last executing test programs: 1m21.460396014s ago: executing program 3 (id=228): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1m21.328757565s ago: executing program 3 (id=231): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x2, 0x0, 0x9, @local, @rand_addr=' \x01\x00', 0x7, 0x7, 0x202, 0x8}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0}) 1m21.125464069s ago: executing program 3 (id=234): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50) process_madvise(0xffffffffffffffff, &(0x7f0000000200), 0x1000000000000276, 0x0, 0x0) 1m20.910343316s ago: executing program 3 (id=237): r0 = socket$inet_tcp(0x2, 0x1, 0x0) close_range(r0, 0xffffffffffffffff, 0x100000000000000) 1m20.665388574s ago: executing program 3 (id=242): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) tgkill(0x0, 0x0, 0x27) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0xfd, 0x0, 0x4, 0x0, 0x0, 0x408, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40040) io_setup(0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 1m18.99533496s ago: executing program 3 (id=263): unshare(0x22020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000009385000000710000"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x18) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x60400, 0x0) close_range(r3, r4, 0x200000000000000) syz_open_procfs(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 1m3.72740059s ago: executing program 32 (id=263): unshare(0x22020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000009385000000710000"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x18) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x60400, 0x0) close_range(r3, r4, 0x200000000000000) syz_open_procfs(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 1m1.13711787s ago: executing program 4 (id=356): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000e80)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9aca00}]}}]}, 0x48}}, 0x0) 1m0.945870219s ago: executing program 4 (id=357): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) socket(0x2, 0x3, 0x6) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000f00)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d1", 0xbc}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def", 0xe8}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff226c1523bf01617976641421438e16378094c94f2e55a44150d9a358d92606afb12f21a63daadbb143d6ccdae88d53521b9fe51ffabb08ff67cb98266eeb1fbf81ec1e", 0xe8}, {&(0x7f0000000040)="f96be6c391f1f8b23ae44a70a75f", 0xe}, {&(0x7f0000000200)="057322e18609ed78266492c2a2ae3f0c0f3f6394c53de2727898d209dcb274efec9fc9995189ead7bf00148d091675fa045479985e4f644d258d0aa4a69618eb08ba045907a549ed83b88863", 0x4c}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf4470", 0x13}, {&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a1", 0x62}], 0x2}}], 0x2, 0xc0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(0xffffffffffffffff, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 1m0.66213082s ago: executing program 4 (id=359): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'macvtap0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r1}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 1m0.447515671s ago: executing program 4 (id=360): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh") r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r3, 0x0) 59.298207754s ago: executing program 4 (id=366): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd, 0xd, 0x2, [@datasec={0xb, 0x0, 0x0, 0xf, 0x1, [], "02"}]}}, 0x0, 0x2a, 0x0, 0x1, 0xb}, 0x28) 58.957828454s ago: executing program 4 (id=369): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(0xffffffffffffffff, 0x80585414, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000440), 0x4) setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000040)=0xb2, 0x4) sendmmsg$inet6(r1, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000800), 0x62, 0x12141, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x99ea75e98fc7fef1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)}, 0xff0f000020000080) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x9) connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a14000000110001a5eaec0eff4e8e0000000000000000000200000a"], 0x28}}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b22667f2f00db5b686158bbcfe8875a65969ff57b00000000000000000000000000ac1414aa35f086dd"], 0xfdef) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 43.78479481s ago: executing program 33 (id=369): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(0xffffffffffffffff, 0x80585414, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000440), 0x4) setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000040)=0xb2, 0x4) sendmmsg$inet6(r1, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000800), 0x62, 0x12141, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x99ea75e98fc7fef1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)}, 0xff0f000020000080) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x9) connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a14000000110001a5eaec0eff4e8e0000000000000000000200000a"], 0x28}}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b22667f2f00db5b686158bbcfe8875a65969ff57b00000000000000000000000000ac1414aa35f086dd"], 0xfdef) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 36.905556821s ago: executing program 2 (id=473): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000"], 0x48) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = io_uring_setup(0x6280, &(0x7f0000000580)={0x0, 0x90000000, 0x1, 0x0, 0x1d2}) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x1}, 0x20) 36.760258627s ago: executing program 2 (id=475): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00') ioctl$int_in(r0, 0x5452, &(0x7f0000000240)=0x1) 36.574055709s ago: executing program 2 (id=476): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$tipc(0x1e, 0x5, 0x0) socket$tipc(0x1e, 0x5, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) pipe2(&(0x7f0000001440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r1, 0x0, r0, 0x0, 0x6, 0x6) fcntl$setpipe(r0, 0x407, 0x0) sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000010901"], 0x14}}, 0x0) 35.46311575s ago: executing program 2 (id=478): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001e000100fcffffff000000000a000000", @ANYRES32=0x0, @ANYBLOB="0000000006000b"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x44010) 35.066948457s ago: executing program 2 (id=481): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x4f33}, 0x18) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r4 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r4], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4004000) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x20, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=r1]) 34.86155616s ago: executing program 2 (id=483): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r2 = syz_io_uring_setup(0x499, &(0x7f0000000200)={0x0, 0x4661, 0x8, 0x3, 0x288}, &(0x7f0000000140)=0x0, &(0x7f0000000380)=0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x22d6, 0x4b34, 0x4, 0x0, 0x0) close_range(r0, r1, 0x0) 30.08112922s ago: executing program 5 (id=508): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) socket$caif_stream(0x25, 0x1, 0x5) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x5423, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x25, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x3ff}}}, 0xb4}}, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000580)={'ip6_vti0\x00', 0x0, 0x29, 0x4, 0x8, 0x7, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x700, 0x20, 0x7, 0x1000}}) prctl$PR_SCHED_CORE(0x4d, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x10001, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x12, 0x0, &(0x7f0000000240), &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x6e, &(0x7f0000000340)=""/110, 0x41000, 0x39, '\x00', r6, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x9, 0x9, 0x9}, 0x10, r7, r1, 0x5, &(0x7f00000006c0)=[r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000700)=[{0x0, 0x4, 0xf, 0x6}, {0x2, 0x3, 0x3}, {0x0, 0x5, 0xf, 0x8}, {0x4, 0x4, 0x6, 0xb}, {0x3, 0x5, 0x9, 0x8}], 0x10, 0x4}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) ioprio_set$uid(0x3, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r9, 0x0, r10, 0x0, 0xf3a, 0x0) write(r8, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10) sync() 29.773385066s ago: executing program 5 (id=511): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) r0 = syz_open_dev$loop(0x0, 0x75f, 0xa382) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x800000, 0xe) sendfile(r0, r0, 0x0, 0x24002deb) ioctl$LOOP_CLR_FD(r0, 0x4c01) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe={'stripe', 0x3d, 0x40}}]}, 0x3, 0x463, &(0x7f0000000340)="$eJzs281vFOUfAPDvTLvlxw+wFfGFF7WKxsaXlgIqBw9qNPGAiYke9Ni0C0EWatqaCCEKxuDJGBPvxqP/gie9GOPJxKveDQkxXABPa2Z3BnaX3aUsu11gP59k4Hnmpc/325mn+8w8OwGMrOnsnyRia0T8GRGT9WrzDtP1/65cOrN49dKZxSSq1Xf/SWr7Xb50ZrHYtThuS16ZSSPSL5LY3abd1VOnjy9UKuWVvD63duKjudVTp184dmLhaPlo+eT+Q4cOHph/+aX9L/Ylzyymy7s+Xd6z860Pvnn78FdN+bfk0SfT3TY+Xa32ubnh2tZQTsaHGAi3ZCwistNVqvX/yRiL6ydvMt78fKjBAQNVrVarWzpvPlsF7mFJNNd1eRgVxQd9dv9bLK2DgFcHN/wYuouv1W+Asryv5Et9y3ik+T6llvvbfpqOiPfP/vtdtsRgnkMAADT5KRv/PN9u/JfGQw373ZfPDU1FxP0RsT0iHoiIHRHxYERt34cj4pFbbL91kuTG8U96oafE1ikb/72Sz201j/+K0V9MjeW1bbX8S8mRY5Xyvvx3MhOlTVl9vksbP7/xx9edtjWO/7Ila78YC+ZxXBjf1HzM0sLawu3k3OjiuYhd4+3yT67NBCQRsTMidvXYxrFnf9jTadvN8++iD/NM1e8jnqmf/7PRkn8h6T4/Ofe/qJT3zRVXxY1++/38O53av638+yA7//9ve/1fy38qKeZr0yivrN56G+f/+rLjPU2v1/9E8l6tPJGv+2RhbW1lPmIiOVwPunH9/uvHFvVi/yz/mb3t+//2uP6b2B0R2UX8aEQ8FhGP57E/ERFPRsTeLvn/+vpTH/ae/2Bl+S+t9/xXKuWVhsJEtK5pXxg7/suPTY1O3ZD/1e7n/2CtNJOvWc/fv/XEVenpagYAAIC7TxoRWyNJZ6+V03R2tv59+R0RaWV5de25I8sfn1yqvyMwFaW0eNI12fA8dD6/ra/Xz0VE/asFxfYD+XPjb8c21+qzi8uVpWEnDyNuS4f+n/l7bNjRAQPnfS0YXfo/jK519v977JV1IHz+w0hr0/83DyMOYOO1+/z/bAhxABuvpf+b9oMR4v4fRlen/l+d3OBAgA1X7/+G/TBiVjfHzV+S71ooflKPh9+zhSjdEWEMrBDpHRFGa6EUEXdAGHd/Ybh/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrlvwAAAP//HArhUQ==") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) 28.844473842s ago: executing program 5 (id=515): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14b57e, 0x0) readahead(r1, 0x0, 0x0) 28.565678867s ago: executing program 0 (id=516): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x4f33}, 0x18) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r4 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r4], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4004000) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000840)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x20, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=r1]) 28.415510051s ago: executing program 5 (id=517): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f00000029c0)={0xa, {"a2e3ad214fc752f91b2809094bf70e0dd038e7ff7fc6e5539b3266078b089b3b083867090890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b34390d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0xbb7, 0xae, 0x280}) 28.062230289s ago: executing program 0 (id=519): sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, 0x0, 0x40) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000500000000000500200001000000050008"], 0x7c}}, 0x0) 27.928468471s ago: executing program 5 (id=520): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) syz_usb_connect(0x2, 0x64, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x5, 0x2, 0x0, 0x70bd2d, 0x25dfdbfe}, 0x10}}, 0x4) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(0x0, r5) sendmsg$TIPC_CMD_SHOW_PORTS(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r6, 0x1}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40004) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r4}, 0x18) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r1, {0x10, 0x4}, {0x6}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 27.813901483s ago: executing program 0 (id=521): r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, 0x0) 27.661596131s ago: executing program 0 (id=522): capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7}) creat(&(0x7f0000000400)='./file0\x00', 0x40) pipe2$9p(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chmod(&(0x7f0000000000)='./file0\x00', 0x121) 27.392946286s ago: executing program 0 (id=523): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x20000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 26.428717821s ago: executing program 0 (id=530): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x10000000, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x11, 0x8}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) 26.210650724s ago: executing program 5 (id=531): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x6, 0x3, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0) ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000140)={'batadv0\x00'}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1}) 19.512821499s ago: executing program 34 (id=483): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r2 = syz_io_uring_setup(0x499, &(0x7f0000000200)={0x0, 0x4661, 0x8, 0x3, 0x288}, &(0x7f0000000140)=0x0, &(0x7f0000000380)=0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x22d6, 0x4b34, 0x4, 0x0, 0x0) close_range(r0, r1, 0x0) 16.614264436s ago: executing program 1 (id=568): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x6908, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000060a0b0400000000000000000200000038000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c59208000240000000020900010073797a30000000000900020073797a3200000000"], 0x8c}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2000000000}, 0x18) kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) 15.66332459s ago: executing program 1 (id=569): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x4000000000002ab}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x20000004) 15.611678044s ago: executing program 1 (id=570): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 15.563506218s ago: executing program 1 (id=571): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)={0x48, 0x2, 0x6, 0x301, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x48}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) 15.499260082s ago: executing program 1 (id=572): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a300000000034000000030a010100000000000000000100000209000b0073797a31000000000900010073797a300000000008000a4000000004d4010000020a05"], 0x250}}, 0x0) 15.433221228s ago: executing program 1 (id=573): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x58, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xf, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x28, 0x2, [@TCA_CGROUP_EMATCHES={0x24, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0) 11.020154617s ago: executing program 35 (id=530): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x10000000, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x11, 0x8}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) 10.967896077s ago: executing program 36 (id=531): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x6, 0x3, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0) ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000140)={'batadv0\x00'}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1}) 0s ago: executing program 37 (id=573): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x58, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xf, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x28, 0x2, [@TCA_CGROUP_EMATCHES={0x24, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.62' (ED25519) to