last executing test programs: 3m31.541674551s ago: executing program 3 (id=31): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000380)={r0, r2, 0x1, 0x0, @void}, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) signalfd4(r3, &(0x7f0000000200)={[0xb9]}, 0x8, 0x800) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28) 3m30.473911466s ago: executing program 3 (id=34): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r3, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e1c}, {&(0x7f00000000c0)=""/250, 0x4}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000100)={@initdev, @remote}, &(0x7f0000000140)=0xc) getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a80)=@newlink={0x20, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000041000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r4, @ANYBLOB="080004"], 0x4c}}, 0x0) 3m29.579038013s ago: executing program 3 (id=37): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x6) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r5 = socket(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000017c0)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000016c0)=@newtfilter={0x30, 0x28, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r7, {0xe}, {0xfffb}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}}, 0x0) 3m27.914175862s ago: executing program 3 (id=42): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setresuid(0xee01, 0x0, 0x0) sendmmsg$unix(r0, &(0x7f0000007cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f00000005c0)={[{@shortname_winnt}, {@shortname_winnt}, {@shortname_lower}, {@shortname_winnt}, {@shortname_winnt}, {@fat=@discard}, {@fat=@check_strict}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@shortname_win95}, {@fat=@sys_immutable}, {@utf8}]}, 0x0, 0x274, &(0x7f0000000780)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==") r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0) read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x300, 0x0, 0x103ff}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) 3m26.375927514s ago: executing program 3 (id=45): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYBLOB, @ANYRES32, @ANYBLOB], 0x48) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000940)={0x0, 0xfffffff0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff00000000000000000000000000000000000000000200002000000000", @ANYRES32, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000e0270300000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000650d000000000000e1000000000000000007000000ff0f0000000000000000000008000b000000000008001600000000000c001500000000005d0000000401050000000000000000000000ffff00000000000000003300000002000000e00000020000000000000000000000000000000000000000000000000000000000000000ff010000000000000000000000000001000000003c0000000a000000fe8000000000000000000000000000aa0000000001000000000000000000000000000000ff010000000000000000000000000001000000002b0000000a000000fe8800000000000000000000000000010000000000000000000000000000000000000000ff020000000000000000000000000001000000003200000002000000fe8000000000000000000000000000000000000004"], 0x254}}, 0x0) 3m25.959824303s ago: executing program 3 (id=50): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) unshare(0x24040000) r3 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x4, 0x38, @mcast1, @remote, 0x8000, 0x1, 0xfffffffe, 0xffffffff}}) 3m25.085209211s ago: executing program 32 (id=50): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) unshare(0x24040000) r3 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x4, 0x38, @mcast1, @remote, 0x8000, 0x1, 0xfffffffe, 0xffffffff}}) 3m3.35997693s ago: executing program 2 (id=90): r0 = socket$netlink(0x10, 0x3, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, 0x0, 0x0) sendmsg$netlink(r0, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x4000000, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0) 3m0.764308806s ago: executing program 2 (id=93): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) getpid() bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xb, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000e80)={[{@gid_forget}, {@noadinicb}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@gid_ignore}, {@dmode={'dmode', 0x3d, 0x4}}, {@rootdir={'rootdir', 0x3d, 0x5}}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@nostrict}, {@umask={'umask', 0x3d, 0x1}}, {@uid_ignore}, {@anchor={'anchor', 0x3d, 0xce}}]}, 0x1, 0xc39, &(0x7f0000000240)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LNkkJcr6fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lBtwIAuJ/OT3/1+AnPfwB4pFzw//8AAAAAAAAAAAAAAHDQpSjiiUixdH4rzVafu4bPtTtXr81MTN6+2kiqag5U5cuf4edPnDz1pRfGT/fyw+vvtafitekLZ+svL15ZWm6trLTm6zOd9tzifOuet7Db+jcbqw5A/crrV+cvXVqpn3ju5A1fXxv9YOjxI6Nnxp859nSv7MzE5OR0X5na4Mfe+y3uNMLjUBRxLFI8+/0fp2ZEFLH7Y3GXa2e/jVSdGKs6MTMxWXVkod3srJZfTvUORBFR76vU6B2j+3AudqURsVY2v2zwWNm96aXmcvPiQqs+1Vxeba+2FztTqdvasj/1KOJ0iliPiM2hWzc3GEXUIsV3D2+lixEx0DsOX6wGBt+5HcU+9vEelO2sD0asFw/BOTvAhqKIVyPFT94pYq48ZvknvhDxapn/GPFWmS9FpPLCOBXxfnUdjTzglrMXalHEn5Xn/8xWmq/uB737yrmv1b/SubTYV7Z3X3nonw/30wG/Nw1HEc3qjr+VPv5vdgAAAAAAAAAAAAAAAADYayNRxFOR4pV//4NqXHFU49IPnxn/3dGf7x8z/uRdtlOWfS4i1op7G5N7KA8hnkpTKT3gscSPsuEo4o/y+L9vP+jGAAAAAAAAAAAAAAAAAAAAPNKKeC9SvPju0bQe/XOKtzuX6xeaFxe60+X25v7tzZm+vb29XU/dbOSczbmWcz3nRs7NnFHk+jkbOWdzruVcz7mRczNnDOT6ORs5Z3Ou5VzPuZFzM2fUcv2cjZyzOddyrufcyLmZMw7I3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8kRRTxs0jxnW9spUgR0YiYjW5uDPXKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0lAq4geRov57jevrahGRqn+7jpa/nIrGoTI/HY3xMl+KxtmczSprjW8/gPazO4OpiB9FiqHht6+f8Hz+B7ufrl8G8dY3dz79Uq2bA70vRz8YevzI4TPjk7/y5J2W0+0aMHau3bl6rT4zMTk53be6lvf+6b51o3m/xd50nYhYeePN15sLC61lC4/GQq27UIs93fJIxN5ucO8Wat2FfL+KB96eOyw0DkYzdhaiuvff9p7NJ0b5/H8/Uvzmu//Re+D3nv8/1/10/QkfP/3jnef/izdvaJ+e/0/0rXsx/25ksBYxvHplafBIxPDKG28ea19pXm5dbnVOHT/+5fHxL588PngoYvhSe6HVt7TrQwUAAAAAAAAAAAAAAABwf6UifjtSNH+0leoRca0arzV6ZvyZY08PxEA13uqGcVuvTV84W3958crScmtlpTVfn+m05xbnW/e6u+FquNfMxOS+dOauRva5/SPDLy8uvbHcvvz7q7f9/rHhsxdXVpebc7f/OkaiiGj0rxmrGjwzMVk1eqHd7FRVp/ZoYOZgKuI/I8XcqXr6fF6Xx/+V8d5gX9n+8f9rfeur5X0a//epm/aTUhE/jRS/8edPxuerdj4WtxyzXO6vI8XY6c/lcnGoLNdrQ/e9At2RgWXZ/40Uf/+zG8v2+v7ETtnnP9rRPfjK8384UvzgT78Xv5rX3fj+h53xn/3n/7GbN7RP5/8zfeseu+F9BbvuOvn8H4sULz3xdvxaXvdh7/8oYnt7+1sRR3Ph6+/n2Kfz/9m+daPR3e+v7133AQAAAAAAAAAAHlqDqYi/iRRPT9bSC3ndvfz9v/mbN7RPf//rF/vWzd+n+Yp2fVABAAAA4IAYTEW8Fykur759fQx13/jvG8d//tbO3OsT6aZvqz/n+4XqvQF7+ed//Ubzfmd3320AAAAAAAAAAAAAAAAAAAA4UFIq4oU8n/rsXeZT34gUr/z3s7lcOlKW680DP1r9Onx+sXPs7MLC4lxztXlxoVWfXmrOtcq6n4kUW3/1uVy3qOZX7803353jfXi7Nxf7cqSY/Nte2e5c7L25ybvzgXfnYi/LfipS/Nff3Vi2N4/1Z3fKnijL/mWk+Po/3b7skZ2yJ8uy34sUP/x6vVf2sbJs7/2o3XeSDtdiofXc3OLCLa9CrRS7PjUAAAAAAAAAAAAAAAAAAAA8QgZTEX8SKf7nynqs5WH/ef7/3gz8tV7Zt77ZN9//Ta5V8/yPVvP/32n548z/P7pnPQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdHiiLejBRL57fSxlD5uWv4XLtz9drMxOTtq42kquZAVb78GX7+xMlTX3ph/HQvP7z+XnsqXpu+cLb+8uKVpeXWykprvj7Tac8tzrfueQu7rb9z6LrGqgNQv/L61flLl1bqJ547ecPX10Y/GHr8yOiZ8WeOPd0rOzMxOTndV6Y2+BH2/pEat+NQFPEXkeLZ7/84/fNQRBG7PxZ3uXb220jVibGqEzMTk1VHFtrNzmr55VTvQBQR9b5Kjd4xug/nYlcaEWtl88sGj5Xdm15qLjcvLrTqU83l1fZqe7EzlbqtLftTjyJOp4j1iNgcunVzg1HE65Hiu4e30r8MRQz0jsMXz09/9fiJO7ej2Mc+3oOynfXBiPXiIThnB9hQFPEPkeIn7xyNfx2KqEX3J74Q8Wp/wZciUnlhnIp4/zbXEQ+nWhTxf+X5P7OV3hkq7we9+8q5r9W/0rm02Fe2d185SM+H7Y9+LY7swW7v3QG/Nw1HET+s7vhb6d/8dw0AAAAAAAAAAAAAAABwgBTxy5HixXePpmp88PUxxe3O5fqF5sWF7rC+3ti/esQflrm9vb1dT91s5JzNuZZzPedGzs2cUeT6ORs5Z3Ou5VzPuZFzM2cM5Po5Gzlnc67lXM+5kXMzZ9Sq2N7e/la3fi3Xz7mWc70WUZT18+fNnHFAxu4BAAAAAAAAAAAAAAAAAACfLEX1T4rvfGMrVXOpNiJmo5sb5gP9xPv/AAAA//+ZYP5q") 2m59.661431949s ago: executing program 2 (id=97): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) close(0x3) syz_init_net_socket$ax25(0x3, 0x5, 0xf0) 2m57.648672259s ago: executing program 2 (id=100): syz_open_procfs(0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000000000080003"], 0x80}}, 0xc800) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sched_setscheduler(0x0, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000301019e0000000000"], 0x38}}, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240)) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={0x0, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) close_range(r2, 0xffffffffffffffff, 0x200000000000000) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_open_procfs(0x0, 0x0) fanotify_init(0x0, 0x0) 2m57.364540147s ago: executing program 2 (id=102): io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) cachestat(r0, &(0x7f0000000040), &(0x7f0000000080), 0x0) 2m56.218873505s ago: executing program 2 (id=108): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x82e, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PBUF_STATUS(r3, 0x1a, 0x0, 0x1) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001000030400000000fedbdf2500000300", @ANYRES32=0x0, @ANYBLOB="0000be281f000000200012800b00010067656e657665000010000280"], 0x40}}, 0x0) 2m41.029617881s ago: executing program 33 (id=108): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x82e, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PBUF_STATUS(r3, 0x1a, 0x0, 0x1) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001000030400000000fedbdf2500000300", @ANYRES32=0x0, @ANYBLOB="0000be281f000000200012800b00010067656e657665000010000280"], 0x40}}, 0x0) 2m18.773350709s ago: executing program 1 (id=181): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r3, 0x0) sendmsg$AUDIT_DEL_RULE(r0, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000680)={0x420, 0x3f4, 0x800, 0x70bd29, 0x25dfdbfe, {0x0, 0x2, 0x2, [0x9a, 0x7, 0x0, 0x93, 0x3, 0x8, 0x1, 0x80000000, 0x0, 0x3, 0x101, 0x8, 0x80000000, 0x1, 0xfffffffc, 0xfffffffc, 0x4, 0x8, 0x7, 0xfffffffa, 0xfffffffa, 0x7, 0x0, 0x9, 0xc, 0x3, 0x3ff, 0x7, 0x4, 0xffffffc0, 0x8001, 0x10000, 0x2c1, 0x7, 0x0, 0x5f0, 0x9, 0x80000000, 0x3ff, 0x7fffffff, 0x6ac3, 0x7, 0x3, 0x9, 0x3, 0xffffffff, 0xffffae55, 0xb, 0x47159218, 0x3, 0x80000000, 0xff, 0x6e, 0x0, 0x97, 0x0, 0x1, 0xb6, 0x7, 0x6, 0x8, 0x2, 0x1ff, 0x2], [0xb76e, 0x17, 0x0, 0xe60f, 0xde3, 0xfff, 0x5, 0xc, 0x6, 0x556, 0x1000, 0xffffffff, 0x8001, 0x5, 0x100000, 0x6cd, 0x5, 0x7, 0xa, 0x9, 0xfffffffd, 0x1000, 0x800, 0x401, 0x7fff, 0xfd98, 0x8, 0x9, 0x2, 0x7ff, 0xf, 0x35f9, 0xf, 0x6, 0x1, 0x100, 0x5, 0x3, 0x5, 0x0, 0x0, 0x894d, 0x101, 0x9, 0x100, 0x7, 0x0, 0xd3e, 0xe0, 0x1, 0x49dc70b3, 0xffffffff, 0xff, 0x1, 0x5, 0x80000000, 0xfffffff3, 0x9, 0x3, 0x7, 0x7, 0x1, 0x2], [0x4, 0x2, 0x401, 0x5, 0x0, 0x821, 0x0, 0x3, 0x5, 0x5, 0x207, 0x4, 0x40, 0xffff, 0x10000, 0x8, 0x4, 0x9529, 0xfffffffd, 0x7, 0x3, 0x4, 0x15ff, 0xcf, 0x7, 0x2, 0xed, 0x3, 0x8, 0xc66, 0xb000000, 0x401, 0x3d1, 0x4, 0x4fa9a7e6, 0x2, 0xfffffffe, 0x8000, 0x6, 0x5, 0x0, 0x3, 0x3, 0x72af4b79, 0x10000000, 0xda, 0xc, 0x5, 0x2, 0x7, 0x5, 0x7, 0xf, 0x3, 0x5, 0x8, 0x5, 0x6, 0x2, 0x0, 0x8, 0x8000, 0x2, 0xfffffff9], [0x3, 0x6, 0xd6, 0x7, 0xe13, 0xe4, 0x7, 0x100, 0x4, 0x6, 0xa, 0x0, 0x3b, 0x2, 0x7fff, 0x3, 0x760, 0x7, 0x41, 0x1, 0x5, 0x9, 0x7fc2, 0x7fff, 0x2, 0xbd9, 0x6eba, 0x8000, 0x27cd, 0x7, 0x2, 0x946, 0x1, 0xfffeffff, 0x2, 0xa9c, 0x2, 0x3, 0x7f, 0x4, 0x1, 0x6, 0xfffeffff, 0x2, 0xbe, 0xb, 0x0, 0x7fff, 0x8000, 0x12000, 0xb, 0xb021, 0x7, 0x8e9, 0x800, 0xe959, 0x42f, 0xae, 0xc, 0x6, 0x4, 0x10, 0x0, 0x80000001]}}, 0x420}, 0x1, 0x0, 0x0, 0x4000}, 0x4840) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) 2m18.71491735s ago: executing program 1 (id=182): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000580)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x1) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) epoll_create1(0x0) write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 2m17.192366453s ago: executing program 1 (id=186): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f00000000c0)={0x32}, 0x8) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) 2m15.739931698s ago: executing program 1 (id=189): r0 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = syz_pidfd_open(r0, 0x0) setns(r4, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) 2m14.739742095s ago: executing program 1 (id=192): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10) 2m11.275968718s ago: executing program 1 (id=199): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = syz_open_dev$media(&(0x7f0000000000), 0x4, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r2, 0x80047c05, 0xfffffffffffffffe) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x6, 0x400000000, 0x4, 0x7fffffff}, 0x0, 0x0) close(r1) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", ' \x00'}, 0x28) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000f00)="6e37cff5b582", 0x6}, {0x0}], 0x2}, 0x0) 2m9.85487759s ago: executing program 4 (id=201): bind$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) write$tun(0xffffffffffffffff, 0x0, 0xfdef) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26) connect$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x50}}, 0x0) sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4041) 2m9.650068961s ago: executing program 4 (id=202): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000d40)={[{@test_dummy_encryption}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3DFoJFUcBvBvZnc9c7fIqY0gqCAiGghnJ9icjcKJHIeIoMKJiI1yEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWiqzMTiJJXGNgkx3J/H4wuzM78+b/htnv7TbzArTWxSSXk3SSTCfpJSn2H3BPvVzc3VyeWr+eDAZP/VIMj6u3a3vtLiRZSvJwkrWyyCvdZGH1ua3fNh6//+353n0frj47NdGL3LW9tfnkzgdX3/rkykMLX33z09Uil9M/cF0nrxjxWbdIbjuNYv8TRbfpHnAc1974+Nsq97cnuXeY/17K1Dfvnbmb1np58P1/a/vuz1/fOcm+AidvMOhVv4FLA6B1yiT9FOVMknq9LGdm6v/w33XOl6/Ozr0+/fLs/I2Xmh6pgJPSTzYf++zcpxcO5f/HTp1/4Cx54sBWlf+nr618X63vdJrqE9CEKv/TLyw+EPmH1pF/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aC/5h7PtxSP2HSP/5Wn1C2jW/vwDAO0yONf0E8hAU5oefwAAAAAAAAAAAAAAAAAAgH9anlq/vrdMquYX7yXbjybpjqrf2Z2A7Obh6/lfi+qwvxV1s7E8f/eYJxjTRw0/fX3LD83W//KuZusv3kiW3kxyqds99P37c5Bi7Anwbv2P/b2jJuibgEeeabb+HyvN1r+ykXxejT+XRo0/Ze4Yvo8ef/rV/Ruz/mu/j3kCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuavAAAA///41m/U") r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) r1 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x6, 0x0, 0xffffffffffffff28}) fsetxattr$security_capability(r0, 0x0, &(0x7f0000000240)=@v2={0x2000000, [{0x0, 0x2}, {0x7, 0x3}]}, 0x14, 0x1) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) listxattr(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000001100000071120f00000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES64], &(0x7f0000000200)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kvm_age_hva\x00', r2, 0x0, 0x1}, 0x18) syz_emit_ethernet(0x4e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000eb00000086dd609bc3b100180000fc010000000000000000000000000000fe8000000000000000000000000000aa6702000000000000c2"], 0x0) 2m8.845764635s ago: executing program 4 (id=203): r0 = socket(0x840000000002, 0x3, 0xfa) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./bus\x00', 0x4812, &(0x7f00000001c0)=ANY=[], 0x1, 0x68b, &(0x7f0000001900)="$eJzs3c1vHGcdB/DvbDZONi2p2yZtQJVqNRIgIhI7VgrmQkAI5VChqhw4W4nTWNmkxdlWboWIw+u1h/4B5ZAL4oTEPVLhwAVuvSFzq4TEpRfMadGMZ9fr9UvWhOw65fOJZp5n5nnmmd/zm519i6wN8H/ryrk0H6TIlXOvrZbb6/fn2+v352/16kmOJVlLmkkaSYp/dbvdj5PLSdEfphgqd/hweeGNTz5b/3Rzq1kvVf/GfscNqfutDe1e6+2bSXKkLh/BtvGuPvJ4RT/yy0nO1iVM3NEk3W1+/Oen+y0DWrsdfXwsMQKPV7H5upn69bhvOjlR3+jl+4DeK29j/BGO5tiI/YbfQQAAAMCTZpTPwM9sZCOrxckxhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfC2tbv/9f1EujV59J0fv9/6l6X+r64fLywbo/eFxxAAAAAAAAAMBY/L1av7yRjazmZH/38Wr9SrU+Va2fyju5k6Ws5HxWs5hOOlnJXJLpgeGmVhc7nZW5EY68uP3Ibrd7t9NZufiQcI/VZevRZw4AAAAAAAAAn0M/y5WB//8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBDoEiObBYp7g3snk6jmeR4kqlyx1ry1179SfZg0gEAAADAGDyzkY2s5mRvu1vkVJIXqu8Ajued3E4ny+mknaVcq74X2PzU31i/P99evz9/q1x2jvudfx4ojGrEbH73sPuZz1Q9Wrn+bu+Yq3kr7VxLozqydKaOp9djKK57ZUzFt2sjRnatLsuZf1CXO9w90GT3csAvU6arjBzN9SxXOZqtYyuz8Wzvyux+hQ54dYbPNJdGP9hTQ2camkSd84NN7URdlvP51V45n4jhTFwcePS9sH/Ok6/84Xc/mq3rh2dKozlSl91q3dqZifmBTLw4SiZutG/fvHH9zrknLRM7zFaZON3fvpLv54c5l5m8npUs590sppOlzOR7VW2xvvjFwC2/R6Yub9t6/WGRTNWP0M2LdbCYXqmOPZnl/CBv5VqW8mr172Lm8o1cyqUsDFzh0/tf4equb+zxTNv9wq7Bn/1qXWkl+XVd7mrPhselzOuzA3kdfM6drtoG92xl6bkRsnTA16Pml+pKeY6f1+XhMJyJuYFMPL9/Jn5TPa3cad++uXJj8e3RTvfcB3WlvI9+eaieUsvHy3Plxaq2tj86yrbn+z2356tsO9U/rrGj7XS/rbpTi+aed+pU/R5u50gXq7YXd22br9rODLS1+m3n+++3ADj0TnztxFTrH62/tD5q/aJ1o/Xa8e8e++axl6Zy9I9Hv9WcPfLlxkvF7/NRfrr1+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjv3Xnv/ZuL7fbSylCl2+3e3aUpl3fr/HgrzYeEuqOSmb89VR7Q29NNv6n3c2ZjnMUXn07GnLE9K0eH97SSjOXs/+52u/WeYo8+v/3ToUlUtzbp6zXJyuSek4DxuNC59faFO++9//XlW4tvLr25dHvh0qWF2YVLr85fuL7cXprdXE86SuBx2HrRn3QkAAAAAAAAAAAAwKjG8ecEk54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GS7ci7NBykyN3t+ttxevz/fLpdefatnM0kjSfGTpPg4uZzNJdMDwxV7nefD5YU3Pvls/dOtsZq9/o39jhvNWr1kJsmRzfLe/2q8q3W5r2K/KRT9GZYJO9tLHEzafwIAAP//FqwEKg==") r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45) pwrite64(r1, &(0x7f0000000100)="9f", 0x1, 0x12207) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10) write$FUSE_NOTIFY_DELETE(r3, &(0x7f00000000c0)=ANY=[], 0x2c) write$FUSE_WRITE(r2, &(0x7f00000000c0)={0x18}, 0xfffffdef) write$UHID_INPUT(r2, &(0x7f0000000b40)={0x8, {"c6ae413f45c373121044d8da18ff21a3a92b35fd2bff460d37c1cde54ec17dfec84c955014004b9b88cef39c2e43f42e89363610a83e09368b85d83acef1a00d1d43060a9fb32cded9d078ae45f67c1273c5ed8dff1e7bc965d9a2f488d0f6a4c6919f2d04c6a0b51dfcbe4d2622468ded232a0bc4c164f06376fb396ea16f7d8a1e656ffb7ddaac2323e67e308cfcefc7e6c75d119af3a547a41c2b1547573382af28315dfd20fb2d7522ede2a4ced908dde91066f10a7716c2c3e97d0016e18590271277923e63339839c4c90d9247adb1e8825926cfca753addbfc79c225767f5447dffa58e80bf6d578100b39f957829a3733e98471ab3714e832505bce8f610c070d22a85592007f5c7dc902ccfa577789353dfe5754a1d536520eca2b895f53019cb9355c1cb61baed4978205e5f8871a2c854d399866e89f65c3ad8b47ea286b6e6d2885a153e6dcac62455216133ac6f788a3a60bbb8f966961982e567311f9f0bfc17fd4498f1167a98c8e897da6b7e8ecf9caa783ab95bd01bd3a5e2e66764ba7fc8bd24c6bee0413ffea30c3dcf82fdf79bed9b4474a448545da92c173d50c90f2b38a97d73676ebf139893f3ecd9ada4fb8dbf167ff2c2afab810e492a10288027ad3f4733b26a0167704c40f6197a8b2227dcf21812c165a3b6231000797b2fe16f4131709c00e1ffc9509f2e5c27f6513e57775aa5af95acf5d17678b306d37269ffde84d973991df3ee2030620ad93d0b4065f5b8444e11e218f85710fa8af865a29f5db9cf79ffaec11603d53953578da6cab4648d24c6d660adf04e27fd48e9a8d2e1973ca0f5c518c843b5e0002281b4861b732b39e01ccfa373f132eb9d4ba593921265b8bc2b109c2f4a9e51094ebe117e3fd8f79790352d2b7f7fd96a24796bd6e79ec44a5cdb18f60fa2c4b55342fc018cd1e24c1be712486e352ad674bd13f3ba9ac467d06e19a43c6f45d891124c72fc386464d9293321f19f4e5918897d64a615093c99a53955efd18d718b233b80a253d97ff28eb1aff2965437454ac370489ebe546a9cea6d12146fd429145d5c85e45714817878d08b5a48f17fb47a643c4a7e6fb4d2bb87dea5104a882cc3c702d9897ba2831533a8f5483d70a47a29bfc6d696bf94007bb137ca546da0805f2556f1d067a30594027bc8d316fafe4cb5172dba3f0003202ee66f18fc5af756079df889ebd6d93816e066594288a94df703580985934836c6d11760e768f8f8b3fe0871522141b5fadef313d4af78ffc8b7f855f618a6cff3d45273f193036233227779c9fe62cfdde12a1ecb91b0c6c7b02703ae4f9382c1f86f8a922db77a8ad31da9ce028eb9b03986421d2a0362ec95014dfbb495b2afc03bf8d25243d934c2e8ae1f7f0c9d0f6e994a9552e11bc2e1527d8b305d34acea3141d38abf67b89dfb678081da3a372140a87ea688c5ca45f8f0a87564527d3055d5b195336c27ecf6007dfefdcbaf5fcdbd8ad06076310441f9c7e27a2ead3317701962bc8dea246a8cbacf957af7e01839969f101c5f0655ba2006d161bcf8cd062b8e54a3fb4bc4228cb578b7260258d818dadfd0c9a1baec770b073b42f01d729aa77e629146153b217eeb593151c97c0387c5b2c82cfeb632682416ef4d3581ba9f64dd8dec7ecfb6a308f4f6f11d3c1bc3749b9ed4173d92924217afdd04abd351ac23f2019143d351c285b4ad96ba2f25c0c9df439049ba6b31d9570143d5012ea8433ae42c928228df1531892b60723d292a77f90d458938751c3fd424ed8d91536deda42e6d649e79cb69d6c0a6ffe77d79027d04ccd69a2617aa7cfad1bacb1985fe2fa9d21adb9655f1cc8a6e5f2efada8130298fa5b653ec9d3cd058e0c55102c90b83348879926dc5026b5cbbdcd3052ba978d529a43da78e67b5414ef3fb9601b71ad73399d65dbb04ea4cbaa5f291ee79ba78f5473d575d364de104dba1e2aa531c5c708d3eaf318b2d8e1615d13d2968ddd5cf21fa9c90fba5371d83e6eb08bafd665a38fc2792b8214c7cb8eb1af4baa7becfbac337da66091997121a7c38975d02146bca59f8163646337d9ea4274b0a16d71b888856cb0d7e22281e73c8e8b5e26afb212cb74b1518857a2e71fb333a22aa28f8d3ea83fc1cf3759f5c4cef73d643eb0752fd6af2ef7f3d581b1e14a8dcbdf8203ac4d96152d3b661074c1f26d3ce6553d65030bf17fbbe2e051aff7ca486af8d45162dc45cc1a2072e9c6ade490eb253635b378666aac2e013e41c880f64e5ad3e57f6443ee67a448ca32710f85603df74c9ce0f33e8d7b9c6dbf9a7c34c97eb548d11da9be2ee121a7ee4793776f213ecb72af4d7b16451d3e6eb4de43febbcece348fb47f0d3a2bc6293f497a4649cf17da9353bd62da046f15d741e6c2b9ab8205fbe4cdad15ce665b8dd33744872e939333e22f476e3e31df283d40e1ba60d491588d1eeb2df30eb3c862c95c374b9da20481105e8dbe7a0c79fe74a8f12117aedcccfb7ea57bb5e7a03f0c6b31deec407bf18e068113e31632d05688603b7300115c6402c614b1caf587b2e7f7dd5e75a9391789380414bdc68e13e003eabd89306c146a40168ea4691fecd66c4bfcf418d379aeacc7f28a9af688184ce93377f2514f7fe2fcdb7138aedaedeb11715189c432564f34609a8f4e7937d1a89f1c4a0caff015cb7f584ccc29fe3eddd20187f39cadcc8944aa8731feecadfb1298883d49c02671bdf6a20d55dd15881ee4ea5b624c4d9ce65db681d3be10c2a5832eb832fd2c3a1fe0b34a8b8438955bd0bac78f2cd634a602031d27bb1a0cf20871443fd96598d36394ff3614ccbd89977a39fe6c0f00999c812564d8f6005b47f576594ecd3e3a19d2df92047b6a5c99b394987a2044c760538d2aa89ebf755cd21572bfae449d58e66417133dffbce66484943dfd0899627c63096b608d4a0f5d8b6ba9706482900bed2dc602df6f6edac8b3b7515fd9c24693c27c53aae43cc5e81ad3947196f9c80f35489d7ccfd2a6fa45150194ee25ff047e6cf1876f0766b70fa866c3f65307bc34ce6546bbab0db9b882d0776b7722953712c29030be57440dcd20b65fe29f182d1412e3ae8b0ee2e977d154c38677a84bb0b10b077328c8c3169507cf575d4bf211b55d5f96866d35be9999e9ba6cf813fa497176797a68f6705e7e12eda57a8c48e9e57fa145ec6a84f6a3f79841d8ede1e38ae2094be9473887c529d8d60b6bbea81ddaee9bb2e923432c44116bb9925ba00d60487e8131ae3896a045338ac1b1c73252b93ef15cd0edd013b5863745d18412911563737fb2310bbc61d535bf30b70e2f4e906de9f957ea70fc9e80961ef71a7e3c3bc6376923173779f152ff045b4feb603e43ee9be78787d9ca1e879574007cd12f0afd0b39b35fd3bdb1ec664a400d18408e4037ac8b71cce11bac48b912dffc072223f8a95f1bd4871f7ba36ecf845981d0e2ba951340ead917206a0d566ba0dc4e52cc74bcd5fc25529626c2325c91476b2f024af5925ea5d673d3ca44799993265d5b7a08e2368686e642d81b82fe6d1716c2f99328aa2f94572a33fc7df7de9fbc8106b49aa9a597b60379f27fdc54be3584c56e12e06ab9c98c714da10996deb0156d630d076be73ddae10bde1b100dbe17d2de98b3625b35ebbec94ac3fd7edac279c143a8a4cc5c028f0daa0b5f61ef7eb2ca984d873a1eb541024624b4f9bca73791f443cc2085118943a431d0c44057adea778af72bfb8db3c09ccd85a1038cd074e07e3dd121c59530e6e165c348fa13c325dc36b72d5cf3845f5aa3bc27c0ac2f2b8dba1ee1af181881aab4cad9755883216268598bcf4e52fc4a31aca4873c2c1d08ea0e5fbdd6cd29029b1153645152e2d4f093cf87be3149c348470395d641589a0adaa4d92a85ff77535bb92dd2e57004dbbd99b8d318d9ea327ad437894985b7b24cb87a1de2877cdab8078de5ca4b1241e158770e7175a8a527d4ca9c94c5702c6cdb7ee9c0e42766dc8d49af572d69ff7fe1875c57755884168e0c85f5