189886][ T5793] bridge_slave_0: entered promiscuous mode [ 80.199869][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.214334][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.242218][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.250000][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.257980][ T5793] bridge_slave_1: entered allmulticast mode [ 80.265621][ T5793] bridge_slave_1: entered promiscuous mode [ 80.332692][ T5788] team0: Port device team_slave_0 added [ 80.340186][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.348447][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.355754][ T5787] bridge_slave_0: entered allmulticast mode [ 80.363305][ T5787] bridge_slave_0: entered promiscuous mode [ 80.397234][ T5788] team0: Port device team_slave_1 added [ 80.403892][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.411095][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.419213][ T5787] bridge_slave_1: entered allmulticast mode [ 80.427408][ T5787] bridge_slave_1: entered promiscuous mode [ 80.447512][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.454732][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.461903][ T5794] bridge_slave_0: entered allmulticast mode [ 80.470321][ T5794] bridge_slave_0: entered promiscuous mode [ 80.480961][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.529228][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.537236][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.544868][ T5794] bridge_slave_1: entered allmulticast mode [ 80.552159][ T5794] bridge_slave_1: entered promiscuous mode [ 80.561206][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.583706][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.590697][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.616904][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.681752][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.688953][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.715766][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.736783][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.749870][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.767243][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.780561][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.792439][ T5793] team0: Port device team_slave_0 added [ 80.802271][ T5793] team0: Port device team_slave_1 added [ 80.914981][ T5794] team0: Port device team_slave_0 added [ 80.921696][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.928849][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.955795][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.968906][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.976487][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.002467][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.016808][ T5787] team0: Port device team_slave_0 added [ 81.025541][ T5787] team0: Port device team_slave_1 added [ 81.035687][ T5788] hsr_slave_0: entered promiscuous mode [ 81.042155][ T5788] hsr_slave_1: entered promiscuous mode [ 81.065199][ T5794] team0: Port device team_slave_1 added [ 81.146918][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.156792][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.183050][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.196268][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.203305][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.229733][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.282569][ T5793] hsr_slave_0: entered promiscuous mode [ 81.289360][ T5793] hsr_slave_1: entered promiscuous mode [ 81.296954][ T5793] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.304962][ T51] Bluetooth: hci2: command tx timeout [ 81.305188][ T51] Bluetooth: hci0: command tx timeout [ 81.316561][ T5790] Bluetooth: hci3: command tx timeout [ 81.322531][ T5793] Cannot create hsr debugfs directory [ 81.322681][ T5795] Bluetooth: hci1: command tx timeout [ 81.330231][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.340847][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.366868][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.408651][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.415803][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.441811][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.549281][ T5794] hsr_slave_0: entered promiscuous mode [ 81.556435][ T5794] hsr_slave_1: entered promiscuous mode [ 81.562617][ T5794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.570787][ T5794] Cannot create hsr debugfs directory [ 81.617502][ T5787] hsr_slave_0: entered promiscuous mode [ 81.624697][ T5787] hsr_slave_1: entered promiscuous mode [ 81.630930][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.639113][ T5787] Cannot create hsr debugfs directory [ 81.930798][ T5788] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.946642][ T5788] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.983456][ T5788] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 82.039971][ T5788] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 82.099145][ T5793] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.130287][ T5793] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.163701][ T5793] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.177144][ T5793] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.274062][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.287873][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.315703][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.332290][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.479017][ T5794] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 82.519223][ T5794] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 82.530574][ T5794] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 82.564334][ T5794] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.598396][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.676623][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.695421][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.749874][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.757251][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.772454][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.804744][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.812130][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.856991][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.864209][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.915484][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.922665][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.950005][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.000123][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.042357][ T5788] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 83.054728][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.121391][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.156318][ T1077] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.163571][ T1077] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.187171][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.206643][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.213877][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.259996][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.267239][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.286091][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.293330][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.374113][ T5795] Bluetooth: hci2: command tx timeout [ 83.387592][ T5794] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 83.389550][ T5795] Bluetooth: hci1: command tx timeout [ 83.399036][ T5794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.404529][ T51] Bluetooth: hci0: command tx timeout [ 83.419961][ T5790] Bluetooth: hci3: command tx timeout [ 83.467756][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.608769][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.641798][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.804560][ T5793] veth0_vlan: entered promiscuous mode [ 83.821209][ T5788] veth0_vlan: entered promiscuous mode [ 83.839920][ T5793] veth1_vlan: entered promiscuous mode [ 83.858026][ T5788] veth1_vlan: entered promiscuous mode [ 