the list of known hosts. [ 84.079016][ T5812] cgroup: Unknown subsys name 'net' [ 84.258534][ T5812] cgroup: Unknown subsys name 'cpuset' [ 84.268018][ T5812] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.820308][ T5812] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.506455][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.515647][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.523296][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.530777][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.538608][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.562162][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.577137][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.585687][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.588022][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.600108][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.600496][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.607862][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.614180][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.622685][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.629954][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.639753][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.644616][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.649410][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.657621][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.664075][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.672440][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.679010][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.685463][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.697056][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.709846][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.726319][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.734764][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.735410][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.754931][ T5835] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 90.769035][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.196571][ T974] cfg80211: failed to load regulatory.db [ 91.369599][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 91.745783][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 91.767050][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 91.786014][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.793240][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.800616][ T5828] bridge_slave_0: entered allmulticast mode [ 91.808647][ T5828] bridge_slave_0: entered promiscuous mode [ 91.881429][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.888995][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.896852][ T5828] bridge_slave_1: entered allmulticast mode [ 91.905585][ T5828] bridge_slave_1: entered promiscuous mode [ 91.929442][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 92.032978][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.109377][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.238123][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 92.250841][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 92.273750][ T5828] team0: Port device team_slave_0 added [ 92.346932][ T5828] team0: Port device team_slave_1 added [ 92.375023][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.382878][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.390064][ T5827] bridge_slave_0: entered allmulticast mode [ 92.398630][ T5827] bridge_slave_0: entered promiscuous mode [ 92.417945][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.425566][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.432965][ T5827] bridge_slave_1: entered allmulticast mode [ 92.440608][ T5827] bridge_slave_1: entered promiscuous mode [ 92.499784][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.507226][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.514970][ T5830] bridge_slave_0: entered allmulticast mode [ 92.522834][ T5830] bridge_slave_0: entered promiscuous mode [ 92.598349][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.605634][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.613389][ T5830] bridge_slave_1: entered allmulticast mode [ 92.620911][ T5830] bridge_slave_1: entered promiscuous mode [ 92.653622][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.682681][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.689659][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.716198][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.729820][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.737470][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.763988][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.775402][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.782925][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.790098][ T5825] bridge_slave_0: entered allmulticast mode [ 92.792943][ T5850] Bluetooth: hci0: command tx timeout [ 92.799240][ T5825] bridge_slave_0: entered promiscuous mode [ 92.801509][ T5848] Bluetooth: hci1: command tx timeout [ 92.813013][ T5839] Bluetooth: hci2: command tx timeout [ 92.818731][ T5838] Bluetooth: hci4: command tx timeout [ 92.854142][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.872786][ T5850] Bluetooth: hci5: command tx timeout [ 92.872798][ T5848] Bluetooth: hci3: command tx timeout [ 92.923162][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.930334][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.938836][ T5825] bridge_slave_1: entered allmulticast mode [ 92.947254][ T5825] bridge_slave_1: entered promiscuous mode [ 92.957589][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.972262][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.007537][ T5827] team0: Port device team_slave_0 added [ 93.013775][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.020918][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.028439][ T5826] bridge_slave_0: entered allmulticast mode [ 93.035992][ T5826] bridge_slave_0: entered promiscuous mode [ 93.045093][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.052349][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.059593][ T5826] bridge_slave_1: entered allmulticast mode [ 93.067475][ T5826] bridge_slave_1: entered promiscuous mode [ 93.140642][ T5827] team0: Port device team_slave_1 added [ 93.224126][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.231393][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.239543][ T5829] bridge_slave_0: entered allmulticast mode [ 93.247243][ T5829] bridge_slave_0: entered promiscuous mode [ 93.293431][ T5828] hsr_slave_0: entered promiscuous mode [ 93.299936][ T5828] hsr_slave_1: entered promiscuous mode [ 93.310117][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.323574][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.335350][ T5830] team0: Port device team_slave_0 added [ 93.341682][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.349379][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.356892][ T5829] bridge_slave_1: entered allmulticast mode [ 93.364511][ T5829] bridge_slave_1: entered promiscuous mode [ 93.389274][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.404332][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.433213][ T5830] team0: Port device team_slave_1 added [ 93.477061][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.484596][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.510931][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.525011][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.532027][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.558020][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.623583][ T5825] team0: Port device team_slave_0 added [ 93.689241][ T5826] team0: Port device team_slave_0 added [ 93.715792][ T5825] team0: Port device team_slave_1 added [ 93.722663][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.729708][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.756474][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.770692][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.784164][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.836396][ T5826] team0: Port device team_slave_1 added [ 93.875682][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.883200][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.910133][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.942832][ T5827] hsr_slave_0: entered promiscuous mode [ 93.949348][ T5827] hsr_slave_1: entered promiscuous mode [ 93.955997][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.963892][ T5827] Cannot create hsr debugfs directory [ 94.027475][ T5829] team0: Port device team_slave_0 added [ 94.071494][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.079040][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.105868][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.118393][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.129131][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.155626][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.168360][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.176173][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.202285][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.216129][ T5829] team0: Port device team_slave_1 added [ 94.237800][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.244962][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.271761][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.439158][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.446212][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.473129][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.520352][ T5830] hsr_slave_0: entered promiscuous mode [ 94.530911][ T5830] hsr_slave_1: entered promiscuous mode [ 94.537355][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.545316][ T5830] Cannot create hsr debugfs directory [ 94.559879][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.568254][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.594595][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.686682][ T5825] hsr_slave_0: entered promiscuous mode [ 94.694000][ T5825] hsr_slave_1: entered promiscuous mode [ 94.700234][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.708555][ T5825] Cannot create hsr debugfs directory [ 94.790020][ T5826] hsr_slave_0: entered promiscuous mode [ 94.797828][ T5826] hsr_slave_1: entered promiscuous mode [ 94.805121][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.812737][ T5826] Cannot create hsr debugfs directory [ 94.872682][ T5850] Bluetooth: hci1: command tx timeout [ 94.872721][ T5838] Bluetooth: hci2: command tx timeout [ 94.882094][ T5850] Bluetooth: hci0: command tx timeout [ 94.883492][ T5848] Bluetooth: hci4: command tx timeout [ 94.952048][ T5848] Bluetooth: hci3: command tx timeout [ 94.957617][ T5838] Bluetooth: hci5: command tx timeout [ 94.973766][ T5829] hsr_slave_0: entered promiscuous mode [ 94.980370][ T5829] hsr_slave_1: entered promiscuous mode [ 94.986782][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.994438][ T5829] Cannot create hsr debugfs directory [ 95.327067][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.340559][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.390096][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.431451][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.610999][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.624653][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.669244][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.697867][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.751274][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.766878][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.796688][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.808483][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.914183][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.951270][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.964906][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.989298][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.008818][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 96.118542][ T5826] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 96.148488][ T5826] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 96.167332][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.194231][ T5826] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 96.207663][ T5826] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 96.226226][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.233516][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.301163][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.308385][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.388512][ T5829] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 96.416275][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.433857][ T5829] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 96.448026][ T5829] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 96.475705][ T5829] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 96.497043][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.538637][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.569478][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.576655][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.591285][ T3486] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.598431][ T3486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.653999][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.727719][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.750768][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.757952][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.786439][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.793617][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.917233][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.953888][ T5848] Bluetooth: hci1: command tx timeout [ 96.955067][ T5850] Bluetooth: hci4: command tx timeout [ 96.959319][ T5839] Bluetooth: hci2: command tx timeout [ 96.971141][ T5838] Bluetooth: hci0: command tx timeout [ 97.011704][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.022794][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.029907][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.038285][ T5838] Bluetooth: hci5: command tx timeout [ 97.040041][ T5839] Bluetooth: hci3: command tx timeout [ 97.053238][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.096654][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.103923][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.161860][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.187596][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.216729][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.248502][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.255719][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.329604][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.336796][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.361848][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.369029][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.381655][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.388792][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.588462][ T5828] veth0_vlan: entered promiscuous mode [ 97.671083][ T5828] veth1_vlan: entered promiscuous mode [ 