cc3e2deea42fc12e6a90a06803d1667169958192ae3f9d7106f5e4969a6733ec937e48e2e8b6d32bf0e1e7ae1cffd37ba3600d6e8c251ee99c22b3127278ee5e3fab15c8ddc2c01689dbcee281f16cf43a76b573b2b5d826565a54d5757a05d024fb01f5f7d45b12c2efc88da57fab1d2bba0e403dd8c98654bd70fc23fc8c9ffd12b5575dd71f29c32a9e10389c0eb3f5d72771a3d3ce43ae581d982c9d27b1269086dd0a09d7bb499a41988ea011580e49b5b7135dfbfa81f6a98744528cfeba07245751087867625bbb2535795aca346edee2a6b5d0798353bb3d847c4abbc66064e8182aa95b02bd03c43a1fc02ee36b46a030a5c3536a875db4380752918da3f0d5c2b992df55e26f9ad987afae9febc28518e81c3f2649206ce90a95f11b0f3d379618221d4d6bb42a2b6fd556ccfe28127f5a04742597c0a7c38a62d0830f474b397d20fd04bc30712a4557870192065bb48c9c0ada874a99a4fbc2b09cef33017631b37221a5bc445428349e2dbc2520bb48e6a14787d97534dd01af60e7ea8351b72c7db83581b143d1e7042af43eb0d511a7abe748cba1ad1900ff3223b859373914b525142b668230604d8d6d57a439fd9e2715ed4669593adf3cd5b85897662b767d9536c172fcacd5ae511260a0169f5b64a1a4085fac619567c32e6d2ea08d83098c1e751ea1d5df2d90b704346fd65be32e5b04076a005128c8fe45eb895b2bb2dacdd306e20afcd29669519a8e95d26cc9986d43d262d1355652388b0f26ca93abf10137fadec4d1036cf085ae949997b5e29388e4b8049ac6f95b0381592af8ab8c644de162d1804a827f28c295d4965588c2be8db04b23b53f80aa7b75baf6ab8aef4e7b0b6d3c462e71e14113b2ba78163c46ab9814d80c76af1dd78e64e7832f35f6750858a50f6e5666a87090b8a07b47f43a322016bf30cd1c83a5383187a62b4d931a0d4b65e7976b0f1f6f6b0f89f990d0881095489f535f8885105116ee7afbe90457fae6d40886602fb1db3b0622e57f893cd2c11669ce8735b92e9f4fc430ebbb259b3eea9011027ed12161a9a691abc996f5ce17940e4e4791a58d6fe382b77b686f627eb559497555adb9744527696f09a6d9cab0a293070d44c874bd92bd2d2d05942544df30efa05df7673e85b4358a8b41784518a057ffac54b9a6cd98b4e6e7f61d999ba954bc957ff940ac5543f45f244b6831e265752a88b523ac462d5eeb1f87c4a98287b4e13fdbf7c849110c883b835608097320f0262c4067a670eed1c634891e77ec028a7f43c6f980d7d8ebb456a99fd3d97da574d0ec724991b931b8b58c71a91fb012b8c24fd03955caaa2a98e91dacb2818100bbde4dc905263e417dc00e986f2657d8f053afc8eaa3c8e2d1576a3d9cad7a00bcc776b7569d67c70fc74ed03ee1a0675ae17159fcaa57cef733d75a172406458d0038d21c17245315bbce0bdc6ea782c3d94ccd96b83e17bb061b84bfe2eae48ae731c43f1d5ac94a6ad731fe6bbee8c0c469f45284f0340153e56cc3e93c7c6c75d06b83632b4245acb4ff0c3b1df758c100ddf9ddbfe63c0912f6d5178753430022b742169ac875d5e6d7b4d23eb2e608f60f1762b53d4802d3d05d2b60e23103e2971df20fe53c0904ac931ad6d2b9b5351fab0ba5cb21481a7792d4be16e391b85c5258236e337f7c25b87fc32e379f6a2284b57e71495ff7f75", 0x1000}}, 0x1006) fsetxattr$trusted_overlay_nlink(r2, &(0x7f0000000080), &(0x7f0000000180)={'L+', 0x6}, 0x16, 0x0) getpid() connect$inet(r0, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0xa00) 2m7.788571303s ago: executing program 4 (id=205): r0 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10) r4 = syz_pidfd_open(r0, 0x0) setns(r4, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) 2m6.886730807s ago: executing program 4 (id=207): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='sched_switch\x00'}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=ANY=[@ANYRES32, @ANYBLOB="05001b003a000000"], 0x2c}}, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x40) ioctl$EVIOCGBITSND(r3, 0x80404532, &(0x7f0000000040)=""/16) 2m2.583315802s ago: executing program 4 (id=210): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600000000000800030001000000df"], 0x34}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) 1m13.911196723s ago: executing program 6 (id=286): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1018000, &(0x7f0000000100)=ANY=[], 0x1, 0x2f2, &(0x7f0000000b00)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji3pNDU1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpO4CU0iJ8PwmZw9x7eu9tB3LuhGHrzuvH+aylZfWyBKNKAiIi2yKjEhRPwD0GnTgiu72Qi0PfPv5/6+69G6l0empWqenU3KWkUmpk7N2TZzG32/qgbI4+2Pqa/LL59+a/Wz/nHuUslbNUoVhWupovfi7r86ahFnNWXlNqxjR0y1C5gmWU6u3FenvWLC4tVZVeWByOL5UMy1J6oaryRlWVi6pcqqrQQz1XUJqmqeG44CCZldlZPdVh8kKXJ4NjUiql9JCIxNpaMit9mRAAAOir1vo/KKqb9f/quY3y0O21Ebf+X4/41f+XP9Vfq6n+j4qIb/3vje9b/+uHq//bK6Kz5Uj1P06GsUjbqUAjrDWWUnrc/fl1vLy/Ou4E1P8AAAAAAAAAAAAAAAAAAAAAAPwJtm07Ydt2wjt6X4MiEhUR73uf1JCIXO3DlNFFR/j8cQo0HtwLj4iYryqZSqZ+dDtsiIgphoxLQn4414OrFntPHqmaUXlvLrv5y5VMyGlJZSXn5E9IYkBa8217+np6akLVNecPSHx3flIS8pd/frItf3C5konIhfO78jVJyIcFKYopi848GvnPJ5S6djPdMn7M6QcAAAAAwGmgqR2++3dN26u9nr+zv269PxBq7K/Hfff3Yfkv3N+1AwAAAABwVljVp3ndNI3SPkFMDu7TeRA+plf2Vvi7Wd7fMhzfSvcJvMGbmqLuya6/LYFDvC17BEHpJGusthp11FV4t4326iMzk737BJum8c+bt9+7N8SVtegBK+08CO1/AQz07BcQAAAAgJ5pFP3emcn+TggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDOoF/8mrd9rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6KXwEAAP//ziYEEA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b) 1m12.978500894s ago: executing program 6 (id=287): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x83, &(0x7f0000000140)={r5}, 0x8) 1m11.874904694s ago: executing program 6 (id=290): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x22, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x200000b, &(0x7f0000000380)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRES64, @ANYRES64=0x0], 0x0, 0x257, &(0x7f00000000c0)="$eJzs3c9qG0ccB/DfSrIttwf50FMpdKE99GRsP4FMcaHUpxYd2h5aU9tQJGGwQWC3VPjUJ8hr5JLnyCVvkAcI5JaADRPWkiwryIkV609wPp+Lhp357m9md5FOO/rzq3Zz/+jk8Pzf51GtZlGqRz27eBwDKwEAPDSvU4qXqWeyZKU0qzkBALN1x9//1TlOCQCYsV9+/e2n7d3dnZ/zvBrR/r/TyKL32evfPoy/oxUHsRG1uIxI13rtH37c3YlKXliLb9vdTqNItv942j//9ouIq/xm1GJtfH4z77mR73YaS/FZv369yG9FLb4Yn98ak4/Gcnz3zY35r0ctnv0VR9GK/Siyw/x/m3n+fXr06p/fixkX+azbaaxcjRtK5bnfHAAAAAAAAAAAAAAAAAAAAAAAHqz1PM/zlJ6klFJ3ZP+d8uVV/3o+sDa6P08vf9v+QN0b++tsFCWy3vhhvhJfVqKyyLUDAAAAAAAAAAAAAAAAAADAx+Lk9Ky512odHN+vkcXIkcFr/SNjVvsHP6jEIHzfqUZ5cKIsYjprv3+jWNycan0dE9aqT1giSqdnzcHT1dzL3ne7qzGblaa3H7/jk9PyranlKRS9SCktfz7dVWQRsXR9Md81uBRL072Gc/sKAgAAAAAAAAAAAAAAAAAA+oYv/Y7pPF/AhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAYb//z9Bo9sP3zG14CUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwCXgTAAD//zbXdlQ=") syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x7e, 0x8, 0x8}}}, 0xc) 1m10.73857699s ago: executing program 6 (id=292): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) fcntl$addseals(0xffffffffffffffff, 0x409, 0x7) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) syz_emit_ethernet(0x82, 0x0, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f0000000f00)={0x2020}, 0x2020) 1m10.625983066s ago: executing program 6 (id=293): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = inotify_init1(0x0) r4 = inotify_add_watch(r3, &(0x7f0000000200)='.\x00', 0x400) r5 = dup(r3) unshare(0x22020400) inotify_rm_watch(r5, r4) 1m3.847724479s ago: executing program 6 (id=304): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x1f87, &(0x7f0000000500), &(0x7f0000000400)=0x0, &(0x7f0000000280)) r5 = syz_io_uring_setup(0x1de5, &(0x7f0000000340)={0x0, 0xfffffffe, 0x10100, 0x0, 0x245, 0x0, r3}, &(0x7f0000000140), &(0x7f0000000100)=0x0) r7 = socket$tipc(0x1e, 0x5, 0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000800)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}) io_uring_enter(r5, 0x19d8, 0xc74a, 0x0, 0x0, 0x0) 1m3.559950151s ago: executing program 34 (id=304): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x1f87, &(0x7f0000000500), &(0x7f0000000400)=0x0, &(0x7f0000000280)) r5 = syz_io_uring_setup(0x1de5, &(0x7f0000000340)={0x0, 0xfffffffe, 0x10100, 0x0, 0x245, 0x0, r3}, &(0x7f0000000140), &(0x7f0000000100)=0x0) r7 = socket$tipc(0x1e, 0x5, 0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000800)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}) io_uring_enter(r5, 0x19d8, 0xc74a, 0x0, 0x0, 0x0) 5.667622247s ago: executing program 5 (id=380): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000004000000040000000300"], 0x48) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x60}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x7, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 5.61246366s ago: executing program 0 (id=389): syz_init_net_socket$x25(0x9, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = io_uring_setup(0x67a6, 0x0) r4 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x1, 0x6, 0x800001b8, 0x0, r3}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4) io_uring_enter(r4, 0x47ba, 0x3000000, 0x0, 0x0, 0x0) 4.644873623s ago: executing program 0 (id=381): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r3, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) 3.709677838s ago: executing program 7 (id=305): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace(0x8, r3) r4 = syz_pidfd_open(r3, 0x0) process_mrelease(r4, 0x700000000000000) 3.675036393s ago: executing program 5 (id=382): ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = getpgid(0x0) prlimit64(r0, 0xe, &(0x7f00000002c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000e40)=@mangle={'mangle\x00', 0x64, 0x6, 0x500, 0x0, 0x270, 0xd0, 0x340, 0x0, 0x430, 0x430, 0x430, 0x430, 0x430, 0x6, 0x0, {[{{@ipv6={@private0, @private1, [], [], 'veth1\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28}}, {{@ipv6={@private1, @loopback, [], [], 'tunl0\x00', 'bridge_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x270}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x11, 0x1, 0x3, 0x44}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x560) bpf$PROG_LOAD(0x5, 0x0, 0x0) 2.891029511s ago: executing program 0 (id=383): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414bb0800060001"], 0x30}}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r7, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40) 2.746835832s ago: executing program 7 (id=384): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setxattr(0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) socket(0x8, 0x3, 0x80000001) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001480)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5e}, {@in6=@loopback, 0x4d4, 0x32}, @in=@dev, {0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4da}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x1, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x4e21, 0x4e23, @in=@rand_addr=0x64010101}}]}, 0x154}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 2.722465125s ago: executing program 5 (id=385): prlimit64(0x0, 0xe, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa2bb1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x71) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e000000000000000000140000001100", @ANYRES16], 0x80}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 2.560011386s ago: executing program 0 (id=386): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0) sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00) 1.170035975s ago: executing program 5 (id=387): socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) socket(0x400000000010, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000580)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 1.035578152s ago: executing program 7 (id=388): r0 = socket$unix(0x1, 0x2, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c) setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, 0x0, 0x0) setsockopt$MRT_DEL_MFC_PROXY(r1, 0x0, 0xd3, 0x0, 0x0) syz_emit_ethernet(0x62, 0x0, 0x0) close(r0) r2 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) read$char_usb(r4, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 997.917798ms ago: executing program 0 (id=390): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c) 948.171185ms ago: executing program 5 (id=391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = memfd_create(&(0x7f0000000000)='cW\xfe\xc7\x00\x10', 0x0) pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000100)="db9962", 0x3}], 0x1, 0x4000001, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) sendfile(r4, r3, 0x0, 0x3) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0) 778.405456ms ago: executing program 0 (id=392): syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[], 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) eventfd2(0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$igmp(0x2, 0x3, 0x2) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) fsopen(&(0x7f0000000180)='hugetlbfs\x00', 0x1) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200060000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0) 0s ago: executing program 5 (id=393): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000080)="d4", 0x1}], 0x1}, 0x8001) r1 = socket$kcm(0x10, 0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r1, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002ec0)=[{&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001ec0)=""/4096, 0x1000}], 0x2}, 0x10000) kernel console output (not intermixed with test programs): 1): Enslaving as an active interface with an up link [ 41.045874][ T6526] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.047851][ T6526] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.049954][ T6526] bridge_slave_0: entered allmulticast mode [ 41.052768][ T6526] bridge_slave_0: entered promiscuous mode [ 41.055886][ T6526] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.057932][ T6526] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.060011][ T6526] bridge_slave_1: entered allmulticast mode [ 41.062648][ T6526] bridge_slave_1: entered promiscuous mode [ 41.115457][ T6529] team0: Port device team_slave_0 added [ 41.126080][ T6520] team0: Port device team_slave_0 added [ 41.136203][ T6516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.136380][ T6517] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.136455][ T6517] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.136571][ T6517] bridge_slave_0: entered allmulticast mode [ 41.137991][ T6517] bridge_slave_0: entered promiscuous mode [ 41.142118][ T6529] team0: Port device team_slave_1 added [ 41.151043][ T6520] team0: Port device team_slave_1 added [ 41.154358][ T6526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.155965][ T6526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.164719][ T6516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.167650][ T6517] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.167763][ T6517] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.167916][ T6517] bridge_slave_1: entered allmulticast mode [ 41.168766][ T6517] bridge_slave_1: entered promiscuous mode [ 41.236741][ T6526] team0: Port device team_slave_0 added [ 41.240526][ T6526] team0: Port device team_slave_1 added [ 41.252344][ T6517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.256263][ T6517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.259372][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.261408][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.262664][ T6529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.264289][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.264317][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.264352][ T6529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.265037][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.265060][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.265091][ T6520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.266174][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.266200][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.266232][ T6520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.311179][ T6516] team0: Port device team_slave_0 added [ 41.332500][ T6516] team0: Port device team_slave_1 added [ 41.333994][ T6526] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.334023][ T6526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.334065][ T6526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.335342][ T6526] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.335369][ T6526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.335402][ T6526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.354319][ T6517] team0: Port device team_slave_0 added [ 41.375158][ T6520] hsr_slave_0: entered promiscuous mode [ 41.377507][ T6520] hsr_slave_1: entered promiscuous mode [ 41.393092][ T6517] team0: Port device team_slave_1 added [ 41.403338][ T6529] hsr_slave_0: entered promiscuous mode [ 41.403885][ T6529] hsr_slave_1: entered promiscuous mode [ 41.405329][ T6529] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.405422][ T6529] Cannot create hsr debugfs directory [ 41.421452][ T6516] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.421511][ T6516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.421885][ T6516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.443930][ T6517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.443991][ T6517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.444052][ T6517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.450048][ T6516] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.450081][ T6516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.450120][ T6516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.469595][ T6517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.469648][ T6517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.470008][ T6517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.508844][ T6526] hsr_slave_0: entered promiscuous mode [ 41.511168][ T6526] hsr_slave_1: entered promiscuous mode [ 41.513147][ T6526] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.515342][ T6526] Cannot create hsr debugfs directory [ 41.573469][ T6516] hsr_slave_0: entered promiscuous mode [ 41.575781][ T6516] hsr_slave_1: entered promiscuous mode [ 41.577895][ T6516] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.580245][ T6516] Cannot create hsr debugfs directory [ 41.703675][ T6517] hsr_slave_0: entered promiscuous mode [ 41.704701][ T6517] hsr_slave_1: entered promiscuous mode [ 41.705131][ T6517] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.705162][ T6517] Cannot create hsr debugfs directory [ 41.820093][ T6520] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 41.825519][ T6520] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 41.847535][ T6520] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 41.877097][ T6520] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 41.942657][ T6529] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 41.947235][ T6529] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 41.957934][ T6529] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 41.981149][ T6529] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 41.999090][ T6526] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 42.015921][ T6526] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 42.020858][ T6526] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 42.025144][ T6526] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 42.066140][ T6517] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 42.081132][ T6517] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 42.106304][ T6517] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 42.112143][ T6517] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 42.147147][ T6516] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 42.158982][ T6520] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.162537][ T6516] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 42.178091][ T6516] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 42.182159][ T6516] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 42.210069][ T6520] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.237277][ T6529] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.244923][ T2225] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.245083][ T2225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.258584][ T393] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.258677][ T393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.273343][ T6529] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.279112][ T6526] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.300067][ T6520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 42.300899][ T6520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 42.302825][ T2225] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.302876][ T2225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.315866][ T2225] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.315954][ T2225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.321009][ T6086] Bluetooth: hci1: command tx timeout [ 42.346971][ T6517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.362748][ T6526] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.375111][ T393] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.375197][ T393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.381512][ T393] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.381594][ T393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.385487][ T6529] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 42.400784][ T6086] Bluetooth: hci4: command tx timeout [ 42.413196][ T6086] Bluetooth: hci2: command tx timeout [ 42.413403][ T6086] Bluetooth: hci0: command tx timeout [ 42.416229][ T52] Bluetooth: hci3: command tx timeout [ 42.439817][ T6517] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.462331][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.462424][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.472362][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.472440][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.525743][ T6516] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.546674][ T6516] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.558999][ T6520] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.594540][ T172] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.594634][ T172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.596920][ T172] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.596972][ T172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.602899][ T6529] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.630529][ T6520] veth0_vlan: entered promiscuous mode [ 42.635703][ T6520] veth1_vlan: entered promiscuous mode [ 42.648340][ T6520] veth0_macvtap: entered promiscuous mode [ 42.696843][ T6529] veth0_vlan: entered promiscuous mode [ 42.727310][ T6520] veth1_macvtap: entered promiscuous mode [ 42.746044][ T6529] veth1_vlan: entered promiscuous mode [ 42.785611][ T6529] veth0_macvtap: entered promiscuous mode [ 42.798822][ T6526] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.812152][ T6517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.815608][ T6529] veth1_macvtap: entered promiscuous mode [ 42.819104][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.829572][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.849428][ T6520] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.849552][ T6520] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.849584][ T6520] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.849615][ T6520] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.879737][ T6516] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.901472][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.925016][ T6526] veth0_vlan: entered promiscuous mode [ 42.934007][ T6526] veth1_vlan: entered promiscuous mode [ 42.941678][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.945609][ T6529] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.948528][ T6529] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.953093][ T6529] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.955971][ T6529] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.037600][ T393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.040041][ T393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.077567][ T2225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.077665][ T2225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.091022][ T6526] veth0_macvtap: entered promiscuous mode [ 43.094624][ T6526] veth1_macvtap: entered promiscuous mode [ 43.112778][ T6516] veth0_vlan: entered promiscuous mode [ 43.119768][ T6516] veth1_vlan: entered promiscuous mode [ 43.126708][ T2225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.126768][ T2225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.127848][ T6526] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.146818][ T172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.146890][ T172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.153258][ T6526] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.154883][ T6526] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.154927][ T6526] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.154958][ T6526] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.154988][ T6526] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.218107][ T6517] veth0_vlan: entered promiscuous mode [ 43.235843][ T6516] veth0_macvtap: entered promiscuous mode [ 43.248938][ T6516] veth1_macvtap: entered promiscuous mode [ 43.257503][ T6517] veth1_vlan: entered promiscuous mode [ 43.259698][ T6529] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 43.278609][ T2225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.278675][ T2225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.307801][ T6516] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.309780][ T6516] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.319505][ T6516] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.322749][ T6516] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.325354][ T6516] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.328084][ T6516] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.362899][ T2225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.367430][ T2225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.388939][ T6517] veth0_macvtap: entered promiscuous mode [ 43.424705][ T6517] veth1_macvtap: entered promiscuous mode [ 44.420593][ T52] Bluetooth: hci1: command tx timeout [ 44.480676][ T6523] Bluetooth: hci0: command tx timeout [ 44.480775][ T6523] Bluetooth: hci2: command tx timeout [ 44.480826][ T6523] Bluetooth: hci4: command tx timeout [ 44.485567][ T52] Bluetooth: hci3: command tx timeout [ 44.508584][ T6517] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.132876][ T6517] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.185172][ T6517] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.185247][ T6517] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.185278][ T6517] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.185308][ T6517] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.211032][ T6639] netlink: 156 bytes leftover after parsing attributes in process `syz.3.6'. [ 45.254098][ T6641] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 45.259094][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.259159][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.348383][ T6646] IPVS: set_ctl: invalid protocol: 50 172.20.20.170:20001 [ 45.387354][ T6643] warning: `syz.2.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 45.396616][ T6643] loop2: detected capacity change from 0 to 8 [ 45.430844][ T6643] Filesystem uses "unknown" compression. This is not supported [ 46.720725][ T52] Bluetooth: hci1: command tx timeout [ 46.720811][ T52] Bluetooth: hci3: command tx timeout [ 46.720869][ T52] Bluetooth: hci4: command tx timeout [ 46.720909][ T52] Bluetooth: hci2: command tx timeout [ 46.720949][ T52] Bluetooth: hci0: command tx timeout [ 46.919367][ T393] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.919427][ T393] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.988443][ T6646] netlink: 'syz.0.7': attribute type 1 has an invalid length. [ 47.032844][ T6656] syz.3.10 uses obsolete (PF_INET,SOCK_PACKET) [ 47.037648][ T172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.041418][ T172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.069811][ T172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.069873][ T172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.262708][ T6677] loop2: detected capacity change from 0 to 256 [ 48.263301][ T6677] ======================================================= [ 48.263301][ T6677] WARNING: The mand mount option has been deprecated and [ 48.263301][ T6677] and is ignored by this kernel. Remove the mand [ 48.263301][ T6677] option from the mount to silence this warning. [ 48.263301][ T6677] ======================================================= [ 48.368928][ T6677] FAT-fs (loop2): Directory bread(block 64) failed [ 48.369368][ T6677] FAT-fs (loop2): Directory bread(block 65) failed [ 48.369824][ T6677] FAT-fs (loop2): Directory bread(block 66) failed [ 48.370067][ T6677] FAT-fs (loop2): Directory bread(block 67) failed [ 48.370740][ T6677] FAT-fs (loop2): Directory bread(block 68) failed [ 48.370905][ T6677] FAT-fs (loop2): Directory bread(block 69) failed [ 48.371293][ T6677] FAT-fs (loop2): Directory bread(block 70) failed [ 48.371400][ T6677] FAT-fs (loop2): Directory bread(block 71) failed [ 48.371787][ T6677] FAT-fs (loop2): Directory bread(block 72) failed [ 48.372003][ T6677] FAT-fs (loop2): Directory bread(block 73) failed [ 48.820787][ T6086] Bluetooth: hci0: command tx timeout [ 48.821392][ T6086] Bluetooth: hci2: command tx timeout [ 48.821780][ T6086] Bluetooth: hci4: command tx timeout [ 48.822236][ T6086] Bluetooth: hci3: command tx timeout [ 48.822586][ T6086] Bluetooth: hci1: command tx timeout [ 49.507376][ T6690] netlink: 'syz.3.15': attribute type 10 has an invalid length. [ 52.216907][ T6689] bridge_slave_0: left allmulticast mode [ 52.216984][ T6689] bridge_slave_0: left promiscuous mode [ 52.263964][ T6689] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.288778][ T6689] bridge_slave_1: left allmulticast mode [ 52.288848][ T6689] bridge_slave_1: left promiscuous mode [ 52.289221][ T6689] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.316073][ T6689] bond0: (slave bond_slave_0): Releasing backup interface [ 52.317899][ T6707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 52.318238][ T6707] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 52.336490][ T6707] netlink: 4344 bytes leftover after parsing attributes in process `syz.1.19'. [ 52.343674][ T6707] netlink: 104 bytes leftover after parsing attributes in process `syz.1.19'. [ 52.367500][ T6689] bond0: (slave bond_slave_1): Releasing backup interface [ 52.430082][ T6689] team0: Port device team_slave_0 removed [ 52.441076][ T6689] team0: Port device team_slave_1 removed [ 52.443525][ T6689] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 52.445818][ T6689] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 52.451380][ T6689] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 52.455926][ T6689] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 52.559649][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'. [ 52.566540][ T6690] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 52.708387][ T6717] loop3: detected capacity change from 0 to 512 [ 52.711297][ T6717] ext4: Unknown parameter 'fscontext' [ 52.781736][ T6723] loop3: detected capacity change from 0 to 128 [ 52.797151][ T6721] loop0: detected capacity change from 0 to 2048 [ 52.811307][ T6721] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 52.825180][ T6723] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 52.867627][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.875555][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.893761][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.893866][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.907860][ T6727] loop2: detected capacity change from 0 to 256 [ 52.909720][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.919872][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.939131][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.939196][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.948913][ T6727] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 52.949011][ T6727] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 52.956635][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.963291][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.984468][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.984544][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 52.990259][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 52.994138][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 53.003643][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 53.003724][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 53.009728][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 53.009772][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 53.013456][ T6727] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 53.014081][ T6723] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.27: No space for directory leaf checksum. Please run e2fsck -D. [ 53.014124][ T6723] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.27: checksumming directory block 0 [ 53.793390][ T6529] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 53.872650][ T6730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29'. [ 55.783926][ T6756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.37'. [ 55.811823][ T6759] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.399594][ T6769] loop3: detected capacity change from 0 to 128 [ 57.402467][ T6768] binder: 6764:6768 tried to acquire reference to desc 0, got 1 instead [ 57.403595][ T6768] binder_alloc: 6764: pid 6764 spamming oneway? 1 buffers allocated for a total size of 4096 [ 57.407060][ T6768] binder_alloc: 6764: pid 6764 spamming oneway? 