83.918725][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.947434][ T5788] veth0_macvtap: entered promiscuous mode [ 83.966694][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.978582][ T5788] veth1_macvtap: entered promiscuous mode [ 83.995479][ T5793] veth0_macvtap: entered promiscuous mode [ 84.020956][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.036105][ T5793] veth1_macvtap: entered promiscuous mode [ 84.061181][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.096858][ T5788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.107928][ T5788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.117726][ T5788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.126626][ T5788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.139732][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.151341][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.162740][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.195138][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.207895][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.220042][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.232110][ T5793] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.241495][ T5793] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.250984][ T5793] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.260000][ T5793] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.310180][ T5787] veth0_vlan: entered promiscuous mode [ 84.327105][ T5787] veth1_vlan: entered promiscuous mode [ 84.371151][ T5794] veth0_vlan: entered promiscuous mode [ 84.458924][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.483632][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.487325][ T5794] veth1_vlan: entered promiscuous mode [ 84.509617][ T5787] veth0_macvtap: entered promiscuous mode [ 84.520504][ T5787] veth1_macvtap: entered promiscuous mode [ 84.526831][ T1080] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.541020][ T1080] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.587190][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.606268][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.636673][ T5794] veth0_macvtap: entered promiscuous mode [ 84.649282][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.665917][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.676998][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.687815][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.700379][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.723283][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.731345][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.747896][ T5794] veth1_macvtap: entered promiscuous mode [ 84.775567][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.787746][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.798716][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.809780][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.821790][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.858207][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.868537][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.887377][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.918695][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.956468][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.983361][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.002197][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.026847][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.037488][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.048277][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.060314][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.145154][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.193178][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.208674][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.221596][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.232093][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.244034][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.256601][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.335898][ T5794] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.359062][ T5794] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.386846][ T5794] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.405595][ T5794] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.453378][ T5790] Bluetooth: hci1: command tx timeout [ 85.458867][ T5790] Bluetooth: hci3: command tx timeout [ 85.464529][ T51] Bluetooth: hci0: command tx timeout [ 85.465147][ T5795] Bluetooth: hci2: command tx timeout [ 85.606666][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.620377][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.697872][ T3460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.728103][ T3460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.808992][ T1080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.833633][ T1080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.940128][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.971327][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.386318][ T5907] capability: warning: `syz.1.2' uses deprecated v2 capabilities in a way that may be insecure [ 87.202425][ T5929] tipc: Enabling of bearer rejected, failed to enable media [ 87.418054][ T27] audit: type=1326 audit(1763596140.990:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.468697][ T27] audit: type=1326 audit(1763596141.000:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.492333][ T27] audit: type=1326 audit(1763596141.030:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.533403][ T5795] Bluetooth: hci3: command tx timeout [ 87.538926][ T5803] Bluetooth: hci0: command tx timeout [ 87.538979][ T51] Bluetooth: hci1: command tx timeout [ 87.552863][ T5790] Bluetooth: hci2: command tx timeout [ 87.598121][ T27] audit: type=1326 audit(1763596141.030:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.713262][ T27] audit: type=1326 audit(1763596141.030:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.785469][ T27] audit: type=1326 audit(1763596141.030:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.882896][ T27] audit: type=1326 audit(1763596141.030:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 87.973784][ T27] audit: type=1326 audit(1763596141.040:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 88.087045][ T27] audit: type=1326 audit(1763596141.040:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 88.153178][ T27] audit: type=1326 audit(1763596141.040:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 88.910707][ T5979] syz.2.40[5979]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 88.992396][ T5979] loop2: detected capacity change from 0 to 256 [ 89.221923][ T5988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.46'. [ 89.261227][ T5979] FAT-fs (loop2): Directory bread(block 64) failed [ 89.319711][ T5979] FAT-fs (loop2): Directory bread(block 65) failed [ 89.354852][ T5979] FAT-fs (loop2): Directory bread(block 66) failed [ 89.361647][ T5979] FAT-fs (loop2): Directory bread(block 67) failed [ 89.369064][ T5979] FAT-fs (loop2): Directory bread(block 68) failed [ 89.377054][ T5979] FAT-fs (loop2): Directory bread(block 69) failed [ 89.385977][ T5979] FAT-fs (loop2): Directory bread(block 70) failed [ 89.431403][ T5979] FAT-fs (loop2): Directory bread(block 71) failed [ 89.463010][ T5979] FAT-fs (loop2): Directory bread(block 72) failed [ 89.502924][ T5979] FAT-fs (loop2): Directory bread(block 73) failed [ 89.626291][ T5851] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 89.841068][ T5851] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 89.872105][ T5851] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.914466][ T5851] usb 2-1: config 0 descriptor?? [ 91.769025][ T5851] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71 [ 91.793445][ T5851] asix: probe of 2-1:0.0 failed with error -71 [ 91.836001][ T5851] usb 2-1: USB disconnect, device number 2 [ 92.189851][ T787] cfg80211: failed to load regulatory.db [ 92.663055][ T28] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 92.855488][ T28] usb 4-1: config index 0 descriptor too short (expected 28277, got 36) [ 92.883032][ T28] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 92.915332][ T28] usb 4-1: config 0 has no