97.723352][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.854446][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.985196][ T5828] veth0_macvtap: entered promiscuous mode [ 98.006233][ T5828] veth1_macvtap: entered promiscuous mode [ 98.064494][ T5825] veth0_vlan: entered promiscuous mode [ 98.088845][ T5825] veth1_vlan: entered promiscuous mode [ 98.195177][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.243128][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.279279][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.293306][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.304274][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.315717][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.324753][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.349926][ T5825] veth0_macvtap: entered promiscuous mode [ 98.364221][ T5825] veth1_macvtap: entered promiscuous mode [ 98.377047][ T5827] veth0_vlan: entered promiscuous mode [ 98.424973][ T5827] veth1_vlan: entered promiscuous mode [ 98.464924][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.481161][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.518129][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.571743][ T5830] veth0_vlan: entered promiscuous mode [ 98.681503][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.694579][ T5830] veth1_vlan: entered promiscuous mode [ 98.707244][ T5827] veth0_macvtap: entered promiscuous mode [ 98.741798][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.758262][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.768419][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.792716][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.838740][ T5827] veth1_macvtap: entered promiscuous mode [ 98.934955][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.945067][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.952738][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.032617][ T5839] Bluetooth: hci4: command tx timeout [ 99.033029][ T5830] veth0_macvtap: entered promiscuous mode [ 99.038043][ T5839] Bluetooth: hci1: command tx timeout [ 99.044303][ T5838] Bluetooth: hci0: command tx timeout [ 99.049979][ T5839] Bluetooth: hci2: command tx timeout [ 99.074470][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.127701][ T5839] Bluetooth: hci5: command tx timeout [ 99.127717][ T5838] Bluetooth: hci3: command tx timeout [ 99.141746][ T5830] veth1_macvtap: entered promiscuous mode [ 99.165520][ T5827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.178502][ T5827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.195475][ T5827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.207583][ T5827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.264820][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.274224][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.299177][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.308555][ T5826] veth0_vlan: entered promiscuous mode [ 99.314156][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.408248][ T5826] veth1_vlan: entered promiscuous mode [ 99.425445][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.438673][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.469031][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.477727][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.488617][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.500418][ T5830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.510838][ T5830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.520471][ T5830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.529489][ T5830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.554233][ T5829] veth0_vlan: entered promiscuous mode [ 99.669244][ T5829] veth1_vlan: entered promiscuous mode [ 99.781751][ T5978] loop1: detected capacity change from 0 to 764 [ 99.817183][ T5978] rock: directory entry would overflow storage [ 99.841984][ T5978] rock: sig=0x4654, size=5, remaining=4 [ 100.008194][ T5826] veth0_macvtap: entered promiscuous mode [ 100.053664][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.090870][ T5826] veth1_macvtap: entered promiscuous mode [ 100.104147][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.147088][ T5983] openvswitch: netlink: Message has 8 unknown bytes. [ 100.267975][ T5829] veth0_macvtap: entered promiscuous mode [ 100.334410][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.355239][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.369808][ T5829] veth1_macvtap: entered promiscuous mode [ 100.420111][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.431115][ T5989] loop1: detected capacity change from 0 to 512 [ 100.445458][ T5989] EXT4-fs: Ignoring removed nobh option [ 100.464449][ T5989] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 100.499302][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.516989][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.531394][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.545376][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.10: corrupted inode contents [ 100.579753][ T5989] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.10: mark_inode_dirty error [ 100.603633][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.10: corrupted inode contents [ 100.619878][ T5989] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.10: mark_inode_dirty error [ 100.643154][ T5826] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.646196][ T5989] Quota error (device loop1): write_blk: dquota write failed [ 100.654757][ T5826] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.665574][ T5989] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 100.690852][ T5826] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.699991][ T5826] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.709184][ T5989] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.10: Failed to acquire dquot type 0 [ 100.731568][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.10: corrupted inode contents [ 100.781246][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.809487][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.820283][ T5989] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.10: mark_inode_dirty error [ 100.854746][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.10: corrupted inode contents [ 100.874714][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.896079][ T5989] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.10: mark_inode_dirty error [ 100.946542][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.964643][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.10: corrupted inode contents [ 100.991994][ T5995] loop0: detected capacity change from 0 to 128 [ 101.007080][ T5829] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.037172][ T5829] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.046323][ T5829] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.055252][ T5829] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.068794][ T5989] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 101.125565][ T5989] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.10: corrupted inode contents [ 101.210640][ T5989] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.10: mark_inode_dirty error [ 101.231399][ T5995] syz.0.11: attempt to access beyond end of device [ 101.231399][ T5995] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 101.264575][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.287333][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.295841][ T5989] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 101.304398][ T5995] syz.0.11: attempt to access beyond end of device [ 101.304398][ T5995] loop0: rw=2049, sector=169, nr_sectors = 16 limit=128 [ 101.340779][ T5989] EXT4-fs (loop1): 1 truncate cleaned up [ 101.392386][ T5989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.410733][ T5995] syz.0.11: attempt to access beyond end of device [ 101.410733][ T5995] loop0: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 101.448918][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.464113][ T5989] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.478416][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.522297][ T5995] syz.0.11: attempt to access beyond end of device [ 101.522297][ T5995] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 101.599238][ T5995] syz.0.11: attempt to access beyond end of device [ 101.599238][ T5995] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 101.664642][ T6005] netlink: 'syz.3.13': attribute type 1 has an invalid length. [ 101.678109][ T5995] syz.0.11: attempt to access beyond end of device [ 101.678109][ T5995] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 101.747499][ T5995] syz.0.11: attempt to access beyond end of device [ 101.747499][ T5995] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 101.773672][ T5995] syz.0.11: attempt to access beyond end of device [ 101.773672][ T5995] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 101.788789][ T5995] syz.0.11: attempt to access beyond end of device [ 101.788789][ T5995] loop0: rw=2049, sector=289, nr_sectors = 9 limit=128 [ 101.800980][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.824105][ T6005] vlan2: entered allmulticast mode [ 101.829406][ T6005] veth1: entered allmulticast mode [ 101.843980][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.160044][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.249021][ T6011] syz.0.16 uses obsolete (PF_INET,SOCK_PACKET) [ 102.256752][ T6012] loop4: detected capacity change from 0 to 1024 [ 102.277371][ T2993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.288580][ T6012] ======================================================= [ 102.288580][ T6012] WARNING: The mand mount option has been deprecated and [ 102.288580][ T6012] and is ignored by this kernel. Remove the mand [ 102.288580][ T6012] option from the mount to silence this warning. [ 102.288580][ T6012] ======================================================= [ 102.340980][ T2993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.369112][ T6012] EXT4-fs: Ignoring removed nobh option [ 102.378668][ T6012] EXT4-fs: Ignoring removed bh option [ 102.482454][ T6012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.921140][ T6030] Bluetooth: MGMT ver 1.23 [ 102.950530][ T5826] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.507021][ T6026] syz.3.19 (6026) used greatest stack depth: 17992 bytes left [ 104.253019][ T6047] netlink: 'syz.2.28': attribute type 4 has an invalid length. [ 104.496420][ T30] audit: type=1326 audit(1751050864.065:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.0.32" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x0 [ 104.638945][ T6061] geneve2: entered promiscuous mode [ 104.663475][ T6061] geneve2: entered allmulticast mode [ 104.694597][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 104.731940][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 104.750500][ T6065] loop2: detected capacity change from 0 to 1024 [ 104.813046][ T6065] EXT4-fs: Ignoring removed nobh option [ 104.818771][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 104.848233][ T6065] EXT4-fs: Ignoring removed bh option [ 104.902360][ T30] audit: type=1326 audit(1751050864.465:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6067 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 104.974510][ T6078] netlink: 12 bytes leftover after parsing attributes in process `syz.3.39'. [ 105.001652][ T6065] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.056846][ T30] audit: type=1326 audit(1751050864.475:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6067 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 105.092912][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 105.126061][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 105.191459][ T30] audit: type=1326 audit(1751050864.475:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6067 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 105.207795][ T6081] hub 2-0:1.0: USB hub found [ 105.215149][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.0.32'. [ 105.268410][ T6081] hub 2-0:1.0: 1 port detected [ 105.342864][ T30] audit: type=1326 audit(1751050864.475:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6067 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 105.449469][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.532444][ T30] audit: type=1326 audit(1751050864.575:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6067 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 105.869632][ T6095] netlink: 4 bytes leftover after parsing attributes in process `syz.5.46'. [ 106.224928][ T6095] veth0_macvtap: left promiscuous mode [ 107.353999][ T6126] loop0: detected capacity change from 0 to 1024 [ 107.380788][ T6127] loop2: detected capacity change from 0 to 2048 [ 107.389539][ T6126] EXT4-fs: Ignoring removed nobh option [ 107.422712][ T6126] EXT4-fs: Ignoring removed bh option [ 107.493300][ T6127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.577606][ T6127] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.586790][ T6126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.727467][ T6127] EXT4-fs error (device loop2): ext4_xattr_block_find:1869: inode #15: comm syz.2.56: corrupted xattr block 128: bad e_name length [ 107.875051][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.914326][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.362523][ T30] audit: type=1326 audit(1751050867.865:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.211960][ T30] audit: type=1326 audit(1751050867.865:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.237013][ T30] audit: type=1326 audit(1751050867.875:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.265774][ T30] audit: type=1326 audit(1751050867.875:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.418060][ T30] audit: type=1326 audit(1751050867.875:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.453626][ T6168] netlink: 4 bytes leftover after parsing attributes in process `syz.5.70'. [ 109.476714][ T30] audit: type=1326 audit(1751050867.875:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.528693][ T6171] netlink: 12 bytes leftover after parsing attributes in process `syz.4.71'. [ 109.559384][ T30] audit: type=1326 audit(1751050867.875:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.649773][ T30] audit: type=1326 audit(1751050867.875:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.811079][ T30] audit: type=1326 audit(1751050867.875:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 109.919690][ T30] audit: type=1326 audit(1751050867.885:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f936638e929 code=0x7ffc0000 [ 110.000944][ T48] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 110.119217][ T6184] netlink: 'syz.0.76': attribute type 4 has an invalid length. [ 110.285159][ T48] usb 3-1: device descriptor read/64, error -71 [ 110.575306][ T48] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 110.782080][ T48] usb 3-1: device descriptor read/64, error -71 [ 110.894575][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.3.83'. [ 110.929483][ T48] usb usb3-port1: attempt power cycle [ 111.437836][ T6210] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'. [ 111.471944][ T48] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 111.538748][ T48] usb 3-1: device descriptor read/8, error -71 [ 111.690076][ T6212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.88'. [ 111.738267][ T6212] veth0_macvtap: left promiscuous mode [ 111.812236][ T48] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 111.890270][ T48] usb 3-1: device descriptor read/8, error -71 [ 112.007773][ T48] usb usb3-port1: unable to enumerate USB device [ 112.487788][ T6230] loop1: detected capacity change from 0 to 1024 [ 112.588982][ T6230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.634644][ T6230] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 112.652176][ T6230] EXT4-fs (loop1): Remounting filesystem read-only [ 112.833440][ T6237] netlink: 24 bytes leftover after parsing attributes in process `syz.5.97'. [ 112.857764][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.098805][ T6227] tty tty26: ldisc open failed (-12), clearing slot 25 [ 113.392437][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.99'. [ 113.423170][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.99'. [ 113.462023][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.99'. [ 113.521089][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.99'. [ 113.571662][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.99'. [ 113.740812][ T6250] loop3: detected capacity change from 0 to 164 [ 113.801261][ T6250] process 'syz.3.101' launched '/dev/fd/3' with NULL argv: empty string added [ 114.296079][ T6257] netlink: 4 bytes leftover after parsing attributes in process `syz.4.106'. [ 114.387247][ T6257] veth0_macvtap: left promiscuous mode [ 114.635723][ T6267] netlink: 'syz.0.109': attribute type 4 has an invalid length. [ 116.608973][ T6304] loop5: detected capacity change from 0 to 1024 [ 116.764003][ T6304] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.853164][ T6313] netlink: 'syz.0.128': attribute type 4 has an invalid length. [ 117.105225][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.126030][ T6320] openvswitch: netlink: Message has 8 unknown bytes. [ 117.630912][ T6327] loop5: detected capacity change from 0 to 8192 [ 117.822123][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 117.822178][ T30] audit: type=1326 audit(1751050877.385:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.2.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 117.925904][ T30] audit: type=1326 audit(1751050877.385:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.2.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 118.052806][ T30] audit: type=1326 audit(1751050877.395:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.2.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 118.234508][ T30] audit: type=1326 audit(1751050877.395:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.2.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 118.357638][ T30] audit: type=1326 audit(1751050877.395:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.2.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 118.471478][ T6347] capability: warning: `syz.1.142' uses 32-bit capabilities (legacy support in use) [ 118.582262][ T6351] blkio.reset_stats is deprecated [ 118.747830][ T6356] sock: sock_timestamping_bind_phc: sock not bind to device [ 118.783206][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'. [ 118.837181][ T6358] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 118.888090][ T6358] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 119.000161][ T6358] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.028487][ T6358] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 119.740141][ T6388] netlink: 8 bytes leftover after parsing attributes in process `syz.3.154'. [ 119.744460][ T6387] loop1: detected capacity change from 0 to 512 [ 119.860762][ T6387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.894533][ T6387] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 119.948942][ T6388] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.240942][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.298982][ T6388] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.477515][ T6404] netlink: 'syz.4.158': attribute type 4 has an invalid length. [ 120.498767][ T6409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.159'. [ 120.707565][ T6388] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.107648][ T6388] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.285125][ T6432] Zero length message leads to an empty skb [ 121.391001][ T6432] lo speed is unknown, defaulting to 1000 [ 121.420444][ T6432] lo speed is unknown, defaulting to 1000 [ 121.477377][ T6432] lo speed is unknown, defaulting to 1000 [ 121.693981][ T6432] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 121.778997][ T6432] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 122.088516][ T6432] lo speed is unknown, defaulting to 1000 [ 122.219577][ T6388] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.255085][ T6432] lo speed is unknown, defaulting to 1000 [ 122.277971][ T6432] lo speed is unknown, defaulting to 1000 [ 122.315609][ T6388] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.329539][ T6432] lo speed is unknown, defaulting to 1000 [ 122.346491][ T6432] lo speed is unknown, defaulting to 1000 [ 122.422435][ T6388] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.430999][ T6432] lo speed is unknown, defaulting to 1000 [ 122.494891][ T6388] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.531619][ T6473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.176'. [ 123.753847][ T6482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.178'. [ 123.845081][ T6482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.178'. [ 124.260081][ T6493] hub 2-0:1.0: USB hub found [ 124.273411][ T6495] netlink: 'syz.0.182': attribute type 27 has an invalid length. [ 124.277810][ T6493] hub 2-0:1.0: 1 port detected [ 124.411347][ T6499] Driver unsupported XDP return value 0 on prog (id 91) dev N/A, expect packet loss! [ 124.491208][ T6495] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.499881][ T6495] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.674510][ T6505] loop4: detected capacity change from 0 to 512 [ 124.762282][ T6508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.185'. [ 125.149766][ T6505] EXT4-fs: test_dummy_encryption requires encrypt feature [ 125.395801][ T6495] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.447641][ T6495] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.480556][ T6495] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.519874][ T6495] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.853940][ T6508] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.861459][ T6508] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 125.957692][ T6508] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.056131][ T6508] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 126.493793][ T6512] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.698306][ T6550] netlink: 88 bytes leftover after parsing attributes in process `syz.0.199'. [ 126.786161][ T6512] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.829837][ T6556] netlink: 8 bytes leftover after parsing attributes in process `syz.5.198'. [ 127.019036][ T6512] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.229508][ T6512] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.054097][ T6512] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.145845][ T6512] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.165905][ T6605] netlink: 12 bytes leftover after parsing attributes in process `syz.1.213'. [ 129.195450][ T6512] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.220503][ T6609] netlink: 132 bytes leftover after parsing attributes in process `syz.3.215'. [ 129.246745][ T6606] netlink: 'syz.5.214': attribute type 4 has an invalid length. [ 129.265272][ T6606] netlink: 'syz.5.214': attribute type 3 has an invalid length. [ 129.277430][ T6606] netlink: 12 bytes leftover after parsing attributes in process `syz.5.214'. [ 129.315362][ T6512] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.645956][ T6618] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.820928][ T6618] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.985531][ T6631] capability: warning: `syz.2.221' uses deprecated v2 capabilities in a way that may be insecure [ 130.023474][ T6618] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.064468][ T6632] program syz.2.221 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.721533][ T6618] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.915362][ T6638] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 130.922060][ T6638] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 130.983095][ T6638] vhci_hcd vhci_hcd.0: Device attached [ 131.021941][ T6639] vhci_hcd: connection closed [ 131.023814][ T6456] vhci_hcd: stop threads [ 131.059932][ T6456] vhci_hcd: release socket [ 131.089008][ T6456] vhci_hcd: disconnect device [ 131.111173][ T6645] loop5: detected capacity change from 0 to 164 [ 131.129074][ T6618] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.224108][ T6618] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.319488][ T6618] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.407093][ T6618] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.047005][ T6674] netlink: 'syz.2.236': attribute type 4 has an invalid length. [ 132.157028][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.164349][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.426830][ T30] audit: type=1326 audit(1751050891.995:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.492892][ T6688] netlink: '+}[@': attribute type 16 has an invalid length. [ 132.525680][ T6688] netlink: '+}[@': attribute type 17 has an invalid length. [ 132.526934][ T30] audit: type=1326 audit(1751050891.995:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.526990][ T30] audit: type=1326 audit(1751050891.995:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527041][ T30] audit: type=1326 audit(1751050891.995:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527091][ T30] audit: type=1326 audit(1751050891.995:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527142][ T30] audit: type=1326 audit(1751050891.995:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527193][ T30] audit: type=1326 audit(1751050891.995:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527242][ T30] audit: type=1326 audit(1751050891.995:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527291][ T30] audit: type=1326 audit(1751050891.995:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.527342][ T30] audit: type=1326 audit(1751050891.995:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.0.241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 132.604863][ T6686] block device autoloading is deprecated and will be removed. [ 132.821788][ C0] vkms_vblank_simulate: vblank timer overrun [ 132.861448][ T6692] program syz.2.245 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 132.923571][ T6688] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 133.156660][ T6704] sg_write: data in/out 2012/14 bytes for SCSI command 0x0-- guessing data in; [ 133.156660][ T6704] program syz.5.247 not setting count and/or reply_len properly [ 133.959352][ T6728] loop2: detected capacity change from 0 to 1024 [ 134.055553][ T6728] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.075287][ T6737] netlink: 160 bytes leftover after parsing attributes in process `syz.0.262'. [ 134.159655][ T6728] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 134.189690][ T6728] EXT4-fs (loop2): Remounting filesystem read-only [ 134.500671][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.722267][ T6760] netlink: 4 bytes leftover after parsing attributes in process `syz.1.266'. [ 137.609527][ T6790] lo speed is unknown, defaulting to 1000 [ 138.436398][ T6790] mmap: syz.5.276 (6790) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 138.489593][ T6794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.278'. [ 138.548502][ T6739] infiniband syz!: set active [ 138.689108][ T6739] infiniband syz!: added team_slave_0 [ 138.703343][ T6794] openvswitch: netlink: Flow key attr not present in new flow. [ 138.728549][ T6739] syz!: rxe_create_cq: returned err = -12 [ 138.736167][ T6795] loop1: detected capacity change from 0 to 512 [ 138.780026][ T6739] infiniband syz!: Couldn't create ib_mad CQ [ 138.789893][ T6795] journal_path: Non-blockdev passed as './bus' [ 138.821770][ T6739] infiniband syz!: Couldn't open port 1 [ 138.841141][ T6795] EXT4-fs: error: could not find journal device path [ 139.066550][ T6739] RDS/IB: syz!: added [ 139.102718][ T6739] smc: adding ib device syz! with port count 1 [ 139.142501][ T6739] smc: ib device syz! port 1 has pnetid [ 140.402802][ T6808] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 140.412324][ T6808] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 140.421983][ T6808] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 140.810265][ T6819] loop2: detected capacity change from 0 to 1024 [ 141.568029][ T6819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.833684][ T6800] loop4: detected capacity change from 0 to 2048 [ 141.841273][ T6800] EXT4-fs: Ignoring removed mblk_io_submit option [ 141.873596][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.039384][ T6800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.457403][ T6800] Process accounting resumed [ 142.612934][ T6841] loop5: detected capacity change from 0 to 1024 [ 142.670456][ T6841] EXT4-fs: Ignoring removed nobh option [ 142.721968][ T6841] EXT4-fs: Ignoring removed bh option [ 142.964873][ T6841] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.016939][ T6457] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:12: bg 0: block 234: padding at end of block bitmap is not set [ 143.067923][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 143.067944][ T30] audit: type=1326 audit(1751050902.635:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 143.108558][ T6855] netlink: 4 bytes leftover after parsing attributes in process `syz.0.298'. [ 143.115741][ T30] audit: type=1326 audit(1751050902.675:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 143.164077][ T6457] EXT4-fs (loop4): Remounting filesystem read-only [ 143.200216][ T5826] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.337840][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.518134][ T6864] program syz.4.299 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 145.079170][ T6887] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.179038][ T6895] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96 [ 145.197506][ T6894] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 145.373873][ T6887] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.536021][ T6887] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.627891][ T6903] netlink: 88 bytes leftover after parsing attributes in process `syz.4.317'. [ 145.864118][ T30] audit: type=1326 audit(1751050905.425:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 145.927057][ T30] audit: type=1326 audit(1751050905.425:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 145.929990][ T6887] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.985456][ T30] audit: type=1326 audit(1751050905.445:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 146.034903][ T30] audit: type=1326 audit(1751050905.465:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 146.052307][ T6919] netlink: 4 bytes leftover after parsing attributes in process `syz.4.323'. [ 146.136172][ T30] audit: type=1326 audit(1751050905.495:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f19897c11e5 code=0x7ffc0000 [ 146.204142][ T30] audit: type=1326 audit(1751050905.495:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 146.224305][ T6921] sctp: [Deprecated]: syz.2.324 (pid 6921) Use of