interfaces? [ 92.932098][ T28] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 92.961839][ T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.986789][ T28] usb 4-1: config 0 descriptor?? [ 93.821699][ T28] kernel write not supported for file bpf-prog (pid: 28 comm: kworker/1:1) [ 94.025828][ T6054] overlayfs: missing 'lowerdir' [ 94.363406][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.460760][ T6062] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.803107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.823170][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.833208][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.842522][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 95.123240][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.248548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 95.317518][ T28] usb 4-1: USB disconnect, device number 2 [ 95.605371][ T6075] overlayfs: missing 'lowerdir' [ 95.670993][ T6077] loop3: detected capacity change from 0 to 128 [ 95.693278][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.774390][ T6077] ======================================================= [ 95.774390][ T6077] WARNING: The mand mount option has been deprecated and [ 95.774390][ T6077] and is ignored by this kernel. Remove the mand [ 95.774390][ T6077] option from the mount to silence this warning. [ 95.774390][ T6077] ======================================================= [ 95.982502][ T6077] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 96.485593][ T6099] overlayfs: missing 'lowerdir' [ 97.095773][ T6121] overlay: Unknown parameter '/' [ 97.143194][ T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 97.346369][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 97.377434][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 97.404439][ T8] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 97.408261][ T6134] bridge0: port 3(bond0) entered blocking state [ 97.424682][ T6134] bridge0: port 3(bond0) entered disabled state [ 97.426368][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 97.431348][ T6134] bond0: entered allmulticast mode [ 97.449550][ T6134] bond_slave_0: entered allmulticast mode [ 97.455317][ T8] usb 3-1: SerialNumber: syz [ 97.460991][ T6134] bond_slave_1: entered allmulticast mode [ 97.476506][ T6134] bond0: entered promiscuous mode [ 97.503458][ T6134] bond_slave_0: entered promiscuous mode [ 97.512729][ T6134] bond_slave_1: entered promiscuous mode [ 97.529849][ T6134] bridge0: port 3(bond0) entered blocking state [ 97.536534][ T6134] bridge0: port 3(bond0) entered forwarding state [ 97.727058][ T8] usb 3-1: 0:2 : does not exist [ 97.747505][ T8] usb 3-1: unit 5: unexpected type 0x0a [ 97.782936][ T8] usb 3-1: USB disconnect, device number 2 [ 97.850622][ T6141] udevd[6141]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 98.052295][ T6149] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.421611][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 98.421627][ T27] audit: type=1326 audit(2000000008.730:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.498425][ T27] audit: type=1326 audit(2000000008.730:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.562980][ T27] audit: type=1326 audit(2000000008.740:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.723162][ T27] audit: type=1326 audit(2000000008.740:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.803292][ T27] audit: type=1326 audit(2000000008.760:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.904173][ T27] audit: type=1326 audit(2000000008.760:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 98.992949][ T27] audit: type=1326 audit(2000000008.760:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 99.079046][ T27] audit: type=1326 audit(2000000008.760:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 99.160588][ T27] audit: type=1326 audit(2000000008.770:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 99.229496][ T27] audit: type=1326 audit(2000000008.770:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 99.903534][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.443107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.749077][ T6267] loop0: detected capacity change from 0 to 2048 [ 102.790899][ T6267] EXT4-fs: Ignoring removed nomblk_io_submit option [ 102.924643][ T6267] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.145655][ T6286] netlink: 60 bytes leftover after parsing attributes in process `syz.2.174'. [ 103.196692][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.374569][ T6292] netlink: 72 bytes leftover after parsing attributes in process `syz.0.178'. [ 104.201473][ T6321] netlink: 12 bytes leftover after parsing attributes in process `syz.2.190'. [ 104.248186][ T6323] process 'syz.3.188' launched './file0' with NULL argv: empty string added [ 105.127941][ T6355] dummy0: entered allmulticast mode [ 105.161083][ T6354] dummy0: left allmulticast mode [ 105.663878][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 105.663892][ T27] audit: type=1326 audit(2000000015.980:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 105.780549][ T27] audit: type=1326 audit(2000000016.010:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 105.844839][ T27] audit: type=1326 audit(2000000016.010:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a4b8f749 code=0x7ffc0000 [ 106.321923][ T27] audit: type=1326 audit(2000000016.630:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f518f749 code=0x7ffc0000 [ 106.432891][ T27] audit: type=1326 audit(2000000016.640:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fd5f518f749 code=0x7ffc0000 [ 106.495164][ T27] audit: type=1326 audit(2000000016.640:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f518f749 code=0x7ffc0000 [ 106.557538][ T6408] netlink: 228 bytes leftover after parsing attributes in process `syz.2.231'. [ 106.561565][ T27] audit: type=1326 audit(2000000016.640:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f518f749 code=0x7ffc0000 [ 106.919129][ T6419] loop0: detected capacity change from 0 to 256 [ 107.012078][ T6419] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 107.999672][ T6461] loop2: detected capacity change from 0 to 7 [ 108.026235][ T6461] Dev loop2: unable to read RDB block 7 [ 108.033434][ T6461] loop2: unable to read partition table [ 108.039427][ T6461] loop2: partition table beyond EOD, truncated [ 108.046351][ T6461] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 108.978530][ T6497] overlay: Unknown parameter '/C][IjJ {eJv z/@F7G!I$@V\' [ 110.306893][ T6544] loop0: detected capacity change from 0 to 512 [ 110.348836][ T6544] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 110.901514][ T6565] warning: `syz.2.308' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 111.414998][ T6582] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.461037][ T6585] syz.3.319 uses obsolete (PF_INET,SOCK_PACKET) [ 111.969966][ T6600] vivid-000: disconnect [ 112.477051][ T6594] vivid-000: reconnect [ 113.056912][ T6618] Zero length message leads to an empty skb [ 113.385830][ T6601] loop0: detected capacity change from 0 to 32768 [ 113.476914][ T6601] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 113.703178][ T6601] XFS (loop0): Ending clean mount [ 113.968266][ T6651] loop2: detected capacity change from 0 to 256 [ 114.025064][ T6651] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 114.100444][ T5787] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 114.480697][ T6665] loop3: detected capacity change from 0 to 256 [ 114.550548][ T6665] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.519536][ T27] audit: type=1326 audit(2000000025.830:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.368" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd5f518f749 code=0x0 [ 115.629920][ T6705] loop0: detected capacity change from 0 to 256 [ 115.663646][ T6705] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.692604][ T6710] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.372'. [ 115.722949][ T6710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.372'. [ 115.922237][ T6716] capability: warning: `syz.1.375' uses 32-bit capabilities (legacy support in use) [ 116.019176][ T6718] netlink: 200 bytes leftover after parsing attributes in process `syz.0.376'. [ 116.525033][ T6736] netlink: 580 bytes leftover after parsing attributes in process `syz.3.385'. [ 116.653162][ T5851] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 116.883252][ T5851] usb 1-1: Using ep0 maxpacket: 32 [ 116.895772][ T5851] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 116.905671][ T5851] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.916050][ T5851] usb 1-1: Product: syz [ 116.920270][ T5851] usb 1-1: Manufacturer: syz [ 116.925398][ T5851] usb 1-1: SerialNumber: syz [ 116.945871][ T5851] usb 1-1: config 0 descriptor?? [ 116.972010][ T5851] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 118.016514][ T6789] loop2: detected capacity change from 0 to 256 [ 118.041610][ T6789] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 118.801491][ T5851] gspca_ov534_9: reg_w failed -71 [ 118.854285][ T6817] loop2: detected capacity change from 0 to 1024 [ 118.942381][ T6817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.009807][ T6817] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.173559][ T5851] gspca_ov534_9: Unknown sensor 0000 [ 119.173656][ T5851] ov534_9: probe of 1-1:0.0 failed with error -22 [ 119.197960][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.223572][ T5851] usb 1-1: USB disconnect, device number 2 [ 119.454714][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 119.672916][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 119.699148][ T9] usb 4-1: config 1 interface 0 altsetting 220 endpoint 0x1 has invalid wMaxPacketSize 0 [ 119.720459][ T9] usb 4-1: config 1 interface 0 altsetting 220 bulk endpoint 0x1 has invalid maxpacket 0 [ 119.751863][ T9] usb 4-1: config 1 interface 0 altsetting 220 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 119.801208][ T9] usb 4-1: config 1 interface 0 has no altsetting 0 [ 119.810466][ T6851] loop0: detected capacity change from 0 to 1024 [ 119.826083][ T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 119.837164][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.864541][ T9] usb 4-1: Product: syz [ 119.868772][ T9] usb 4-1: Manufacturer: syz [ 119.900656][ T9] usb 4-1: SerialNumber: syz [ 120.169786][ T9] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 220 proto 1 vid 0x0525 pid 0xA4A8 [ 120.201039][ T12] hfsplus: bad catalog file entry [ 120.212481][ T12] hfsplus: b-tree write err: -5, ino 3 [ 121.020243][ T6880] netlink: 44 bytes leftover after parsing attributes in process `syz.1.445'. [ 121.029870][ T6880] netlink: 43 bytes leftover after parsing attributes in process `syz.1.445'. [ 121.040720][ T6880] netlink: 'syz.1.445': attribute type 6 has an invalid length. [ 121.049918][ T6880] netlink: 'syz.1.445': attribute type 5 has an invalid length. [ 121.059326][ T6880] netlink: 43 bytes leftover after parsing attributes in process `syz.1.445'. [ 123.270274][ T6918] cgroup: fork rejected by pids controller in /syz0 [ 124.146890][ T6982] loop0: detected capacity change from 0 to 512 [ 124.163014][ T6982] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 124.239299][ T6982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.353689][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.473713][ T28] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 124.682979][ T28] usb 3-1: Using ep0 maxpacket: 8 [ 124.702574][ T28] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 124.736958][ T28] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.747885][ T28] usb 3-1: Product: syz [ 124.752113][ T28] usb 3-1: Manufacturer: syz [ 124.772311][ T28] usb 3-1: SerialNumber: syz [ 124.800634][ T28] usb 3-1: config 0 descriptor?? [ 124.848399][ T28] gspca_main: se401-2.14.0 probing 047d:5003 [ 124.878843][ T7003] netlink: 76 bytes leftover after parsing attributes in process `syz.1.488'. [ 124.999241][ T7007] netlink: 'syz.1.489': attribute type 4 has an invalid length. [ 125.376057][ T6832] usblp0:failed reading printer status (-110) [ 125.441928][ T786] usb 4-1: USB disconnect, device number 3 [ 125.467544][ T786] usblp0: removed [ 125.924796][ T28] gspca_se401: read req failed req 0x06 error -19 [ 125.932221][ T7027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'. [ 125.975975][ T28] usb 3-1: USB disconnect, device number 3 [ 127.593851][ T7077] loop1: detected capacity change from 0 to 256 [ 127.813470][ T7083] netlink: 'syz.0.522': attribute type 4 has an invalid length. [ 127.815020][ T7077] FAT-fs (loop1): Directory bread(block 64) failed [ 127.834220][ T7083] netlink: 3649 bytes leftover after parsing attributes in process `syz.0.522'. [ 127.846715][ T7077] FAT-fs (loop1): Directory bread(block 65) failed [ 127.881694][ T7077] FAT-fs (loop1): Directory bread(block 66) failed [ 127.902146][ T7077] FAT-fs (loop1): Directory bread(block 67) failed [ 127.942009][ T7077] FAT-fs (loop1): Directory bread(block 68) failed [ 127.959754][ T7077] FAT-fs (loop1): Directory bread(block 69) failed [ 127.982475][ T7077] FAT-fs (loop1): Directory bread(block 70) failed [ 128.012471][ T7077] FAT-fs (loop1): Directory bread(block 71) failed [ 128.035362][ T7077] FAT-fs (loop1): Directory bread(block 72) failed [ 128.056008][ T7077] FAT-fs (loop1): Directory bread(block 73) failed [ 128.138343][ T7088] kvm: pic: non byte read [ 128.153445][ T7088] kvm: pic: non byte read [ 128.158000][ T7088] kvm: pic: non byte read [ 128.162478][ T7088] kvm: pic: non byte read [ 128.192251][ T7088] kvm: pic: non byte read [ 128.199899][ T7088] kvm: pic: non byte read [ 128.222998][ T7088] kvm: pic: non byte read [ 128.233037][ T7088] kvm: pic: non byte read [ 128.241903][ T7088] kvm: pic: non byte read [ 128.253417][ T7088] kvm: pic: non byte read [ 128.828276][ T7106] loop3: detected capacity change from 0 to 1024 [ 128.939593][ T7106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.963065][ T7106] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.200572][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.270380][ T7118] loop0: detected capacity change from 0 to 256 [ 129.318082][ T7118] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 129.950659][ T7137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.547'. [ 130.137809][ T27] audit: type=1326 audit(2000000040.440:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 130.191722][ T7142] 8021q: VLANs not supported on lo [ 130.202961][ T27] audit: type=1326 audit(2000000040.450:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 130.275757][ T27] audit: type=1326 audit(2000000040.450:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 130.354081][ T27] audit: type=1326 audit(2000000040.450:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7ffc0000 [ 130.870562][ T7161] loop0: detected capacity change from 0 to 256 [ 130.901551][ T7162] x_tables: duplicate underflow at hook 1 [ 130.919350][ T7161] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 131.967340][ T7185] netlink: 'syz.0.569': attribute type 28 has an invalid length. [ 132.933133][ T7216] netlink: 12 bytes leftover after parsing attributes in process `syz.3.575'. [ 133.140441][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.152986][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.586902][ T7244] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.581'. [ 133.628584][ T7244] netlink: 24 bytes leftover after parsing attributes in process `syz.3.581'. [ 135.073052][ T7273] netlink: 16 bytes leftover after parsing attributes in process `syz.2.596'. [ 135.104780][ T7273] tipc: Enabling of bearer rejected, failed to enable media [ 135.637346][ T7300] loop3: detected capacity change from 0 to 1024 [ 135.694540][ T7300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.749336][ T7300] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.802935][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 135.848711][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.998287][ T7314] loop3: detected capacity change from 0 to 256 [ 136.016318][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 136.029747][ T7314] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 136.033336][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 136.069149][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 136.101534][ T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 136.122925][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.131923][ T9] usb 1-1: Product: syz [ 136.138508][ T9] usb 1-1: Manufacturer: syz [ 136.144165][ T9] usb 1-1: SerialNumber: syz [ 136.368440][ T9] usb 1-1: 0:2 : does not exist [ 136.396060][ T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 136.432943][ T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 136.475251][ T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 136.542693][ T9] usb 1-1: USB disconnect, device number 3 [ 136.579148][ T7328] loop1: detected capacity change from 0 to 1024 [ 136.592579][ T6141] udevd[6141]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 136.629797][ T7328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.650234][ T7328] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.755271][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.841048][ T7335] loop3: detected capacity change from 0 to 256 [ 136.907270][ T7335] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 138.792270][ T7400] loop3: detected capacity change from 0 to 256 [ 138.853587][ T7400] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 139.610962][ T7430] A link change request failed with some changes committed already. Interface vlan2 may have been left with an inconsistent configuration, please check. [ 140.314142][ T28] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 140.410087][ T7464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.681'. [ 140.522909][ T28] usb 4-1: Using ep0 maxpacket: 32 [ 140.530484][ T28] usb 4-1: config 0 has an invalid interface number: 196 but max is 0 [ 140.546785][ T28] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 140.563142][ T28] usb 4-1: config 0 has no interface number 0 [ 140.579795][ T28] usb 4-1: config 0 interface 196 altsetting 1 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 140.602649][ T28] usb 4-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 140.604513][ T7472] netlink: 152 bytes leftover after parsing attributes in process `syz.2.684'. [ 140.618962][ T28] usb 4-1: config 0 interface 196 has no altsetting 0 [ 140.655992][ T28] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 140.680904][ T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.690093][ T28] usb 4-1: Product: syz [ 140.695401][ T28] usb 4-1: Manufacturer: syz [ 140.707801][ T28] usb 4-1: SerialNumber: syz [ 140.736100][ T28] usb 4-1: config 0 descriptor?? [ 140.947711][ T28] ipheth 4-1:0.196: Unable to find endpoints [ 140.974376][ T28] usb 4-1: USB disconnect, device number 4 [ 142.230667][ T7524] netlink: 24 bytes leftover after parsing attributes in process `syz.2.707'. [ 142.332673][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'. [ 142.369095][ T7527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.710'. [ 142.409582][ T7530] loop3: detected capacity change from 0 to 256 [ 142.633104][ T7530] FAT-fs (loop3): Directory bread(block 64) failed [ 142.688896][ T7530] FAT-fs (loop3): Directory bread(block 65) failed [ 142.715801][ T7530] FAT-fs (loop3): Directory bread(block 66) failed [ 142.744194][ T7530] FAT-fs (loop3): Directory bread(block 67) failed [ 142.751498][ T7530] FAT-fs (loop3): Directory bread(block 68) failed [ 142.758989][ T7530] FAT-fs (loop3): Directory bread(block 69) failed [ 142.767519][ T7530] FAT-fs (loop3): Directory bread(block 70) failed [ 142.774191][ T7530] FAT-fs (loop3): Directory bread(block 71) failed [ 142.780847][ T7530] FAT-fs (loop3): Directory bread(block 72) failed [ 142.788355][ T7530] FAT-fs (loop3): Directory bread(block 73) failed [ 143.645139][ T7565] netlink: 'syz.1.728': attribute type 10 has an invalid length. [ 143.737202][ T7565] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 143.764257][ T7565] team0: Failed to send options change via netlink (err -105) [ 143.793988][ T7565] team0: Port device dummy0 added [ 144.149995][ T7575] loop1: detected capacity change from 0 to 512 [ 144.165768][ T7575] EXT4-fs: Ignoring removed nobh option [ 144.200753][ T7575] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 144.308149][ T7575] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #3: comm syz.1.732: corrupted inode contents [ 144.337232][ T7575] EXT4-fs (loop1): Remounting filesystem read-only [ 144.430132][ T7575] Quota error (device loop1): write_blk: dquota write failed [ 144.443003][ T7575] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 144.463758][ T7575] EXT4-fs (loop1): 1 truncate cleaned up [ 144.470803][ T7575] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.512995][ T7575] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.896468][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.584459][ T7613] 9pnet_fd: p9_fd_create_unix (7613): problem connecting socket: ./file0: -30 [ 146.025052][ T27] audit: type=1326 audit(2000000056.340:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7620 comm="syz.2.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7fc00000 [ 146.653672][ T27] audit: type=1326 audit(2000000056.960:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7620 comm="syz.2.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffb24d8f749 code=0x7fc00000 [ 147.463657][ T7644] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 147.470332][ T7644] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 147.552400][ T7644] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 147.593831][ T7644] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.615337][ T7644] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 147.647995][ T7644] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 147.709459][ T7644] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.728195][ T7644] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 147.768623][ T7644] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 147.792433][ T7644] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.809133][ T7644] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 147.875802][ T7644] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 148.351730][ T7692] loop2: detected capacity change from 0 to 256 [ 148.387625][ T7692] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 148.814381][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.074415][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 149.262880][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 149.278316][ T8] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 149.290143][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 149.324324][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 149.347944][ T8] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 149.357551][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.379315][ T8] usb 3-1: Product: syz [ 149.389665][ T8] usb 3-1: Manufacturer: syz [ 149.400076][ T8] usb 3-1: SerialNumber: syz [ 149.615317][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.779404][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.836507][ T8] usb 3-1: 0:2 : does not exist [ 149.862901][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.060651][ T7734] loop3: detected capacity change from 0 to 512 [ 150.078450][ T7734] EXT4-fs: Ignoring removed nobh option [ 150.152221][ T7734] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #3: comm syz.3.808: corrupted inode contents [ 150.179257][ T7734] EXT4-fs (loop3): Remounting filesystem read-only [ 150.224243][ T7734] Quota error (device loop3): write_blk: dquota write failed [ 150.232004][ T7734] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 150.313884][ T7734] EXT4-fs (loop3): 1 truncate cleaned up [ 150.321366][ T7734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.364419][ T7734] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 150.524816][ T8] usb 3-1: USB disconnect, device number 4 [ 150.708573][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.893029][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.700027][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.852942][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.936157][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 152.565005][ T7802] sit0: entered promiscuous mode [ 152.605834][ T7802] netlink: 'syz.3.832': attribute type 1 has an invalid length. [ 152.642922][ T7802] netlink: 1 bytes leftover after parsing attributes in process `syz.3.832'. [ 152.982104][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.782977][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.824974][ T7836] loop3: detected capacity change from 0 to 1024 [ 153.832654][ T7836] hfsplus: invalid gid specified [ 153.856961][ T7836] hfsplus: unable to parse mount options [ 153.932961][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.937992][ T7838] input: syz1 as /devices/virtual/input/input5 [ 154.017817][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.462920][ T28] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 154.678276][ T28] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 154.693947][ T28] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.722885][ T28] usb 3-1: Product: syz [ 154.727218][ T28] usb 3-1: Manufacturer: syz [ 154.731855][ T28] usb 3-1: SerialNumber: syz [ 154.749895][ T28] usb 3-1: config 0 descriptor?? [ 154.786792][ T28] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 156.695743][ T28] usb 3-1: USB disconnect, device number 5 [ 157.303217][ T5789] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 157.485181][ T7899] loop3: detected capacity change from 0 to 256 [ 157.503465][ T5789] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 157.543154][ T5789] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.551313][ T5789] usb 1-1: Product: syz [ 157.566115][ T5789] usb 1-1: Manufacturer: syz [ 157.570790][ T5789] usb 1-1: SerialNumber: syz [ 157.609296][ T7899] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 157.861617][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 157.902153][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 158.006194][ T7908] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 159.145423][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 159.179472][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -71 [ 159.223612][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71 [ 159.255998][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71 [ 159.274410][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71 [ 159.308071][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71 [ 159.341298][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71 [ 159.369987][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71 [ 159.420129][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 159.441366][ T5789] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 159.472486][ T5789] lan78xx: probe of 1-1:1.0 failed with error -71 [ 159.510237][ T5789] usb 1-1: USB disconnect, device number 4 [ 159.794847][ T7932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.891'. [ 160.654679][ T7954] syz.0.900[7954] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.654931][ T7954] syz.0.900[7954] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.788056][ T7961] netlink: 12 bytes leftover after parsing attributes in process `syz.3.903'. [ 162.553643][ T8005] tipc: Started in network mode [ 162.558627][ T8005] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711 [ 162.615765][ T8005] tipc: Enabling of bearer rejected, failed to enable media [ 163.171798][ T8012] tmpfs: Too small a size for current use [ 163.741737][ T8027] tipc: Started in network mode [ 163.760530][ T8027] tipc: Node identity 12022ff8355e, cluster identity 4711 [ 163.799961][ T8027] tipc: Enabled bearer , priority 0 [ 163.809347][ T8029] tipc: Started in network mode [ 163.832911][ T8029] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711 [ 163.879804][ T8029] tipc: Enabling of bearer rejected, failed to enable media [ 164.087540][ T8027] syzkaller0: entered promiscuous mode [ 164.109709][ T8027] syzkaller0: entered allmulticast mode [ 164.116431][ T8027] tipc: Resetting bearer [ 164.263274][ T8026] tipc: Resetting bearer [ 164.835275][ T9] tipc: Node number set to 660353016 [ 164.869189][ T8054] netlink: 12 bytes leftover after parsing attributes in process `syz.1.945'. [ 167.035081][ T8026] tipc: Disabling bearer [ 167.470996][ T8074] netlink: 12 bytes leftover after parsing attributes in process `syz.2.955'. [ 168.237485][ T8106] tipc: Enabling of bearer rejected, failed to enable media [ 168.453804][ T8115] netlink: 20 bytes leftover after parsing attributes in process `syz.1.973'. [ 168.773891][ T8128] netlink: 148 bytes leftover after parsing attributes in process `syz.1.975'. [ 168.809419][ T8128] net_ratelimit: 2 callbacks suppressed [ 168.809437][ T8128] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 169.903064][ T8145] netlink: 12 bytes leftover after parsing attributes in process `syz.1.983'. [ 170.649907][ T8159] loop1: detected capacity change from 0 to 512 [ 170.743590][ T8159] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.988: inode has both inline data and extents flags [ 170.872906][ T8159] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.988: couldn't read orphan inode 15 (err -117) [ 170.953922][ T8159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.841563][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.259896][ T8191] loop2: detected capacity change from 0 to 512 [ 173.394263][ T8191] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1000: inode has both inline data and extents flags [ 173.499470][ T8191] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1000: couldn't read orphan inode 15 (err -117) [ 173.571661][ T8191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.727106][ T8204] tipc: Started in network mode [ 173.746174][ T8204] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711 [ 173.792959][ T8204] tipc: Enabling of bearer rejected, failed to enable media [ 174.561991][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.718006][ T8228] tipc: Enabling of bearer rejected, failed to enable media [ 174.934557][ T8232] sit0: entered promiscuous mode [ 174.965970][ T8232] netlink: 'syz.2.1016': attribute type 1 has an invalid length. [ 175.006092][ T8232] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1016'. [ 175.573706][ T8255] tipc: Enabling of bearer rejected, failed to enable media [ 176.141391][ T8281] tipc: Enabling of bearer rejected, failed to enable media [ 176.667241][ T8304] tipc: Enabling of bearer rejected, failed to enable media [ 176.719795][ T8307] sit0: entered promiscuous mode [ 176.741439][ T8307] netlink: 'syz.0.1053': attribute type 1 has an invalid length. [ 176.773516][ T8307] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1053'. [ 177.293619][ T27] audit: type=1326 audit(2000000087.610:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb24d8f749 code=0x7fc00000 [ 178.922590][ T27] audit: type=1326 audit(2000000089.230:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 178.972436][ T27] audit: type=1326 audit(2000000089.280:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 178.995483][ T27] audit: type=1326 audit(2000000089.280:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.020523][ T27] audit: type=1326 audit(2000000089.280:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.094974][ T27] audit: type=1326 audit(2000000089.330:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.118923][ T27] audit: type=1326 audit(2000000089.330:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.164084][ T27] audit: type=1326 audit(2000000089.330:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.223243][ T27] audit: type=1326 audit(2000000089.330:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 179.251215][ T27] audit: type=1326 audit(2000000089.330:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.1.