struct sctp_assoc_value in delayed_ack socket option. [ 146.224305][ T6921] Use struct sctp_sack_info instead [ 146.237023][ T30] audit: type=1326 audit(1751050905.495:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 146.272897][ T30] audit: type=1326 audit(1751050905.495:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 146.288803][ T6887] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.400838][ T6887] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.503484][ T6887] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.588388][ T6927] netlink: 12 bytes leftover after parsing attributes in process `syz.4.327'. [ 146.607031][ T6887] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.104275][ T6942] loop5: detected capacity change from 0 to 1024 [ 147.119215][ T6942] EXT4-fs: Ignoring removed i_version option [ 147.157682][ T6942] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 147.242432][ T6942] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.332: Invalid block bitmap block 0 in block_group 0 [ 147.279467][ T6942] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.332: Failed to acquire dquot type 0 [ 147.301139][ T6942] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.332: Freeing blocks not in datazone - block = 0, count = 4096 [ 147.319665][ T6942] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.332: Invalid inode bitmap blk 0 in block_group 0 [ 147.334216][ T6942] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 147.344427][ T6942] EXT4-fs (loop5): 1 orphan inode deleted [ 147.381999][ T6942] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.927291][ T3486] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0 [ 148.341374][ T6947] loop1: detected capacity change from 0 to 1024 [ 148.435419][ T6950] netlink: 88 bytes leftover after parsing attributes in process `syz.4.335'. [ 148.524250][ T6947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.587328][ T6947] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 148.611761][ T6947] EXT4-fs (loop1): Remounting filesystem read-only [ 148.944095][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.389690][ T6965] netlink: 12 bytes leftover after parsing attributes in process `syz.4.341'. [ 149.463396][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.743199][ T6971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.339'. [ 149.985458][ T6970] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.175348][ T6983] loop2: detected capacity change from 0 to 1024 [ 150.253831][ T6970] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.274197][ T6983] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 150.327997][ T6983] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 150.537861][ T6970] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.592958][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 150.592979][ T30] audit: type=1326 audit(1751050910.155:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 150.688739][ T30] audit: type=1326 audit(1751050910.155:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 150.783228][ T30] audit: type=1326 audit(1751050910.155:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 150.869237][ T6970] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.898357][ T30] audit: type=1326 audit(1751050910.155:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 150.980949][ T5839] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 150.999739][ T5839] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 151.009059][ T5839] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 151.028211][ T5839] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.042655][ T5839] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 151.106955][ T6970] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.161629][ T6970] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.203878][ T6970] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.228488][ T6970] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.348826][ T7011] lo: entered promiscuous mode [ 151.358607][ T7011] lo: entered allmulticast mode [ 151.383572][ T6991] loop1: detected capacity change from 0 to 2048 [ 151.390729][ T7012] netlink: 'syz.4.352': attribute type 11 has an invalid length. [ 151.404480][ T6991] EXT4-fs: Ignoring removed mblk_io_submit option [ 151.439732][ T7012] netlink: 448 bytes leftover after parsing attributes in process `syz.4.352'. [ 151.491539][ T6991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.594237][ T6987] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 151.631031][ T6991] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 151.779636][ T7021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.355'. [ 152.088524][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.329939][ T7029] vlan2: entered allmulticast mode [ 152.346410][ T7029] dummy0: entered allmulticast mode [ 152.376985][ T7033] netlink: 4 bytes leftover after parsing attributes in process `syz.4.359'. [ 152.605089][ T7036] loop4: detected capacity change from 0 to 128 [ 152.639339][ T30] audit: type=1800 audit(1751050912.205:90): pid=7036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.360" name="file2" dev="loop4" ino=1048606 res=0 errno=0 [ 152.668245][ T7036] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 152.680463][ T7036] FAT-fs (loop4): Filesystem has been set read-only [ 152.690602][ T7036] syz.4.360: attempt to access beyond end of device [ 152.690602][ T7036] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 152.711637][ T7036] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 152.720420][ T7036] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 152.734361][ T7036] syz.4.360: attempt to access beyond end of device [ 152.734361][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.751075][ T7036] syz.4.360: attempt to access beyond end of device [ 152.751075][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.768340][ T7036] syz.4.360: attempt to access beyond end of device [ 152.768340][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.788292][ T7036] syz.4.360: attempt to access beyond end of device [ 152.788292][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.805485][ T7036] syz.4.360: attempt to access beyond end of device [ 152.805485][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.820480][ T7036] syz.4.360: attempt to access beyond end of device [ 152.820480][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.838647][ T7036] syz.4.360: attempt to access beyond end of device [ 152.838647][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.855757][ T7036] syz.4.360: attempt to access beyond end of device [ 152.855757][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.869994][ T7036] syz.4.360: attempt to access beyond end of device [ 152.869994][ T7036] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 152.903571][ T6983] lo speed is unknown, defaulting to 1000 [ 152.930342][ T7008] siw: device registration error -23 [ 152.957223][ T7004] lo speed is unknown, defaulting to 1000 [ 153.112835][ T5839] Bluetooth: hci6: command tx timeout [ 153.703540][ T7049] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 153.957075][ T7053] netlink: 12 bytes leftover after parsing attributes in process `syz.5.367'. [ 154.294567][ T7064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.371'. [ 154.787254][ T7079] loop1: detected capacity change from 0 to 128 [ 154.988285][ T7060] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 155.029510][ T7060] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 155.055898][ T6587] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.116950][ T7060] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 155.136846][ T7060] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 155.195215][ T5839] Bluetooth: hci6: command tx timeout [ 155.244859][ T7060] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 155.285423][ T6587] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.302069][ T7060] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 155.399591][ T7060] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 155.439204][ T7060] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 155.474158][ T6587] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.533389][ T7060] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 155.548333][ T7004] chnl_net:caif_netlink_parms(): no params data found [ 155.582784][ T7060] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 155.628391][ T6587] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.896922][ T7108] loop5: detected capacity change from 0 to 1024 [ 156.904181][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 157.030977][ T7108] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869) [ 157.135839][ T7108] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 157.197102][ T7108] System zones: 0-1, 3-36 [ 157.233831][ T7108] EXT4-fs (loop5): orphan cleanup on readonly fs [ 157.272766][ T5839] Bluetooth: hci6: command tx timeout [ 157.370416][ T7108] EXT4-fs (loop5): 1 orphan inode deleted [ 157.710372][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.753893][ T7004] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.781561][ T7004] bridge_slave_0: entered allmulticast mode [ 158.047649][ T7004] bridge_slave_0: entered promiscuous mode [ 158.256136][ T7108] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 158.687875][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.830875][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.858605][ T7004] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.916558][ T7004] bridge_slave_1: entered allmulticast mode [ 158.969257][ T7004] bridge_slave_1: entered promiscuous mode [ 159.362793][ T5839] Bluetooth: hci6: command tx timeout [ 159.408201][ T7143] netlink: 'syz.2.391': attribute type 58 has an invalid length. [ 159.416050][ T7143] netlink: 20 bytes leftover after parsing attributes in process `syz.2.391'. [ 160.750626][ T7004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.806606][ T7004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.922000][ T30] audit: type=1326 audit(1751050920.475:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.5.399" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x0 [ 161.381211][ T6587] bridge_slave_1: left allmulticast mode [ 161.402319][ T6587] bridge_slave_1: left promiscuous mode [ 161.420493][ T6587] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.779509][ T7190] loop5: detected capacity change from 0 to 512 [ 161.808249][ T7190] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 161.908142][ T7190] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 161.953848][ T7190] EXT4-fs (loop5): 1 truncate cleaned up [ 161.974119][ T7190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.376016][ T6587] bridge_slave_0: left allmulticast mode [ 162.414021][ T6587] bridge_slave_0: left promiscuous mode [ 162.421149][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.457402][ T6587] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.679092][ T7198] netlink: 224 bytes leftover after parsing attributes in process `syz.2.408'. [ 162.715509][ T7198] ksmbd: Unknown IPC event: 4, ignore. [ 162.750670][ T7198] netlink: 32 bytes leftover after parsing attributes in process `syz.2.408'. [ 162.779985][ T7209] 9pnet_fd: Insufficient options for proto=fd [ 163.004473][ T7217] netlink: 160 bytes leftover after parsing attributes in process `syz.0.412'. [ 163.460433][ T6587] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 163.474750][ T6587] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.486524][ T6587] bond0 (unregistering): Released all slaves [ 163.521654][ T7004] team0: Port device team_slave_0 added [ 163.609255][ T7004] team0: Port device team_slave_1 added [ 163.908422][ T7214] lo speed is unknown, defaulting to 1000 [ 164.073924][ T7231] loop2: detected capacity change from 0 to 128 [ 164.100044][ T7004] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 164.121218][ T7004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.198175][ T7233] netlink: 4 bytes leftover after parsing attributes in process `syz.1.417'. [ 164.238889][ T30] audit: type=1326 audit(1751050923.785:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.0.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 164.269306][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.274420][ T7004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.277787][ T7231] FAT-fs (loop2): Filesystem has been set read-only [ 164.309221][ T7231] bio_check_eod: 1068 callbacks suppressed [ 164.309240][ T7231] syz.2.416: attempt to access beyond end of device [ 164.309240][ T7231] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 164.382030][ T30] audit: type=1326 audit(1751050923.785:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.0.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 164.423098][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.430981][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.441074][ T30] audit: type=1326 audit(1751050923.835:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.0.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 164.487458][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.511984][ T7231] syz.2.416: attempt to access beyond end of device [ 164.511984][ T7231] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 164.553126][ T30] audit: type=1326 audit(1751050923.835:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.0.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 164.614567][ T7238] syz.2.416: attempt to access beyond end of device [ 164.614567][ T7238] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 164.636455][ T30] audit: type=1326 audit(1751050923.835:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.0.