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e3058f749 code=0x7ffc0000 [ 180.545910][ T8423] tmpfs: Cannot enable swap on remount if it was disabled on first mount [ 182.086643][ T8469] tipc: Enabling of bearer rejected, failed to enable media [ 182.462752][ C1] sched: RT throttling activated [ 183.217183][ T8497] tipc: Enabling of bearer rejected, failed to enable media [ 183.330151][ T8501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1140'. [ 184.110820][ T8525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1151'. [ 184.162937][ T8528] netlink: 312 bytes leftover after parsing attributes in process `syz.1.1152'. [ 184.674282][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1162'. [ 184.839276][ T8554] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1165'. [ 184.879289][ T8556] fuse: Invalid rootmode [ 185.353873][ T8577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1174'. [ 186.041762][ T8603] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1184'. [ 186.244358][ T8611] sit1: entered allmulticast mode [ 186.788762][ T8629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1198'. [ 187.379702][ T8656] netlink: 'syz.0.1210': attribute type 3 has an invalid length. [ 188.851735][ T8708] raw_sendmsg: syz.2.1235 forgot to set AF_INET. Fix it! [ 188.938336][ T8712] tipc: Enabling of bearer rejected, failed to enable media [ 189.463970][ T8732] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1247'. [ 189.492659][ T8734] tipc: Enabling of bearer rejected, failed to enable media [ 190.082684][ T8756] tipc: Enabling of bearer rejected, failed to enable media [ 190.222928][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 190.416756][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 190.437342][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1279, setting to 1024 [ 190.458104][ T9] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 190.469162][ T9] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 190.486920][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 190.499976][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.509729][ T9] usb 1-1: Product: syz [ 190.517765][ T9] usb 1-1: Manufacturer: syz [ 190.526566][ T9] usb 1-1: SerialNumber: syz [ 190.563300][ T8753] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 190.821097][ T8778] tipc: Enabling of bearer rejected, failed to enable media [ 191.509499][ T8798] tipc: Enabling of bearer rejected, failed to enable media [ 191.624091][ T9] cdc_ncm 1-1:1.0: bind() failure [ 191.654237][ T9] cdc_ncm: probe of 1-1:1.1 failed with error -71 [ 191.679707][ T9] cdc_mbim: probe of 1-1:1.1 failed with error -71 [ 191.706197][ T9] usbtest: probe of 1-1:1.1 failed with error -71 [ 191.724638][ T9] usb 1-1: USB disconnect, device number 5 [ 191.934992][ T8811] loop2: detected capacity change from 0 to 512 [ 191.963216][ T8811] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 191.985840][ T8811] EXT4-fs (loop2): invalid journal inode [ 191.991922][ T8811] EXT4-fs (loop2): can't get journal size [ 192.026135][ T8811] EXT4-fs (loop2): 1 truncate cleaned up [ 192.041092][ T8811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.116276][ T8811] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 192.238987][ T8821] tipc: Enabling of bearer rejected, failed to enable media [ 192.268921][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.500085][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 192.500101][ T27] audit: type=1326 audit(2000000358.808:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.3.1293" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd5f518f749 code=0x0 [ 193.502811][ T786] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 193.544236][ T786] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 193.565686][ T8861] loop1: detected capacity change from 0 to 2048 [ 193.655420][ T5792] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 194.578585][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.588594][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.727374][ T8902] netlink: 'syz.0.1326': attribute type 10 has an invalid length. [ 194.740297][ T8902] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1326'. [ 194.757114][ T8902] dummy0: entered promiscuous mode [ 196.013276][ T8940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1344'. [ 196.044358][ T8943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1345'. [ 196.991486][ T8980] loop3: detected capacity change from 0 to 512 [ 197.019228][ T8980] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 197.047346][ T8980] EXT4-fs (loop3): invalid journal inode [ 197.055049][ T8980] EXT4-fs (loop3): can't get journal size [ 197.082488][ T8980] EXT4-fs (loop3): 1 truncate cleaned up [ 197.103922][ T8980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.279616][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.644734][ T9005] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1372'. [ 197.768823][ T9003] syz.1.1371 (9003) used greatest stack depth: 20464 bytes left [ 198.271070][ T9025] loop2: detected capacity change from 0 to 512 [ 198.307043][ T9025] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 198.350241][ T9025] EXT4-fs (loop2): invalid journal inode [ 198.361856][ T9025] EXT4-fs (loop2): can't get journal size [ 198.428643][ T9025] EXT4-fs (loop2): 1 truncate cleaned up [ 198.454336][ T9025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.646735][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.803572][ T9094] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1412'. [ 201.042914][ T7235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.050822][ T7235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.331786][ T9157] tmpfs: Unknown parameter 'nr_b' [ 202.883914][ T9182] tmpfs: Unknown parameter 'nr_b' [ 202.975936][ T9186] loop4: detected capacity change from 0 to 8 [ 202.989004][ T9186] Dev loop4: unable to read RDB block 8 [ 202.996847][ T9186] loop4: unable to read partition table [ 203.007044][ T9186] loop4: partition table beyond EOD, truncated [ 203.015326][ T9186] loop_reread_partitions: partition scan of loop4 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 203.070777][ T5159] Dev loop4: unable to read RDB block 8 [ 203.082878][ T5159] loop4: unable to read partition table [ 203.091256][ T5159] loop4: partition table beyond EOD, truncated [ 203.133195][ T8] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 203.335280][ T8] usb 2-1: config 0 has no interfaces? [ 203.362368][ T8] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 203.386940][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.400528][ T8] usb 2-1: Product: syz [ 203.406708][ T8] usb 2-1: Manufacturer: syz [ 203.421662][ T8] usb 2-1: SerialNumber: syz [ 203.432957][ T9204] tmpfs: Unknown parameter 'nr_block' [ 203.439177][ T8] usb 2-1: config 0 descriptor?? [ 203.523792][ T9206] tipc: Enabling of bearer rejected, failed to enable media [ 203.619563][ T9210] loop0: detected capacity change from 0 to 512 [ 203.638835][ T9210] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 203.701265][ T9210] EXT4-fs (loop0): invalid journal inode [ 203.723099][ T9210] EXT4-fs (loop0): can't get journal size [ 203.746262][ T9210] EXT4-fs (loop0): 1 truncate cleaned up [ 203.758340][ T9210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.780167][ T8] usb 2-1: USB disconnect, device number 3 [ 203.813437][ T9210] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 203.883784][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.177530][ T9228] tmpfs: Unknown parameter 'nr_block' [ 204.556253][ T9241] loop1: detected capacity change from 0 to 512 [ 204.584385][ T9241] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 204.597888][ T9241] EXT4-fs (loop1): invalid journal inode [ 204.623572][ T9241] EXT4-fs (loop1): can't get journal size [ 204.679467][ T9241] EXT4-fs (loop1): 1 truncate cleaned up [ 204.704855][ T9241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.778838][ T9241] EXT4-fs warning (device loop1): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 204.949683][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.126576][ T9254] tmpfs: Unknown parameter 'nr_block' [ 205.421539][ T9263] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1489'. [ 205.923408][ T9272] loop2: detected capacity change from 0 to 512 [ 205.941929][ T9272] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 205.965010][ T9272] EXT4-fs (loop2): invalid journal inode [ 205.972218][ T9272] EXT4-fs (loop2): can't get journal size [ 205.999192][ T9272] EXT4-fs (loop2): 1 truncate cleaned up [ 206.024836][ T9272] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.052204][ T9281] tmpfs: Bad value for 'nr_blocks' [ 206.162944][ T9272] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 206.294438][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.795716][ T9299] tmpfs: Bad value for 'nr_blocks' [ 206.960045][ T9305] loop2: detected capacity change from 0 to 512 [ 207.014482][ T9305] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 207.054765][ T9305] EXT4-fs (loop2): invalid journal inode [ 207.063005][ T9305] EXT4-fs (loop2): can't get journal size [ 207.097225][ T9305] EXT4-fs (loop2): 1 truncate cleaned up [ 207.129741][ T9305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.181170][ T9305] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 207.316661][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.424938][ T9317] sit1: entered allmulticast mode [ 207.839044][ T9329] tmpfs: Bad value for 'nr_blocks' [ 208.049354][ T9333] loop3: detected capacity change from 0 to 512 [ 208.077697][ T9333] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 208.085792][ T9336] loop2: detected capacity change from 0 to 512 [ 208.103379][ T9333] EXT4-fs (loop3): invalid journal inode [ 208.117522][ T9333] EXT4-fs (loop3): can't get journal size [ 208.149439][ T9336] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 208.161159][ T9333] EXT4-fs (loop3): 1 truncate cleaned up [ 208.185598][ T9336] EXT4-fs (loop2): invalid journal inode [ 208.221671][ T9333] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 208.240778][ T9336] EXT4-fs (loop2): can't get journal size [ 208.298334][ T9336] EXT4-fs (loop2): 1 truncate cleaned up [ 208.313141][ T9333] EXT4-fs warning (device loop3): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 208.347055][ T9336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 208.453433][ T9336] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 208.558087][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.584890][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.060792][ T9363] [ 209.063317][ T9363] ====================================================== [ 209.070378][ T9363] WARNING: possible circular locking dependency detected [ 209.077429][ T9363] syzkaller #0 Not tainted [ 209.081854][ T9363] ------------------------------------------------------ [ 209.088871][ T9363] syz.0.1542/9363 is trying to acquire lock: [ 209.094854][ T9363] ffff8880213d1458 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xe6/0x9f0 [ 209.106364][ T9363] [ 209.106364][ T9363] but task is already holding lock: [ 209.113750][ T9363] ffff8880213d0130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x255/0x530 [ 209.122749][ T9363] [ 209.122749][ T9363] which lock already depends on the new lock. [ 209.122749][ T9363] [ 209.133335][ T9363] [ 209.133335][ T9363] the existing dependency chain (in reverse order) is: [ 209.142349][ T9363] [ 209.142349][ T9363] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 209.150099][ T9363] lock_sock_nested+0x48/0x100 [ 209.155414][ T9363] smc_listen_out+0x109/0x3d0 [ 209.160648][ T9363] process_scheduled_works+0xa45/0x15b0 [ 209.166737][ T9363] worker_thread+0xa55/0xfc0 [ 209.171857][ T9363] kthread+0x2fa/0x390 [ 209.176454][ T9363] ret_from_fork+0x48/0x80 [ 209.181398][ T9363] ret_from_fork_asm+0x11/0x20 [ 209.186698][ T9363] [ 209.186698][ T9363] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 209.196868][ T9363] __lock_acquire+0x2ddb/0x7c80 [ 209.202249][ T9363] lock_acquire+0x197/0x410 [ 209.207280][ T9363] __flush_work+0x5ed/0x9f0 [ 209.212421][ T9363] __cancel_work_timer+0x3b0/0x520 [ 209.218154][ T9363] smc_clcsock_release+0x60/0xf0 [ 209.223635][ T9363] __smc_release+0x661/0x7d0 [ 209.228758][ T9363] smc_close_non_accepted+0xd5/0x1f0 [ 209.234577][ T9363] smc_close_active+0xb61/0xf00 [ 209.240050][ T9363] __smc_release+0x8d/0x7d0 [ 209.245118][ T9363] smc_release+0x2ce/0x530 [ 209.250210][ T9363] sock_close+0xbd/0x230 [ 209.255191][ T9363] __fput+0x234/0x970 [ 209.259724][ T9363] task_work_run+0x1ce/0x250 [ 209.264853][ T9363] exit_to_user_mode_loop+0xe6/0x110 [ 209.270679][ T9363] exit_to_user_mode_prepare+0xf6/0x180 [ 209.276933][ T9363] syscall_exit_to_user_mode+0x1a/0x50 [ 209.282919][ T9363] do_syscall_64+0x61/0xb0 [ 209.287868][ T9363] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 209.294463][ T9363] [ 209.294463][ T9363] other info that might help us debug this: [ 209.294463][ T9363] [ 209.304698][ T9363] Possible unsafe locking scenario: [ 209.304698][ T9363] [ 209.312152][ T9363] CPU0 CPU1 [ 209.317520][ T9363] ---- ---- [ 209.322889][ T9363] lock(sk_lock-AF_SMC/1); [ 209.327411][ T9363] lock((work_completion)(&new_smc->smc_listen_work)); [ 209.336870][ T9363] lock(sk_lock-AF_SMC/1); [ 209.343902][ T9363] lock((work_completion)(&new_smc->smc_listen_work)); [ 209.350839][ T9363] [ 209.350839][ T9363] *** DEADLOCK *** [ 209.350839][ T9363] [ 209.359002][ T9363] 3 locks held by syz.0.1542/9363: [ 209.364115][ T9363] #0: ffff88805b95be20 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x9b/0x230 [ 209.374413][ T9363] #1: ffff8880213d0130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x255/0x530 [ 209.383834][ T9363] #2: ffffffff8cd2fee0 (rcu_read_lock){....}-{1:2}, at: __flush_work+0xe6/0x9f0 [ 209.392979][ T9363] [ 209.392979][ T9363] stack backtrace: [ 209.398887][ T9363] CPU: 1 PID: 9363 Comm: syz.0.1542 Not tainted syzkaller #0 [ 209.406263][ T9363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 209.416341][ T9363] Call Trace: [ 209.419641][ T9363] [ 209.422588][ T9363] dump_stack_lvl+0x16c/0x230 [ 209.427286][ T9363] ? load_image+0x3b0/0x3b0 [ 209.431802][ T9363] ? show_regs_print_info+0x20/0x20 [ 209.437019][ T9363] ? print_circular_bug+0x12b/0x1a0 [ 209.442269][ T9363] check_noncircular+0x2bd/0x3c0 [ 209.447218][ T9363] ? look_up_lock_class+0x75/0x140 [ 209.452366][ T9363] ? print_deadlock_bug+0x5d0/0x5d0 [ 209.457582][ T9363] ? lockdep_lock+0xe0/0x220 [ 209.462185][ T9363] ? _find_first_zero_bit+0xd3/0x100 [ 209.467495][ T9363] __lock_acquire+0x2ddb/0x7c80 [ 209.472375][ T9363] ? verify_lock_unused+0x140/0x140 [ 209.477590][ T9363] ? debug_object_activate+0x2f7/0x4b0 [ 209.483061][ T9363] ? __lock_acquire+0x7c80/0x7c80 [ 209.488097][ T9363] ? __rwlock_init+0x150/0x150 [ 209.492889][ T9363] lock_acquire+0x197/0x410 [ 209.497405][ T9363] ? __flush_work+0xe6/0x9f0 [ 209.502010][ T9363] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 209.508001][ T9363] ? read_lock_is_recursive+0x20/0x20 [ 209.513394][ T9363] ? _raw_spin_unlock_irq+0x23/0x50 [ 209.518610][ T9363] ? __flush_work+0xe6/0x9f0 [ 209.523209][ T9363] __flush_work+0x5ed/0x9f0 [ 209.527727][ T9363] ? __flush_work+0xe6/0x9f0 [ 209.532329][ T9363] ? __flush_work+0xe6/0x9f0 [ 209.537102][ T9363] ? flush_work+0x20/0x20 [ 209.541445][ T9363] ? move_linked_works+0x230/0x230 [ 209.546573][ T9363] ? lock_chain_count+0x20/0x20 [ 209.551433][ T9363] ? __cancel_work_timer+0x335/0x520 [ 209.556731][ T9363] __cancel_work_timer+0x3b0/0x520 [ 209.561853][ T9363] ? cancel_work_sync+0x20/0x20 [ 209.566710][ T9363] ? __local_bh_enable_ip+0x12e/0x1c0 [ 209.572090][ T9363] ? lockdep_hardirqs_on+0x98/0x150 [ 209.577303][ T9363] ? __local_bh_enable_ip+0x12e/0x1c0 [ 209.582699][ T9363] ? _local_bh_enable+0xa0/0xa0 [ 209.587577][ T9363] smc_clcsock_release+0x60/0xf0 [ 209.592528][ T9363] __smc_release+0x661/0x7d0 [ 209.597134][ T9363] smc_close_non_accepted+0xd5/0x1f0 [ 209.602433][ T9363] smc_close_active+0xb61/0xf00 [ 209.607303][ T9363] ? __receive_sock+0x90/0x90 [ 209.612005][ T9363] __smc_release+0x8d/0x7d0 [ 209.616530][ T9363] smc_release+0x2ce/0x530 [ 209.620960][ T9363] sock_close+0xbd/0x230 [ 209.625231][ T9363] ? sock_mmap+0xa0/0xa0 [ 209.629484][ T9363] __fput+0x234/0x970 [ 209.633495][ T9363] task_work_run+0x1ce/0x250 [ 209.638106][ T9363] ? task_work_cancel+0x240/0x240 [ 209.643148][ T9363] ? exit_to_user_mode_loop+0x3b/0x110 [ 209.648632][ T9363] exit_to_user_mode_loop+0xe6/0x110 [ 209.653932][ T9363] exit_to_user_mode_prepare+0xf6/0x180 [ 209.659494][ T9363] syscall_exit_to_user_mode+0x1a/0x50 [ 209.664961][ T9363] do_syscall_64+0x61/0xb0 [ 209.669386][ T9363] ? clear_bhb_loop+0x40/0x90 [ 209.674162][ T9363] ? clear_bhb_loop+0x40/0x90 [ 209.678858][ T9363] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 209.684756][ T9363] RIP: 0033:0x7f00a4b8f749 [ 209.689187][ T9363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.708797][ T9363] RSP: 002b:00007f00a5943038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 209.717257][ T9363] RAX: 0000000000000000 RBX: 00007f00a4de5fa0 RCX: 00007f00a4b8f749 [ 209.725238][ T9363] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 209.733218][ T9363] RBP: 00007f00a4c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 209.741200][ T9363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.749175][ T9363] R13: 00007f00a4de6038 R14: 00007f00a4de5fa0 R15: 00007ffe0417a9d8 [ 209.757167][ T9363]