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a838e929 code=0x7ffc0000 [ 164.671471][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.698780][ T7238] Buffer I/O error on dev loop2, logical block 2065, async page read [ 164.705154][ T7231] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 164.732074][ T30] audit: type=1800 audit(1751050923.835:97): pid=7231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.416" name="file2" dev="loop2" ino=1048607 res=0 errno=0 [ 164.753819][ T7238] syz.2.416: attempt to access beyond end of device [ 164.753819][ T7238] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 164.831930][ T7238] Buffer I/O error on dev loop2, logical block 2066, async page read [ 164.860544][ T7238] syz.2.416: attempt to access beyond end of device [ 164.860544][ T7238] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128 [ 164.931403][ T7238] Buffer I/O error on dev loop2, logical block 2067, async page read [ 165.065031][ T7238] syz.2.416: attempt to access beyond end of device [ 165.065031][ T7238] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128 [ 165.164144][ T7238] Buffer I/O error on dev loop2, logical block 2068, async page read [ 165.227809][ T7238] syz.2.416: attempt to access beyond end of device [ 165.227809][ T7238] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128 [ 165.256019][ T7004] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 165.276842][ T7004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.306293][ T7238] Buffer I/O error on dev loop2, logical block 2069, async page read [ 165.338126][ T7238] syz.2.416: attempt to access beyond end of device [ 165.338126][ T7238] loop2: rw=0, sector=2070, nr_sectors = 1 limit=128 [ 165.398229][ T7238] Buffer I/O error on dev loop2, logical block 2070, async page read [ 165.434588][ T7004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 165.462131][ T7238] syz.2.416: attempt to access beyond end of device [ 165.462131][ T7238] loop2: rw=0, sector=2071, nr_sectors = 1 limit=128 [ 165.540508][ T7238] Buffer I/O error on dev loop2, logical block 2071, async page read [ 165.589589][ T7238] syz.2.416: attempt to access beyond end of device [ 165.589589][ T7238] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 165.686618][ T7238] Buffer I/O error on dev loop2, logical block 2072, async page read [ 165.864904][ T7004] hsr_slave_0: entered promiscuous mode [ 165.900192][ T7004] hsr_slave_1: entered promiscuous mode [ 165.939473][ T7004] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.964734][ T7004] Cannot create hsr debugfs directory [ 166.288607][ T7263] netlink: 'syz.1.425': attribute type 11 has an invalid length. [ 166.295614][ T7257] smc: net device bond0 applied user defined pnetid SYZ2 [ 166.298774][ T7263] netlink: 448 bytes leftover after parsing attributes in process `syz.1.425'. [ 166.307567][ T7257] smc: net device bond0 erased user defined pnetid SYZ2 [ 166.595820][ T7268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.426'. [ 166.640605][ T7268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.426'. [ 167.630496][ T7295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.433'. [ 167.810110][ T7004] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 167.914131][ T7004] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 167.990653][ T7004] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 168.366275][ T7004] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 168.515170][ T30] audit: type=1804 audit(1751050928.085:98): pid=7303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.438" name="/newroot/84/file0" dev="tmpfs" ino=448 res=1 errno=0 [ 168.539764][ T7311] netlink: 'syz.5.437': attribute type 11 has an invalid length. [ 168.548760][ T7303] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1 [ 168.562010][ T7311] netlink: 448 bytes leftover after parsing attributes in process `syz.5.437'. [ 168.571753][ T7303] ref_ctr increment failed for inode: 0x1c0 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88807bbf0000 [ 168.731821][ T7004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.769847][ T7004] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.873622][ T6048] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.880800][ T6048] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.914217][ T7320] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 168.949455][ T6048] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.956777][ T6048] bridge0: port 2(bridge_slave_1) entered forwarding state [ 169.119889][ T7326] smc: net device bond0 applied user defined pnetid SYZ2 [ 169.190857][ T7324] netlink: 'syz.0.443': attribute type 27 has an invalid length. [ 169.199090][ T7324] lo: left promiscuous mode [ 169.222382][ T7324] lo: left allmulticast mode [ 169.810759][ T30] audit: type=1326 audit(1751050929.375:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 169.868292][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.450'. [ 169.961976][ T30] audit: type=1326 audit(1751050929.375:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 170.110470][ T30] audit: type=1326 audit(1751050929.405:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 170.237284][ T30] audit: type=1326 audit(1751050929.405:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 170.379983][ T30] audit: type=1326 audit(1751050929.475:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 170.691552][ T7004] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 170.939092][ T30] audit: type=1326 audit(1751050929.475:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 170.971950][ T30] audit: type=1326 audit(1751050929.475:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 171.047684][ T30] audit: type=1326 audit(1751050929.515:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 171.164053][ T30] audit: type=1326 audit(1751050929.515:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7336 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f198978e929 code=0x7ffc0000 [ 171.530199][ T7376] loop2: detected capacity change from 0 to 512 [ 171.553920][ T7376] EXT4-fs: Ignoring removed nobh option [ 171.611354][ T7376] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 171.634379][ T7376] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it [ 171.721215][ T7376] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.455: Corrupt directory, running e2fsck is recommended [ 171.802275][ T7376] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 171.852120][ T7376] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.455: corrupted in-inode xattr: invalid ea_ino [ 171.863227][ T7004] veth0_vlan: entered promiscuous mode [ 171.904117][ T7376] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.455: couldn't read orphan inode 15 (err -117) [ 171.919072][ T7004] veth1_vlan: entered promiscuous mode [ 171.974306][ T7376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.027843][ T7376] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.298367][ T7376] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it [ 172.711095][ T7376] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.455: Corrupt directory, running e2fsck is recommended [ 173.059695][ T7397] netlink: 'syz.1.460': attribute type 1 has an invalid length. [ 173.079174][ T7394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.455'. [ 173.123311][ T7004] veth0_macvtap: entered promiscuous mode [ 173.144721][ T7004] veth1_macvtap: entered promiscuous mode [ 173.419452][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.567203][ T7004] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.581735][ T7004] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.626449][ T7004] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.462054][ T7004] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.470817][ T7004] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.503607][ T7408] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 174.576555][ T7004] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.645355][ T7413] netlink: 4 bytes leftover after parsing attributes in process `syz.2.463'. [ 176.607535][ T7423] syz.5.466: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 176.625997][ T7423] CPU: 1 UID: 0 PID: 7423 Comm: syz.5.466 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(full) [ 176.626030][ T7423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 176.626046][ T7423] Call Trace: [ 176.626055][ T7423] [ 176.626065][ T7423] dump_stack_lvl+0x189/0x250 [ 176.626124][ T7423] ? __pfx_dump_stack_lvl+0x10/0x10 [ 176.626166][ T7423] ? __pfx__printk+0x10/0x10 [ 176.626195][ T7423] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 176.626224][ T7423] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 176.626254][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.626284][ T7423] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 176.626315][ T7423] warn_alloc+0x214/0x310 [ 176.626354][ T7423] ? __pfx_warn_alloc+0x10/0x10 [ 176.626392][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.626424][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.626454][ T7423] ? __get_vm_area_node+0x28f/0x300 [ 176.626482][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.626524][ T7423] __vmalloc_node_range_noprof+0x67e/0x12f0 [ 176.626588][ T7423] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 176.626616][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.626652][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.626682][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.626710][ T7423] ? __get_vm_area_node+0x28f/0x300 [ 176.626738][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.626776][ T7423] __vmalloc_node_range_noprof+0x56a/0x12f0 [ 176.626806][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.626840][ T7423] ? do_syscall_64+0xfa/0x3b0 [ 176.626897][ T7423] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 176.626956][ T7423] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 176.626991][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.627020][ T7423] ? rcu_is_watching+0x15/0xb0 [ 176.627063][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.627098][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.627133][ T7423] __kvmalloc_node_noprof+0x3b8/0x5f0 [ 176.627160][ T7423] ? hash_netiface_create+0x358/0xfe0 [ 176.627195][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.627225][ T7423] ? hash_netiface_create+0x2fe/0xfe0 [ 176.627268][ T7423] hash_netiface_create+0x358/0xfe0 [ 176.627314][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.627342][ T7423] ? __nla_parse+0x40/0x60 [ 176.627379][ T7423] ? __pfx_hash_netiface_create+0x10/0x10 [ 176.627419][ T7423] ip_set_create+0xa97/0x1940 [ 176.627458][ T7423] ? ip_set_create+0x4a2/0x1940 [ 176.627511][ T7423] ? __pfx_ip_set_create+0x10/0x10 [ 176.627584][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.627621][ T7423] nfnetlink_rcv_msg+0xb4d/0x1130 [ 176.627662][ T7423] ? nfnetlink_rcv_msg+0x20d/0x1130 [ 176.627722][ T7423] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 176.627758][ T7423] ? kasan_save_free_info+0x46/0x50 [ 176.627851][ T7423] netlink_rcv_skb+0x208/0x470 [ 176.627881][ T7423] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 176.627928][ T7423] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 176.627970][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628000][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628029][ T7423] ? security_capable+0x7e/0x2e0 [ 176.628064][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628099][ T7423] nfnetlink_rcv+0x26a/0x2520 [ 176.628140][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628170][ T7423] ? __dev_queue_xmit+0x1cd7/0x3a70 [ 176.628208][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628241][ T7423] ? kmem_cache_alloc_noprof+0x1c1/0x3c0 [ 176.628286][ T7423] ? __dev_queue_xmit+0x27e/0x3a70 [ 176.628321][ T7423] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.628359][ T7423] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 176.628397][ T7423] ? __pfx___dev_queue_xmit+0x10/0x10 [ 176.628448][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628476][ T7423] ? ref_tracker_free+0x63a/0x7d0 [ 176.628508][ T7423] ? __copy_skb_header+0xa7/0x550 [ 176.628543][ T7423] ? __pfx_ref_tracker_free+0x10/0x10 [ 176.628576][ T7423] ? __skb_clone+0x63/0x7a0 [ 176.628612][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628641][ T7423] ? __skb_clone+0x483/0x7a0 [ 176.628681][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628710][ T7423] ? skb_clone+0x246/0x3a0 [ 176.628746][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628775][ T7423] ? __netlink_deliver_tap+0x807/0x850 [ 176.628804][ T7423] ? netlink_deliver_tap+0x2e/0x1b0 [ 176.628835][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.628868][ T7423] ? netlink_deliver_tap+0x2e/0x1b0 [ 176.628895][ T7423] ? netlink_deliver_tap+0x2e/0x1b0 [ 176.628938][ T7423] netlink_unicast+0x75b/0x8d0 [ 176.628976][ T7423] netlink_sendmsg+0x805/0xb30 [ 176.629017][ T7423] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.629050][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629080][ T7423] ? aa_sock_msg_perm+0x94/0x160 [ 176.629114][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629143][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629173][ T7423] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.629203][ T7423] __sock_sendmsg+0x21c/0x270 [ 176.629246][ T7423] ____sys_sendmsg+0x505/0x830 [ 176.629284][ T7423] ? __pfx_____sys_sendmsg+0x10/0x10 [ 176.629326][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629355][ T7423] ? import_iovec+0x74/0xa0 [ 176.629383][ T7423] ___sys_sendmsg+0x21f/0x2a0 [ 176.629417][ T7423] ? __pfx____sys_sendmsg+0x10/0x10 [ 176.629457][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629521][ T7423] ? __fget_files+0x2a/0x420 [ 176.629548][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629577][ T7423] ? __fget_files+0x3a0/0x420 [ 176.629619][ T7423] __x64_sys_sendmsg+0x19b/0x260 [ 176.629654][ T7423] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 176.629697][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629726][ T7423] ? rcu_is_watching+0x15/0xb0 [ 176.629772][ T7423] ? do_syscall_64+0xbe/0x3b0 [ 176.629817][ T7423] do_syscall_64+0xfa/0x3b0 [ 176.629855][ T7423] ? lockdep_hardirqs_on+0x9c/0x150 [ 176.629891][ T7423] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.629922][ T7423] ? srso_alias_return_thunk+0x5/0xfbef5 [ 176.629951][ T7423] ? exc_page_fault+0x9f/0xf0 [ 176.629990][ T7423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.630014][ T7423] RIP: 0033:0x7f2671d8e929 [ 176.630035][ T7423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.630060][ T7423] RSP: 002b:00007f2672bdb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 176.630085][ T7423] RAX: ffffffffffffffda RBX: 00007f2671fb5fa0 RCX: 00007f2671d8e929 [ 176.630104][ T7423] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000003 [ 176.630120][ T7423] RBP: 00007f2671e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 176.630136][ T7423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 176.630152][ T7423] R13: 0000000000000000 R14: 00007f2671fb5fa0 R15: 00007ffe186682b8 [ 176.630191][ T7423] [ 177.298254][ T7423] Mem-Info: [ 177.301396][ T7423] active_anon:6937 inactive_anon:0 isolated_anon:0 [ 177.301396][ T7423] active_file:11101 inactive_file:39877 isolated_file:0 [ 177.301396][ T7423] unevictable:768 dirty:166 writeback:0 [ 177.301396][ T7423] slab_reclaimable:10483 slab_unreclaimable:103548 [ 177.301396][ T7423] mapped:39993 shmem:1620 pagetables:1345 [ 177.301396][ T7423] sec_pagetables:0 bounce:0 [ 177.301396][ T7423] kernel_misc_reclaimable:0 [ 177.301396][ T7423] free:1262485 free_pcp:11998 free_cma:0 [ 177.348414][ T7423] Node 0 active_anon:27672kB inactive_anon:0kB active_file:44404kB inactive_file:159308kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:160048kB dirty:664kB writeback:0kB shmem:4944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12972kB pagetables:5260kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 177.381905][ T7423] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 177.414003][ T7423] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 177.442895][ T7423] lowmem_reserve[]: 0 2500 2502 2502 2502 [ 177.448806][ T7423] Node 0 DMA32 free:1133096kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27628kB inactive_anon:0kB active_file:44404kB inactive_file:157476kB unevictable:1536kB writepending:664kB present:3129332kB managed:2560988kB mlocked:0kB bounce:0kB free_pcp:28036kB local_pcp:13284kB free_cma:0kB [ 177.481169][ T7423] lowmem_reserve[]: 0 0 1 1 1 [ 177.485976][ T7423] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 177.515503][ T7423] lowmem_reserve[]: 0 0 0 0 0 [ 177.522331][ T7423] Node 1 Normal free:3901468kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19588kB local_pcp:7300kB free_cma:0kB [ 177.553568][ T7423] lowmem_reserve[]: 0 0 0 0 0 [ 177.558366][ T7423] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 177.571210][ T7423] Node 0 DMA32: 1147*4kB (ME) 321*8kB (UME) 478*16kB (ME) 180*32kB (ME) 284*64kB (ME) 77*128kB (ME) 40*256kB (M) 20*512kB (ME) 5*1024kB (M) 7*2048kB (M) 255*4096kB (M) = 1133012kB [ 177.589787][ T7423] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 177.602266][ T7423] Node 1 Normal: 207*4kB (U) 56*8kB (UME) 44*16kB (UME) 83*32kB (UME) 28*64kB (UME) 6*128kB (UME) 8*256kB (UME) 4*512kB (UME) 1*1024kB (M) 1*2048kB (E) 949*4096kB (M) = 3901468kB [ 177.620317][ T7423] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.629965][ T7423] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 177.639310][ T7423] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.648900][ T7423] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 177.658275][ T7423] 52593 total pagecache pages [ 177.662989][ T7423] 0 pages in swap cache [ 177.667148][ T7423] Free swap = 124996kB [ 177.671305][ T7423] Total swap = 124996kB [ 177.675587][ T7423] 2097051 pages RAM [ 177.679417][ T7423] 0 pages HighMem/MovableOnly [ 177.684168][ T7423] 424698 pages reserved [ 177.688335][ T7423] 0 pages cma reserved [ 178.698564][ T7491] netlink: 160 bytes leftover after parsing attributes in process `syz.0.486'. [ 178.979541][ T30] kauditd_printk_skb: 60 callbacks suppressed [ 178.979564][ T30] audit: type=1326 audit(1751050938.545:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.088067][ T30] audit: type=1326 audit(1751050938.545:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.171420][ T30] audit: type=1326 audit(1751050938.545:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.245756][ T30] audit: type=1326 audit(1751050938.545:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.322812][ T30] audit: type=1326 audit(1751050938.545:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.385497][ T30] audit: type=1326 audit(1751050938.545:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.461989][ T30] audit: type=1326 audit(1751050938.545:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.516424][ T30] audit: type=1326 audit(1751050938.545:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.572758][ T30] audit: type=1326 audit(1751050938.565:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 179.635728][ T30] audit: type=1326 audit(1751050938.565:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 180.570298][ T7532] netlink: 'syz.1.495': attribute type 11 has an invalid length. [ 180.593831][ T7532] netlink: 448 bytes leftover after parsing attributes in process `syz.1.495'. [ 181.185894][ T7552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.500'. [ 181.195179][ T7552] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 181.217233][ T7552] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 181.248291][ T7552] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 181.259279][ T7552] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 182.989462][ T7600] netlink: 160 bytes leftover after parsing attributes in process `syz.5.508'. [ 183.549376][ T7620] loop5: detected capacity change from 0 to 512 [ 183.579693][ T7620] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 183.808423][ T7620] EXT4-fs (loop5): 1 truncate cleaned up [ 183.819552][ T7620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.188477][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.328340][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 184.328360][ T30] audit: type=1326 audit(1751050943.895:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.421988][ T30] audit: type=1326 audit(1751050943.895:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.483145][ T30] audit: type=1326 audit(1751050943.935:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.540298][ T30] audit: type=1326 audit(1751050943.975:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.590709][ T30] audit: type=1326 audit(1751050943.975:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.663140][ T30] audit: type=1326 audit(1751050943.975:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.686793][ T30] audit: type=1326 audit(1751050943.975:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.739931][ T30] audit: type=1326 audit(1751050943.975:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.740004][ T30] audit: type=1326 audit(1751050943.975:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 184.740061][ T30] audit: type=1326 audit(1751050943.975:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.5.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2671d8e929 code=0x7ffc0000 [ 185.088488][ T7649] netlink: 40 bytes leftover after parsing attributes in process `syz.0.519'. [ 185.210875][ T7658] netlink: 4 bytes leftover after parsing attributes in process `syz.5.520'. [ 185.219945][ T7658] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.231562][ T7658] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.246511][ T7658] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.260898][ T7658] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 186.195662][ T7690] netlink: 'syz.1.525': attribute type 1 has an invalid length. [ 186.626354][ T7707] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 188.309753][ T7759] xt_bpf: check failed: parse error [ 189.267895][ T7783] lo speed is unknown, defaulting to 1000 [ 190.950189][ T7799] netlink: 14 bytes leftover after parsing attributes in process `syz.1.550'. [ 190.966369][ T7799] hsr_slave_0: left promiscuous mode [ 190.979210][ T7799] hsr_slave_1: left promiscuous mode [ 191.026582][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 191.026618][ T30] audit: type=1326 audit(1751051463.600:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.059703][ T30] audit: type=1326 audit(1751051463.630:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.062623][ T7800] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 191.062623][ T7800] program +}[@ not setting count and/or reply_len properly [ 191.097806][ T30] audit: type=1326 audit(1751051463.630:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.097877][ T30] audit: type=1326 audit(1751051463.630:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.153670][ T30] audit: type=1326 audit(1751051463.630:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.182688][ T30] audit: type=1326 audit(1751051463.630:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.205530][ T30] audit: type=1326 audit(1751051463.630:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.267248][ T30] audit: type=1326 audit(1751051463.630:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.295155][ T30] audit: type=1326 audit(1751051463.630:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 191.330464][ T30] audit: type=1326 audit(1751051463.630:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7798 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ebc98e929 code=0x7ffc0000 [ 193.504929][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.1.556'. [ 193.597391][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.847984][ T7837] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'. [ 196.276287][ T7875] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 196.290663][ T7875] cgroup: name respecified [ 197.448172][ T7884] netlink: 12 bytes leftover after parsing attributes in process `syz.1.571'. [ 197.504113][ T7886] netlink: 'syz.1.572': attribute type 11 has an invalid length. [ 197.512165][ T7886] netlink: 448 bytes leftover after parsing attributes in process `syz.1.572'. [ 255.037709][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 277.592027][ T5838] Bluetooth: hci6: command 0x0406 tx timeout [ 309.433190][ T31] INFO: task kworker/1:7:5993 blocked for more than 143 seconds. [ 309.440982][ T31] Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 [ 309.451876][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 309.460569][ T31] task:kworker/1:7 state:D stack:24872 pid:5993 tgid:5993 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 309.472738][ T31] Workqueue: events rfkill_global_led_trigger_worker [ 309.479552][ T31] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 309.482909][ T31] [ 309.486004][ T31] __schedule+0x16f5/0x4d00 [ 309.490560][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 309.496432][ T31] ? schedule+0x165/0x360 [ 309.500813][ T31] ? __pfx___schedule+0x10/0x10 [ 309.505771][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.511434][ T31] ? schedule+0x91/0x360 [ 309.531889][ T31] schedule+0x165/0x360 [ 309.536109][ T31] schedule_preempt_disabled+0x13/0x30 [ 309.541605][ T31] __mutex_lock+0x724/0xe80 [ 309.578081][ T31] ? look_up_lock_class+0x74/0x170 [ 309.598479][ T31] ? __mutex_lock+0x51b/0xe80 [ 309.613539][ T31] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 309.621041][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 309.626574][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.633440][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.639188][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 309.644980][ T31] rfkill_global_led_trigger_worker+0x27/0xd0 [ 309.651094][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 309.656928][ T31] process_scheduled_works+0xae1/0x17b0 [ 309.662603][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 309.668626][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.674487][ T31] worker_thread+0x8a0/0xda0 [ 309.679111][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 309.685548][ T31] ? __kthread_parkme+0x7b/0x200 [ 309.690597][ T31] kthread+0x711/0x8a0 [ 309.694871][ T31] ? __pfx_worker_thread+0x10/0x10 [ 309.700033][ T31] ? __pfx_kthread+0x10/0x10 [ 309.704695][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.710353][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 309.715696][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.721360][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 309.726683][ T31] ? __pfx_kthread+0x10/0x10 [ 309.731307][ T31] ret_from_fork+0x3fc/0x770 [ 309.736029][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 309.741174][ T31] ? __switch_to_asm+0x39/0x70 [ 309.746212][ T31] ? __switch_to_asm+0x33/0x70 [ 309.751093][ T31] ? __pfx_kthread+0x10/0x10 [ 309.756145][ T31] ret_from_fork_asm+0x1a/0x30 [ 309.760967][ T31] [ 309.764048][ T31] INFO: task kworker/u8:13:6587 blocked for more than 143 seconds. [ 309.772516][ T31] Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 [ 309.780150][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 309.788857][ T31] task:kworker/u8:13 state:D stack:24216 pid:6587 tgid:6587 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 309.800920][ T31] Workqueue: netns cleanup_net [ 309.805750][ T31] Call Trace: [ 309.809471][ T31] [ 309.812479][ T31] __schedule+0x16f5/0x4d00 [ 309.817123][ T31] ? __lock_acquire+0xab9/0xd20 [ 309.822047][ T31] ? schedule+0x165/0x360 [ 309.826421][ T31] ? __pfx___schedule+0x10/0x10 [ 309.831283][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.837027][ T31] ? schedule+0x91/0x360 [ 309.841321][ T31] schedule+0x165/0x360 [ 309.845555][ T31] schedule_preempt_disabled+0x13/0x30 [ 309.851059][ T31] __mutex_lock+0x724/0xe80 [ 309.855843][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.861593][ T31] ? kobject_put+0x43f/0x480 [ 309.866353][ T31] ? __mutex_lock+0x51b/0xe80 [ 309.871070][ T31] ? rfkill_unregister+0xc8/0x220 [ 309.876142][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 309.881209][ T31] ? __pfx_device_del+0x10/0x10 [ 309.886150][ T31] rfkill_unregister+0xc8/0x220 [ 309.891031][ T31] wiphy_unregister+0x238/0xae0 [ 309.895947][ T31] ? __pfx_skb_queue_purge_reason+0x10/0x10 [ 309.901939][ T31] ? __pfx_wiphy_unregister+0x10/0x10 [ 309.907320][ T31] ? kasan_quarantine_put+0xdd/0x220 [ 309.912930][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.918585][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 309.923869][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.929524][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.935198][ T31] ? kfree+0x18e/0x440 [ 309.939295][ T31] ieee80211_unregister_hw+0x1e2/0x2c0 [ 309.944806][ T31] mac80211_hwsim_del_radio+0x275/0x460 [ 309.950378][ T31] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 309.956611][ T31] hwsim_exit_net+0x584/0x640 [ 309.961351][ T31] ? __pfx_hwsim_exit_net+0x10/0x10 [ 309.966607][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.972629][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 309.978298][ T31] ? __ip_vs_dev_cleanup_batch+0x238/0x260 [ 309.984207][ T31] ops_undo_list+0x49a/0x990 [ 309.988856][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 309.994078][ T31] cleanup_net+0x4c5/0x800 [ 309.998513][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 310.003657][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.009314][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 310.014561][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 310.020305][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 310.026109][ T31] process_scheduled_works+0xae1/0x17b0 [ 310.031715][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 310.037782][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.043483][ T31] worker_thread+0x8a0/0xda0 [ 310.048092][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 310.054485][ T31] ? __kthread_parkme+0x7b/0x200 [ 310.059444][ T31] kthread+0x711/0x8a0 [ 310.063565][ T31] ? __pfx_worker_thread+0x10/0x10 [ 310.068699][ T31] ? __pfx_kthread+0x10/0x10 [ 310.073374][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.079028][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 310.084544][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.090202][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 310.095867][ T31] ? __pfx_kthread+0x10/0x10 [ 310.100483][ T31] ret_from_fork+0x3fc/0x770 [ 310.105160][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 310.110299][ T31] ? __switch_to_asm+0x39/0x70 [ 310.115137][ T31] ? __switch_to_asm+0x33/0x70 [ 310.119935][ T31] ? __pfx_kthread+0x10/0x10 [ 310.124625][ T31] ret_from_fork_asm+0x1a/0x30 [ 310.129437][ T31] [ 310.132528][ T31] INFO: task syz.3.263:6739 blocked for more than 144 seconds. [ 310.140071][ T31] Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 [ 310.147771][ T31] Blocked by coredump. [ 310.152459][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 310.161137][ T31] task:syz.3.263 state:D stack:20416 pid:6739 tgid:6738 ppid:5830 task_flags:0x40054c flags:0x00004002 [ 310.173197][ T31] Call Trace: [ 310.176482][ T31] [ 310.179406][ T31] __schedule+0x16f5/0x4d00 [ 310.184015][ T31] ? __lock_acquire+0xab9/0xd20 [ 310.188978][ T31] ? schedule+0x165/0x360 [ 310.193622][ T31] ? __pfx___schedule+0x10/0x10 [ 310.198582][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.204276][ T31] ? schedule+0x91/0x360 [ 310.208537][ T31] schedule+0x165/0x360 [ 310.212775][ T31] schedule_preempt_disabled+0x13/0x30 [ 310.218259][ T31] __mutex_lock+0x724/0xe80 [ 310.222837][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.228488][ T31] ? kobject_put+0x43f/0x480 [ 310.233207][ T31] ? __mutex_lock+0x51b/0xe80 [ 310.237923][ T31] ? rfkill_unregister+0xc8/0x220 [ 310.243175][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 310.248328][ T31] ? __pfx_device_del+0x10/0x10 [ 310.253295][ T31] rfkill_unregister+0xc8/0x220 [ 310.258182][ T31] nfc_unregister_device+0x96/0x2a0 [ 310.263455][ T31] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 310.269204][ T31] virtual_ncidev_close+0x56/0x90 [ 310.274356][ T31] __fput+0x44c/0xa70 [ 310.278433][ T31] task_work_run+0x1d4/0x260 [ 310.283249][ T31] ? __pfx_task_work_run+0x10/0x10 [ 310.288424][ T31] ? kmem_cache_free+0x18f/0x400 [ 310.293436][ T31] do_exit+0x6b5/0x22e0 [ 310.297636][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.303615][ T31] ? do_raw_spin_lock+0x121/0x290 [ 310.308682][ T31] ? __pfx_do_exit+0x10/0x10 [ 310.313335][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.319004][ T31] do_group_exit+0x21c/0x2d0 [ 310.323708][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.329379][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 310.334643][ T31] get_signal+0x1286/0x1340 [ 310.339295][ T31] arch_do_signal_or_restart+0x9a/0x750 [ 310.345135][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.350790][ T31] ? __x64_sys_sendmsg+0x1b4/0x260 [ 310.355965][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 310.362232][ T31] ? exit_to_user_mode_loop+0x40/0x110 [ 310.367764][ T31] exit_to_user_mode_loop+0x75/0x110 [ 310.373127][ T31] do_syscall_64+0x2bd/0x3b0 [ 310.377754][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 310.383052][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.389144][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.395246][ T31] ? exc_page_fault+0x9f/0xf0 [ 310.400067][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.406151][ T31] RIP: 0033:0x7f7b9f58e929 [ 310.410593][ T31] RSP: 002b:00007f7ba0427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.419399][ T31] RAX: 0000000000000038 RBX: 00007f7b9f7b5fa0 RCX: 00007f7b9f58e929 [ 310.427478][ T31] RDX: 0000000000008844 RSI: 0000200000000080 RDI: 000000000000000a [ 310.435561][ T31] RBP: 00007f7b9f610b39 R08: 0000000000000000 R09: 0000000000000000 [ 310.443636][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.451651][ T31] R13: 0000000000000000 R14: 00007f7b9f7b5fa0 R15: 00007fffe46c09c8 [ 310.459786][ T31] [ 310.462878][ T31] INFO: task syz.4.369:7060 blocked for more than 144 seconds. [ 310.470430][ T31] Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 [ 310.484907][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 310.493654][ T31] task:syz.4.369 state:D stack:23136 pid:7060 tgid:7057 ppid:5826 task_flags:0x400140 flags:0x00004006 [ 310.505664][ T31] Call Trace: [ 310.508936][ T31] [ 310.511905][ T31] __schedule+0x16f5/0x4d00 [ 310.516461][ T31] ? __lock_acquire+0xab9/0xd20 [ 310.521351][ T31] ? schedule+0x165/0x360 [ 310.526016][ T31] ? __pfx___schedule+0x10/0x10 [ 310.530917][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.537120][ T31] ? schedule+0x91/0x360 [ 310.541413][ T31] schedule+0x165/0x360 [ 310.545644][ T31] schedule_preempt_disabled+0x13/0x30 [ 310.551156][ T31] __mutex_lock+0x724/0xe80 [ 310.555826][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.561485][ T31] ? __lock_acquire+0xab9/0xd20 [ 310.566509][ T31] ? __mutex_lock+0x51b/0xe80 [ 310.571276][ T31] ? nfc_rfkill_set_block+0x50/0x2e0 [ 310.576631][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 310.581708][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.587390][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 310.592679][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.598321][ T31] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 310.606402][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 310.613050][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 310.618789][ T31] nfc_rfkill_set_block+0x50/0x2e0 [ 310.623946][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 310.629874][ T31] rfkill_set_block+0x1d2/0x440 [ 310.635692][ T31] rfkill_fop_write+0x44b/0x570 [ 310.640583][ T31] ? common_file_perm+0x199/0x200 [ 310.646197][ T31] ? __pfx_rfkill_fop_write+0x10/0x10 [ 310.651613][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.657561][ T31] ? security_file_permission+0x50/0x290 [ 310.663359][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.669010][ T31] ? rw_verify_area+0x258/0x650 [ 310.674157][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.679823][ T31] ? __pfx_rfkill_fop_write+0x10/0x10 [ 310.685458][ T31] vfs_write+0x27e/0xa90 [ 310.689738][ T31] ? __pfx_vfs_write+0x10/0x10 [ 310.694547][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.700199][ T31] ? __fget_files+0x2a/0x420 [ 310.704864][ T31] ? __fget_files+0x2a/0x420 [ 310.709468][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.715155][ T31] ? __fget_files+0x3a0/0x420 [ 310.719984][ T31] ? __fget_files+0x2a/0x420 [ 310.724693][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.730353][ T31] ksys_write+0x145/0x250 [ 310.734740][ T31] ? __pfx_ksys_write+0x10/0x10 [ 310.739620][ T31] ? rcu_is_watching+0x15/0xb0 [ 310.744662][ T31] ? do_syscall_64+0xbe/0x3b0 [ 310.749370][ T31] do_syscall_64+0xfa/0x3b0 [ 310.754044][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 310.759296][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.765483][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 310.771145][ T31] ? exc_page_fault+0x9f/0xf0 [ 310.775937][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.781912][ T31] RIP: 0033:0x7f936638e929 [ 310.786365][ T31] RSP: 002b:00007f9367263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 310.794873][ T31] RAX: ffffffffffffffda RBX: 00007f93665b5fa0 RCX: 00007f936638e929 [ 310.802911][ T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003 [ 310.810981][ T31] RBP: 00007f9366410b39 R08: 0000000000000000 R09: 0000000000000000 [ 310.819270][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.827336][ T31] R13: 0000000000000000 R14: 00007f93665b5fa0 R15: 00007ffece471e68 [ 310.835389][ T31] [ 310.838462][ T31] [ 310.838462][ T31] Showing all locks held in the system: [ 310.846346][ T31] 1 lock held by khungtaskd/31: [ 310.851207][ T31] #0: ffffffff8e13ee60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 310.861182][ T31] 2 locks held by getty/5584: [ 310.866579][ T31] #0: ffff8880346ea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 310.876496][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 310.886869][ T31] 3 locks held by kworker/1:7/5993: [ 310.892126][ T31] #0: ffff88801a478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 310.903231][ T31] #1: ffffc900044efbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 310.916885][ T31] #2: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 310.928392][ T31] 4 locks held by kworker/u8:13/6587: [ 310.933844][ T31] #0: ffff88801b2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 310.945331][ T31] #1: ffffc90003e0fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 310.956226][ T31] #2: ffffffff8f5030d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 310.965723][ T31] #3: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220 [ 310.976250][ T31] 2 locks held by syz.3.263/6739: [ 310.981268][ T31] #0: ffff8880347e4100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0 [ 310.991140][ T31] #1: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220 [ 311.001472][ T31] 2 locks held by syz-executor/7004: [ 311.006839][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.015397][ T31] #1: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820 [ 311.025485][ T31] 2 locks held by syz.4.369/7060: [ 311.030523][ T31] #0: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570 [ 311.041010][ T31] #1: ffff8880347e4100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 311.050926][ T31] 2 locks held by syz-executor/7371: [ 311.056375][ T31] #0: ffff888075cea918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0 [ 311.066521][ T31] #1: ffffffff8f7ead28 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 311.076615][ T31] 1 lock held by syz.2.483/7482: [ 311.081577][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.090400][ T31] 1 lock held by syz.0.530/7706: [ 311.095421][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.103996][ T31] 1 lock held by syz.5.531/7716: [ 311.108964][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.117477][ T31] 1 lock held by syz.5.531/7720: [ 311.122481][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.130976][ T31] 1 lock held by syz-executor/7836: [ 311.136231][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.144788][ T31] 1 lock held by syz.1.573/7888: [ 311.149728][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.158264][ T31] 1 lock held by syz-executor/8011: [ 311.163510][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.172089][ T31] 1 lock held by syz-executor/8012: [ 311.177363][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.185993][ T31] 1 lock held by syz-executor/8014: [ 311.191221][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.200244][ T31] 1 lock held by syz-executor/8016: [ 311.205499][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.214182][ T31] 1 lock held by syz-executor/8022: [ 311.219410][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.228123][ T31] 1 lock held by syz-executor/8032: [ 311.233484][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.242064][ T31] 1 lock held by syz-executor/8034: [ 311.247270][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.255869][ T31] 1 lock held by syz-executor/8036: [ 311.261091][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.269669][ T31] 1 lock held by syz-executor/8038: [ 311.279279][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.288027][ T31] 1 lock held by syz-executor/8040: [ 311.293294][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.302006][ T31] 1 lock held by syz-executor/8043: [ 311.307228][ T31] #0: ffffffff8e9c2608 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 311.315857][ T31] [ 311.318290][ T31] ============================================= [ 311.318290][ T31] [ 311.326814][ T31] NMI backtrace for cpu 0 [ 311.326833][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(full) [ 311.326862][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 311.326877][ T31] Call Trace: [ 311.326886][ T31] [ 311.326904][ T31] dump_stack_lvl+0x189/0x250 [ 311.326947][ T31] ? __wake_up_klogd+0xd9/0x110 [ 311.326976][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.327007][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.327047][ T31] ? __pfx__printk+0x10/0x10 [ 311.327090][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 311.327127][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 311.327154][ T31] ? _printk+0xcf/0x120 [ 311.327186][ T31] ? __pfx__printk+0x10/0x10 [ 311.327215][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 311.327252][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 311.327286][ T31] watchdog+0xfee/0x1030 [ 311.327322][ T31] ? watchdog+0x1de/0x1030 [ 311.327365][ T31] kthread+0x711/0x8a0 [ 311.327397][ T31] ? __pfx_watchdog+0x10/0x10 [ 311.327430][ T31] ? __pfx_kthread+0x10/0x10 [ 311.327455][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.327489][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 311.327522][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.327550][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 311.327585][ T31] ? __pfx_kthread+0x10/0x10 [ 311.327615][ T31] ret_from_fork+0x3fc/0x770 [ 311.327655][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 311.327698][ T31] ? __switch_to_asm+0x39/0x70 [ 311.327723][ T31] ? __switch_to_asm+0x33/0x70 [ 311.327748][ T31] ? __pfx_kthread+0x10/0x10 [ 311.327778][ T31] ret_from_fork_asm+0x1a/0x30 [ 311.327823][ T31] [ 311.327832][ T31] Sending NMI from CPU 0 to CPUs 1: [ 311.503996][ C1] NMI backtrace for cpu 1 [ 311.504015][ C1] CPU: 1 UID: 0 PID: 6456 Comm: kworker/u8:11 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(full) [ 311.504042][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 311.504057][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 311.504088][ C1] RIP: 0010:mark_lock+0x3c/0x190 [ 311.504125][ C1] Code: 00 03 00 83 f9 01 bb 09 00 00 00 83 db 00 83 fa 08 0f 45 da bd 01 00 00 00 89 d9 d3 e5 25 ff 1f 00 00 48 0f a3 05 e4 61 06 12 <73> 10 48 69 c0 c8 00 00 00 48 8d 88 30 b3 45 93 eb 48 83 3d 2b f1 [ 311.504144][ C1] RSP: 0018:ffffc9000422f7c8 EFLAGS: 00000007 [ 311.504162][ C1] RAX: 00000000000007ee RBX: 0000000000000002 RCX: 0000000000000002 [ 311.504176][ C1] RDX: 0000000000000002 RSI: ffff88807d02a940 RDI: ffff88807d029e00 [ 311.504192][ C1] RBP: 0000000000000004 R08: ffffffff8fa109f7 R09: 1ffffffff1f4213e [ 311.504207][ C1] R10: dffffc0000000000 R11: fffffbfff1f4213f R12: ffff88807d02a940 [ 311.504224][ C1] R13: ffff88801d6f8000 R14: ffff88807d02a8f0 R15: 0000000000000002 [ 311.504244][ C1] FS: 0000000000000000(0000) GS:ffff888125d50000(0000) knlGS:0000000000000000 [ 311.504262][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 311.504277][ C1] CR2: 000056447f0e6000 CR3: 0000000047da3000 CR4: 0000000000350ef0 [ 311.504295][ C1] Call Trace: [ 311.504302][ C1] [ 311.504313][ C1] ? ___slab_alloc+0x240/0x1480 [ 311.504338][ C1] lockdep_hardirqs_on_prepare+0x129/0x2a0 [ 311.504372][ C1] trace_hardirqs_on+0x28/0x40 [ 311.504399][ C1] ___slab_alloc+0x311/0x1480 [ 311.504427][ C1] ? __alloc_skb+0x112/0x2d0 [ 311.504454][ C1] kmem_cache_alloc_node_noprof+0x280/0x3c0 [ 311.504476][ C1] ? __alloc_skb+0x112/0x2d0 [ 311.504500][ C1] __alloc_skb+0x112/0x2d0 [ 311.504525][ C1] nsim_dev_trap_report_work+0x29a/0xb80 [ 311.504560][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 311.504596][ C1] process_scheduled_works+0xae1/0x17b0 [ 311.504646][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 311.504684][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.504715][ C1] worker_thread+0x8a0/0xda0 [ 311.504765][ C1] kthread+0x711/0x8a0 [ 311.504791][ C1] ? __pfx_worker_thread+0x10/0x10 [ 311.504825][ C1] ? __pfx_kthread+0x10/0x10 [ 311.504847][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.504875][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 311.504905][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.504929][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 311.504960][ C1] ? __pfx_kthread+0x10/0x10 [ 311.504992][ C1] ret_from_fork+0x3fc/0x770 [ 311.505025][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 311.505060][ C1] ? __switch_to_asm+0x39/0x70 [ 311.505083][ C1] ? __switch_to_asm+0x33/0x70 [ 311.505105][ C1] ? __pfx_kthread+0x10/0x10 [ 311.505129][ C1] ret_from_fork_asm+0x1a/0x30 [ 311.505161][ C1] [ 311.506251][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 311.790131][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(full) [ 311.801945][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 311.812013][ T31] Call Trace: [ 311.815292][ T31] [ 311.818218][ T31] dump_stack_lvl+0x99/0x250 [ 311.822828][ T31] ? __asan_memcpy+0x40/0x70 [ 311.827430][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.832642][ T31] ? __pfx__printk+0x10/0x10 [ 311.837245][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.842886][ T31] panic+0x2db/0x790 [ 311.846793][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.852434][ T31] ? __pfx_panic+0x10/0x10 [ 311.856859][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.862499][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 311.868321][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.874042][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 311.879429][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 311.885616][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.891258][ T31] watchdog+0x102d/0x1030 [ 311.895603][ T31] ? watchdog+0x1de/0x1030 [ 311.900077][ T31] kthread+0x711/0x8a0 [ 311.904175][ T31] ? __pfx_watchdog+0x10/0x10 [ 311.908872][ T31] ? __pfx_kthread+0x10/0x10 [ 311.913467][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.919126][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 311.924333][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 311.929965][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 311.935197][ T31] ? __pfx_kthread+0x10/0x10 [ 311.939792][ T31] ret_from_fork+0x3fc/0x770 [ 311.944400][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 311.949539][ T31] ? __switch_to_asm+0x39/0x70 [ 311.954307][ T31] ? __switch_to_asm+0x33/0x70 [ 311.959073][ T31] ? __pfx_kthread+0x10/0x10 [ 311.963669][ T31] ret_from_fork_asm+0x1a/0x30 [ 311.968452][ T31] [ 311.971687][ T31] Kernel Offset: disabled [ 311.976012][ T31] Rebooting in 86400 seconds..