2 buffers allocated for a total size of 5120 [ 57.407472][ T6768] binder: 6764:6768 BC_FREE_BUFFER matched unreturned or currently freeing buffer at offset 0 [ 57.408077][ T6624] binder: undelivered TRANSACTION_COMPLETE [ 57.408152][ T6624] binder: undelivered TRANSACTION_COMPLETE [ 57.408191][ T6624] binder: undelivered TRANSACTION_COMPLETE [ 57.483937][ T6774] loop2: detected capacity change from 0 to 64 [ 58.073860][ T1814] binder: undelivered transaction 6, process died. [ 58.073935][ T1814] binder: undelivered transaction 7, process died. [ 58.073977][ T1814] binder: undelivered transaction 5, process died. [ 59.203570][ T6784] loop4: detected capacity change from 0 to 4096 [ 59.209598][ T6788] syz_tun: entered allmulticast mode [ 59.275143][ T6795] loop0: detected capacity change from 0 to 256 [ 59.332994][ T6795] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.336755][ T6795] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 59.358313][ T6795] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 60.397309][ T6086] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 60.400702][ T6086] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 60.403431][ T6086] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 60.406389][ T6086] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 60.409198][ T6086] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 61.307125][ T6794] dvmrp1: entered allmulticast mode [ 61.463049][ T6787] syz_tun: left allmulticast mode [ 62.548291][ T6086] Bluetooth: hci4: command tx timeout [ 62.573466][ T6680] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.629881][ T6829] loop2: detected capacity change from 0 to 256 [ 64.502866][ T2408] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.503005][ T2408] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.860541][ T6086] Bluetooth: hci4: command tx timeout [ 65.262866][ T6829] FAT-fs (loop2): Directory bread(block 64) failed [ 65.262940][ T6829] FAT-fs (loop2): Directory bread(block 65) failed [ 65.263034][ T6829] FAT-fs (loop2): Directory bread(block 66) failed [ 65.263074][ T6829] FAT-fs (loop2): Directory bread(block 67) failed [ 65.263131][ T6829] FAT-fs (loop2): Directory bread(block 68) failed [ 65.263170][ T6829] FAT-fs (loop2): Directory bread(block 69) failed [ 65.263227][ T6829] FAT-fs (loop2): Directory bread(block 70) failed [ 65.263267][ T6829] FAT-fs (loop2): Directory bread(block 71) failed [ 65.263327][ T6829] FAT-fs (loop2): Directory bread(block 72) failed [ 65.263365][ T6829] FAT-fs (loop2): Directory bread(block 73) failed [ 65.612354][ T6845] netlink: 48 bytes leftover after parsing attributes in process `syz.4.62'. [ 65.905998][ T6847] netlink: 'syz.0.60': attribute type 10 has an invalid length. [ 65.927538][ T6680] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.352580][ T6849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 67.190575][ T6086] Bluetooth: hci4: command tx timeout [ 67.328572][ T6843] bridge_slave_0: left allmulticast mode [ 67.330472][ T6843] bridge_slave_0: left promiscuous mode [ 67.333216][ T6843] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.403765][ T6843] bridge_slave_1: left allmulticast mode [ 67.405400][ T6843] bridge_slave_1: left promiscuous mode [ 67.407928][ T6843] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.476040][ T6843] bond0: (slave bond_slave_0): Releasing backup interface [ 67.599706][ T6843] bond0: (slave bond_slave_1): Releasing backup interface [ 68.329259][ T6843] team0: Port device team_slave_0 removed [ 68.336265][ T6843] team0: Port device team_slave_1 removed [ 68.338904][ T6843] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.341447][ T6843] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.344963][ T6843] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.345046][ T6843] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.360989][ T6844] syz_tun: entered allmulticast mode [ 68.361192][ T6844] syz_tun: left allmulticast mode [ 68.386697][ T6847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.437495][ T6862] binder: 6861:6862 tried to acquire reference to desc 0, got 1 instead [ 68.438656][ T6862] binder: 6861:6862 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 68.438704][ T6862] binder: 6862 RLIMIT_NICE not set [ 68.438728][ T6862] binder: 6862 RLIMIT_NICE not set [ 68.440921][ T6580] binder: release 6861:6862 transaction 12 out, still active [ 68.441011][ T6580] binder: undelivered TRANSACTION_COMPLETE [ 68.450154][ T6580] binder: release 6861:6862 transaction 12 in, still active [ 68.450246][ T6580] binder: send failed reply for transaction 12, target dead [ 68.468520][ T6858] loop2: detected capacity change from 0 to 40427 [ 68.492326][ T6858] F2FS-fs (loop2): build fault injection rate: 771 [ 68.544175][ T6858] F2FS-fs (loop2): invalid crc value [ 68.676344][ T6858] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 68.683698][ T6680] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.201248][ T6086] Bluetooth: hci4: command tx timeout [ 69.691502][ T3909] cfg80211: failed to load regulatory.db [ 70.791745][ T6680] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.123707][ T6803] chnl_net:caif_netlink_parms(): no params data found [ 73.893380][ T6912] loop0: detected capacity change from 0 to 512 [ 73.988935][ T6912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.001507][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.4.79'. [ 74.195760][ T6912] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.78: path /15/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 74.205638][ T6912] EXT4-fs (loop0): Remounting filesystem read-only [ 74.521667][ T6909] loop1: detected capacity change from 0 to 40427 [ 74.639438][ T6909] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 74.765229][ T6526] syz-executor: attempt to access beyond end of device [ 74.765229][ T6526] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 74.765981][ T6526] CPU: 0 UID: 0 PID: 6526 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 74.766007][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 74.766015][ T6526] Call trace: [ 74.766019][ T6526] show_stack+0x2c/0x3c (C) [ 74.766040][ T6526] __dump_stack+0x30/0x40 [ 74.766054][ T6526] dump_stack_lvl+0xd8/0x12c [ 74.766068][ T6526] dump_stack+0x1c/0x28 [ 74.766081][ T6526] f2fs_handle_critical_error+0x34c/0x4b8 [ 74.766094][ T6526] f2fs_stop_checkpoint+0x5c/0x70 [ 74.766107][ T6526] f2fs_write_end_io+0x58c/0x818 [ 74.766119][ T6526] bio_endio+0x804/0x840 [ 74.766131][ T6526] submit_bio_noacct+0x158/0x176c [ 74.766144][ T6526] submit_bio+0x354/0x4d4 [ 74.766157][ T6526] f2fs_submit_write_bio+0x13c/0x324 [ 74.766168][ T6526] __submit_merged_bio+0x254/0x704 [ 74.766180][ T6526] __submit_merged_write_cond+0x23c/0x4ac [ 74.766191][ T6526] f2fs_write_data_pages+0x1d28/0x2634 [ 74.766203][ T6526] do_writepages+0x270/0x468 [ 74.766218][ T6526] filemap_fdatawrite+0x144/0x1e8 [ 74.766232][ T6526] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 74.766246][ T6526] f2fs_write_checkpoint+0x684/0x1694 [ 74.766260][ T6526] kill_f2fs_super+0x21c/0x584 [ 74.766272][ T6526] deactivate_locked_super+0xc4/0x12c [ 74.766283][ T6526] deactivate_super+0xe0/0x100 [ 74.766294][ T6526] cleanup_mnt+0x31c/0x3ac [ 74.766306][ T6526] __cleanup_mnt+0x20/0x30 [ 74.766332][ T6526] task_work_run+0x1dc/0x260 [ 74.766343][ T6526] do_notify_resume+0x16c/0x1ec [ 74.766355][ T6526] el0_svc+0xb4/0x17c [ 74.766369][ T6526] el0t_64_sync_handler+0x78/0x108 [ 74.766381][ T6526] el0t_64_sync+0x198/0x19c [ 74.767996][ T6526] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 74.778653][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.105473][ T6943] tmpfs: Unknown parameter 'quot' [ 80.263182][ T6516] syz-executor: attempt to access beyond end of device [ 80.263182][ T6516] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 80.263296][ T6516] CPU: 1 UID: 0 PID: 6516 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 80.263313][ T6516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 80.263321][ T6516] Call trace: [ 80.263325][ T6516] show_stack+0x2c/0x3c (C) [ 80.263345][ T6516] __dump_stack+0x30/0x40 [ 80.263360][ T6516] dump_stack_lvl+0xd8/0x12c [ 80.263374][ T6516] dump_stack+0x1c/0x28 [ 80.263386][ T6516] f2fs_handle_critical_error+0x34c/0x4b8 [ 80.263400][ T6516] f2fs_stop_checkpoint+0x5c/0x70 [ 80.263413][ T6516] f2fs_write_end_io+0x58c/0x818 [ 80.263425][ T6516] bio_endio+0x804/0x840 [ 80.263437][ T6516] submit_bio_noacct+0x158/0x176c [ 80.263451][ T6516] submit_bio+0x354/0x4d4 [ 80.263463][ T6516] f2fs_submit_write_bio+0x13c/0x324 [ 80.263475][ T6516] __submit_merged_bio+0x254/0x704 [ 80.263486][ T6516] __submit_merged_write_cond+0x23c/0x4ac [ 80.263497][ T6516] f2fs_write_data_pages+0x1d28/0x2634 [ 80.263509][ T6516] do_writepages+0x270/0x468 [ 80.263524][ T6516] filemap_fdatawrite+0x144/0x1e8 [ 80.263539][ T6516] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 80.263553][ T6516] f2fs_write_checkpoint+0x684/0x1694 [ 80.263567][ T6516] kill_f2fs_super+0x21c/0x584 [ 80.263578][ T6516] deactivate_locked_super+0xc4/0x12c [ 80.263590][ T6516] deactivate_super+0xe0/0x100 [ 80.263601][ T6516] cleanup_mnt+0x31c/0x3ac [ 80.263612][ T6516] __cleanup_mnt+0x20/0x30 [ 80.263623][ T6516] task_work_run+0x1dc/0x260 [ 80.263635][ T6516] do_notify_resume+0x16c/0x1ec [ 80.263647][ T6516] el0_svc+0xb4/0x17c [ 80.263660][ T6516] el0t_64_sync_handler+0x78/0x108 [ 80.263672][ T6516] el0t_64_sync+0x198/0x19c [ 80.265471][ T6516] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 83.969631][ T6975] netlink: 'syz.1.91': attribute type 1 has an invalid length. [ 84.330442][ T6680] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 84.415725][ T6680] bond0 (unregistering): Released all slaves [ 84.423491][ T6803] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.423564][ T6803] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.423877][ T6803] bridge_slave_0: entered allmulticast mode [ 84.424780][ T6803] bridge_slave_0: entered promiscuous mode [ 84.666296][ T6803] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.666381][ T6803] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.666577][ T6803] bridge_slave_1: entered allmulticast mode [ 84.667575][ T6803] bridge_slave_1: entered promiscuous mode [ 84.744244][ T6803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.746220][ T6803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.401889][ T6989] loop2: detected capacity change from 0 to 2048 [ 85.405975][ T6989] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 85.409927][ T6989] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 85.584907][ T6803] team0: Port device team_slave_0 added [ 85.586673][ T6803] team0: Port device team_slave_1 added [ 85.786573][ T6999] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 86.737594][ T7013] netlink: 'syz.4.98': attribute type 4 has an invalid length. [ 87.669964][ T7020] netlink: 36 bytes leftover after parsing attributes in process `syz.2.100'. [ 87.677440][ T7023] loop1: detected capacity change from 0 to 64 [ 87.681376][ T7023] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 87.735566][ T7021] netlink: 'syz.0.99': attribute type 1 has an invalid length. [ 87.785968][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.786031][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.786398][ T6803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.787740][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.787940][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.788127][ T6803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.880170][ T6803] hsr_slave_0: entered promiscuous mode [ 87.882949][ T6803] hsr_slave_1: entered promiscuous mode [ 87.885707][ T6803] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.900694][ T6803] Cannot create hsr debugfs directory [ 88.190211][ T7040] Zero length message leads to an empty skb [ 88.744530][ T7021] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 88.903325][ T6680] hsr_slave_0: left promiscuous mode [ 88.905559][ T6680] hsr_slave_1: left promiscuous mode [ 89.054716][ T6680] veth1_macvtap: left promiscuous mode [ 89.065838][ T6680] veth0_macvtap: left promiscuous mode [ 89.067591][ T6680] veth1_vlan: left promiscuous mode [ 89.069463][ T6680] veth0_vlan: left promiscuous mode [ 90.115655][ T7060] netlink: 12 bytes leftover after parsing attributes in process `syz.2.108'. [ 93.333211][ T7078] loop0: detected capacity change from 0 to 40427 [ 93.970657][ T7078] F2FS-fs (loop0): build fault injection rate: 771 [ 94.345794][ T7078] F2FS-fs (loop0): invalid crc value [ 94.396895][ T7078] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 95.599325][ T7093] loop4: detected capacity change from 0 to 512 [ 95.794340][ T7093] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 95.800060][ T7093] EXT4-fs (loop4): mount failed [ 98.527550][ T7117] netfs: Couldn't get user pages (rc=-14) [ 98.666541][ T7122] loop0: detected capacity change from 0 to 1024 [ 98.683363][ T7122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.556931][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.310752][ T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 104.312847][ T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 104.313522][ T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 104.314477][ T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 104.315197][ T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 106.686388][ T6086] Bluetooth: hci5: command tx timeout [ 106.775241][ T7176] loop4: detected capacity change from 0 to 128 [ 106.824559][ T7176] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 106.868930][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.869000][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 106.881369][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.881439][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 106.891051][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.891115][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 106.911489][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.915714][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 106.933342][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.937654][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 106.948831][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 106.953613][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 107.021437][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 107.021512][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 107.035579][ T7186] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 107.035645][ T7186] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 107.037222][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 107.037276][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 107.047313][ T7176] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.134: No space for directory leaf checksum. Please run e2fsck -D. [ 107.047377][ T7176] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.134: checksumming directory block 0 [ 107.115148][ T6803] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 107.118972][ T6517] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 107.866526][ T6803] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 108.076910][ T6803] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 108.093972][ T6803] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 109.003571][ T6086] Bluetooth: hci5: command tx timeout [ 109.125908][ T31] audit: type=1326 audit(109.110:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.132212][ T31] audit: type=1326 audit(109.110:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.137684][ T31] audit: type=1326 audit(109.110:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.143594][ T31] audit: type=1326 audit(109.110:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.149684][ T31] audit: type=1326 audit(109.110:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.240895][ T31] audit: type=1326 audit(109.110:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.246962][ T31] audit: type=1326 audit(109.110:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.259521][ T31] audit: type=1326 audit(109.110:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.265627][ T31] audit: type=1326 audit(109.110:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 109.277512][ T31] audit: type=1326 audit(109.110:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7171 comm="syz.0.132" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7fc00000 [ 110.376974][ T7153] chnl_net:caif_netlink_parms(): no params data found [ 111.128799][ T6086] Bluetooth: hci5: command tx timeout [ 111.244205][ T7233] loop4: detected capacity change from 0 to 2048 [ 111.257943][ T7233] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 111.275807][ T7153] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.277872][ T7153] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.278078][ T7153] bridge_slave_0: entered allmulticast mode [ 111.284020][ T7153] bridge_slave_0: entered promiscuous mode [ 111.298517][ T7153] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.300942][ T7153] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.303227][ T7153] bridge_slave_1: entered allmulticast mode [ 111.305915][ T7153] bridge_slave_1: entered promiscuous mode [ 111.331852][ T7238] netlink: 'syz.1.144': attribute type 10 has an invalid length. [ 111.357867][ T7238] syz_tun: entered promiscuous mode [ 111.371395][ T7238] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 111.402193][ T7153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.416835][ T7153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 111.528884][ T7153] team0: Port device team_slave_0 added [ 111.544957][ T7153] team0: Port device team_slave_1 added [ 112.771787][ T6803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.798739][ T7153] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.862120][ T7153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.862198][ T7153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.863520][ T7153] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.863546][ T7153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.863586][ T7153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.944933][ T7259] loop1: detected capacity change from 0 to 40427 [ 113.095333][ T7259] F2FS-fs (loop1): build fault injection rate: 690 [ 113.098743][ T7259] F2FS-fs (loop1): invalid crc value [ 113.839380][ T6086] Bluetooth: hci5: command tx timeout [ 114.162035][ T7259] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 114.206221][ T7259] syz.1.146: attempt to access beyond end of device [ 114.206221][ T7259] loop1: rw=2049, sector=45096, nr_sectors = 96 limit=40427 [ 114.215447][ T7259] syz.1.146: attempt to access beyond end of device [ 114.215447][ T7259] loop1: rw=2049, sector=45192, nr_sectors = 8 limit=40427 [ 114.261374][ T6803] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.347722][ T6803] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 114.356895][ T6803] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 114.371532][ T7153] hsr_slave_0: entered promiscuous mode [ 114.372099][ T7153] hsr_slave_1: entered promiscuous mode [ 114.372477][ T7153] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.372518][ T7153] Cannot create hsr debugfs directory [ 114.387729][ T6516] syz-executor: attempt to access beyond end of device [ 114.387729][ T6516] loop1: rw=2049, sector=45200, nr_sectors = 8 limit=40427 [ 114.387814][ T6516] CPU: 0 UID: 0 PID: 6516 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 114.387837][ T6516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.387845][ T6516] Call trace: [ 114.387850][ T6516] show_stack+0x2c/0x3c (C) [ 114.387870][ T6516] __dump_stack+0x30/0x40 [ 114.387884][ T6516] dump_stack_lvl+0xd8/0x12c [ 114.387897][ T6516] dump_stack+0x1c/0x28 [ 114.387910][ T6516] f2fs_handle_critical_error+0x34c/0x4b8 [ 114.387923][ T6516] f2fs_stop_checkpoint+0x5c/0x70 [ 114.387937][ T6516] f2fs_write_end_io+0x58c/0x818 [ 114.387949][ T6516] bio_endio+0x804/0x840 [ 114.387960][ T6516] submit_bio_noacct+0x158/0x176c [ 114.387974][ T6516] submit_bio+0x354/0x4d4 [ 114.387986][ T6516] f2fs_submit_write_bio+0x13c/0x324 [ 114.387998][ T6516] __submit_merged_bio+0x254/0x704 [ 114.388009][ T6516] __submit_merged_write_cond+0x23c/0x4ac [ 114.388020][ T6516] f2fs_write_data_pages+0x1d28/0x2634 [ 114.388032][ T6516] do_writepages+0x270/0x468 [ 114.388047][ T6516] filemap_fdatawrite+0x144/0x1e8 [ 114.388061][ T6516] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 114.388075][ T6516] f2fs_write_checkpoint+0x684/0x1694 [ 114.388089][ T6516] kill_f2fs_super+0x21c/0x584 [ 114.388101][ T6516] deactivate_locked_super+0xc4/0x12c [ 114.388112][ T6516] deactivate_super+0xe0/0x100 [ 114.388123][ T6516] cleanup_mnt+0x31c/0x3ac [ 114.388134][ T6516] __cleanup_mnt+0x20/0x30 [ 114.388145][ T6516] task_work_run+0x1dc/0x260 [ 114.388157][ T6516] do_notify_resume+0x16c/0x1ec [ 114.388169][ T6516] el0_svc+0xb4/0x17c [ 114.388182][ T6516] el0t_64_sync_handler+0x78/0x108 [ 114.388194][ T6516] el0t_64_sync+0x198/0x19c [ 114.388379][ T6516] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 114.394791][ T6680] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.394876][ T6680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.396284][ T6680] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.396342][ T6680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.648449][ T7288] loop4: detected capacity change from 0 to 2048 [ 114.700143][ T7288] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.486353][ T7288] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 115.488850][ T7288] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28 [ 115.488928][ T7288] EXT4-fs (loop4): This should not happen!! Data will be lost [ 115.488928][ T7288] [ 115.488953][ T7288] EXT4-fs (loop4): Total free blocks count 0 [ 115.488976][ T7288] EXT4-fs (loop4): Free/Dirty block details [ 115.489003][ T7288] EXT4-fs (loop4): free_blocks=4096 [ 115.489040][ T7288] EXT4-fs (loop4): dirty_blocks=32 [ 115.489065][ T7288] EXT4-fs (loop4): Block reservation details [ 115.489087][ T7288] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 116.352542][ T7288] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 705 with error 28 [ 116.468302][ T7153] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 116.488190][ T6086] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 116.488297][ T6086] CPU: 1 UID: 0 PID: 6086 Comm: kworker/u9:1 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 116.488313][ T6086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.488320][ T6086] Workqueue: hci2 hci_rx_work [ 116.488337][ T6086] Call trace: [ 116.488341][ T6086] show_stack+0x2c/0x3c (C) [ 116.488361][ T6086] __dump_stack+0x30/0x40 [ 116.488377][ T6086] dump_stack_lvl+0xd8/0x12c [ 116.488391][ T6086] dump_stack+0x1c/0x28 [ 116.488405][ T6086] sysfs_create_dir_ns+0x22c/0x24c [ 116.488420][ T6086] kobject_add_internal+0x5a8/0xb20 [ 116.488436][ T6086] kobject_add+0x134/0x200 [ 116.488449][ T6086] device_add+0x394/0xa60 [ 116.488463][ T6086] hci_conn_add_sysfs+0xc0/0x1d0 [ 116.488477][ T6086] le_conn_complete_evt+0x98c/0xe84 [ 116.488489][ T6086] hci_le_conn_complete_evt+0x114/0x3f8 [ 116.488501][ T6086] hci_le_meta_evt+0x2cc/0x4b0 [ 116.488515][ T6086] hci_event_packet+0x60c/0xe9c [ 116.488528][ T6086] hci_rx_work+0x320/0xb18 [ 116.488538][ T6086] process_one_work+0x7e8/0x155c [ 116.488553][ T6086] worker_thread+0x958/0xed8 [ 116.488567][ T6086] kthread+0x5fc/0x75c [ 116.488580][ T6086] ret_from_fork+0x10/0x20 [ 116.488607][ T6086] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 116.488804][ T6086] Bluetooth: hci2: failed to register connection device [ 116.498479][ T7153] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 116.551438][ T6803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 116.556050][ T7153] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 116.576608][ T7153] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 116.595447][ T7323] loop4: detected capacity change from 0 to 64 [ 118.123316][ T7153] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.148702][ T7153] 8021q: adding VLAN 0 to HW filter on device team0 [ 118.154438][ T393] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.154508][ T393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 118.164585][ T4558] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.164669][ T4558] bridge0: port 2(bridge_slave_1) entered forwarding state [ 118.255274][ T7351] loop1: detected capacity change from 0 to 256 [ 118.276256][ T7351] FAT-fs (loop1): Directory bread(block 64) failed [ 118.276326][ T7351] FAT-fs (loop1): Directory bread(block 65) failed [ 118.276405][ T7351] FAT-fs (loop1): Directory bread(block 66) failed [ 118.276446][ T7351] FAT-fs (loop1): Directory bread(block 67) failed [ 118.276504][ T7351] FAT-fs (loop1): Directory bread(block 68) failed [ 118.276543][ T7351] FAT-fs (loop1): Directory bread(block 69) failed [ 118.276617][ T7351] FAT-fs (loop1): Directory bread(block 70) failed [ 118.276656][ T7351] FAT-fs (loop1): Directory bread(block 71) failed [ 118.276721][ T7351] FAT-fs (loop1): Directory bread(block 72) failed [ 118.276771][ T7351] FAT-fs (loop1): Directory bread(block 73) failed [ 118.355269][ T7356] loop4: detected capacity change from 0 to 1024 [ 118.372864][ T6803] veth0_vlan: entered promiscuous mode [ 118.575202][ T6803] veth1_vlan: entered promiscuous mode [ 119.293725][ T52] Bluetooth: hci1: unknown advertising packet type: 0x82 [ 119.295094][ T52] Bluetooth: hci1: Malformed LE Event: 0x02 [ 119.624871][ T7362] capability: warning: `syz.1.163' uses deprecated v2 capabilities in a way that may be insecure [ 119.717345][ T6803] veth0_macvtap: entered promiscuous mode [ 119.900655][ T6803] veth1_macvtap: entered promiscuous mode [ 119.909198][ T6679] hfsplus: b-tree write err: -5, ino 4 [ 120.592464][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.656963][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.694017][ T7379] binder: BINDER_SET_CONTEXT_MGR already set [ 120.694165][ T7379] binder: 7378:7379 ioctl 4018620d 20000040 returned -16 [ 120.694900][ T7379] binder: 7378:7379 got transaction to invalid handle, 1 [ 120.694967][ T7379] binder: 7379:7378 cannot find target node [ 120.695000][ T7379] binder: 7378:7379 transaction async to 0:0 failed 15/29201/-22, code 0 size 88-0 line 3152 [ 120.805202][ T7153] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.811540][ T24] binder: undelivered TRANSACTION_ERROR: 29201 [ 121.662907][ T6086] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 121.720705][ T6086] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 121.756819][ T6086] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 121.759539][ T6086] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 121.792358][ T6086] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 122.890492][ T7423] loop4: detected capacity change from 0 to 16 [ 123.496235][ T7423] erofs (device loop4): mounted with root inode @ nid 36. [ 124.740572][ T6086] Bluetooth: hci3: command tx timeout [ 125.930739][ T2408] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.933871][ T2408] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.617064][ T6086] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 126.636132][ T7153] veth0_vlan: entered promiscuous mode [ 126.646988][ T7153] veth1_vlan: entered promiscuous mode [ 127.553753][ T6086] Bluetooth: hci3: command tx timeout [ 127.903925][ T7153] veth0_macvtap: entered promiscuous mode [ 127.905934][ T7153] veth1_macvtap: entered promiscuous mode [ 129.240708][ T7153] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 129.264573][ T7153] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 129.266213][ T7153] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.279505][ T7153] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.279569][ T7153] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.279608][ T7153] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.546899][ T7483] ptrace attach of "./syz-executor exec"[6520] was attempted by "./syz-executor exec"[7483] [ 129.611864][ T52] Bluetooth: hci3: command tx timeout [ 130.567444][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.569792][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.571636][ T7392] chnl_net:caif_netlink_parms(): no params data found [ 130.655003][ T12] bridge_slave_1: left allmulticast mode [ 130.655485][ T12] bridge_slave_1: left promiscuous mode [ 130.657566][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.196019][ T12] bridge_slave_0: left allmulticast mode [ 131.199181][ T12] bridge_slave_0: left promiscuous mode [ 131.215183][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.680733][ T52] Bluetooth: hci3: command tx timeout [ 132.799915][ T7529] loop0: detected capacity change from 0 to 32768 [ 132.826465][ T7529] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 132.827635][ T7529] XFS (loop0): Log size 516 blocks too small, minimum size is 636 blocks [ 132.827668][ T7529] XFS (loop0): AAIEEE! Log failed size checks. Abort! [ 132.843753][ T7529] XFS (loop0): log mount failed [ 133.647523][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 133.693689][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 133.732160][ T12] bond0 (unregistering): Released all slaves [ 133.877175][ T6516] bond0: (slave syz_tun): Releasing backup interface [ 133.887976][ T7542] trusted_key: syz.0.197 sent an empty control message without MSG_MORE. [ 134.015768][ T172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.015842][ T172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.275102][ T12] hsr_slave_0: left promiscuous mode [ 135.275731][ T12] hsr_slave_1: left promiscuous mode [ 135.276175][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.276284][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.277013][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.277068][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.357721][ T12] veth1_macvtap: left promiscuous mode [ 135.357819][ T12] veth0_macvtap: left promiscuous mode [ 135.385155][ T12] veth1_vlan: left promiscuous mode [ 135.385285][ T12] veth0_vlan: left promiscuous mode [ 135.457437][ T6086] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 135.463766][ T6086] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 135.472609][ T6086] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 135.481045][ T6086] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 135.483521][ T6086] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 135.506194][ T7557] netlink: 60 bytes leftover after parsing attributes in process `syz.4.201'. [ 135.641480][ T7561] loop4: detected capacity change from 0 to 128 [ 135.708450][ T7561] EXT4-fs (loop4): Test dummy encryption mode enabled [ 135.718339][ T7561] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 136.456369][ T6517] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 136.654351][ T7574] loop4: detected capacity change from 0 to 1024 [ 137.394782][ T7574] hfsplus: xattr searching failed [ 137.395069][ T7574] hfsplus: xattr searching failed [ 137.395183][ T7574] hfsplus: xattr searching failed [ 137.406416][ T7574] hfsplus: xattr searching failed [ 137.537908][ T52] Bluetooth: hci0: command tx timeout [ 139.285748][ T12] team0 (unregistering): Port device team_slave_1 removed [ 139.461933][ T12] team0 (unregistering): Port device team_slave_0 removed [ 139.600973][ T52] Bluetooth: hci0: command tx timeout [ 141.602403][ T7392] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.602517][ T7392] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.602651][ T7392] bridge_slave_0: entered allmulticast mode [ 141.603591][ T7392] bridge_slave_0: entered promiscuous mode [ 141.605049][ T7392] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.605119][ T7392] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.605236][ T7392] bridge_slave_1: entered allmulticast mode [ 141.606172][ T7392] bridge_slave_1: entered promiscuous mode [ 141.651783][ T7575] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 141.651853][ T7575] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 141.680787][ T52] Bluetooth: hci0: command tx timeout [ 141.740165][ T7582] loop6: detected capacity change from 0 to 256 [ 141.758119][ T7582] exFAT-fs (loop6): invalid boot record signature [ 141.758181][ T7582] exFAT-fs (loop6): failed to read boot sector [ 141.758200][ T7582] exFAT-fs (loop6): failed to recognize exfat type [ 141.814956][ T7392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.823134][ T7392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.859484][ T7392] team0: Port device team_slave_0 added [ 141.863149][ T7392] team0: Port device team_slave_1 added [ 142.031646][ T7592] overlayfs: overlapping lowerdir path [ 142.670117][ T7392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 142.670184][ T7392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.670252][ T7392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 142.756916][ T7392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 142.756978][ T7392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.757022][ T7392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.900518][ T7392] hsr_slave_0: entered promiscuous mode [ 142.902917][ T7392] hsr_slave_1: entered promiscuous mode [ 142.904891][ T7392] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 142.907102][ T7392] Cannot create hsr debugfs directory [ 143.094937][ T6086] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 143.103711][ T6086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 143.106925][ T6086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 143.110648][ T6086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 143.287798][ T6086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 143.782266][ T6086] Bluetooth: hci0: command tx timeout [ 143.877460][ T7554] chnl_net:caif_netlink_parms(): no params data found [ 145.840420][ T6086] Bluetooth: hci1: command tx timeout [ 146.163447][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.326587][ T7554] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.326737][ T7554] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.326869][ T7554] bridge_slave_0: entered allmulticast mode [ 146.327795][ T7554] bridge_slave_0: entered promiscuous mode [ 146.329236][ T7554] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.329284][ T7554] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.329398][ T7554] bridge_slave_1: entered allmulticast mode [ 146.330275][ T7554] bridge_slave_1: entered promiscuous mode [ 147.074445][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.105008][ T7650] loop0: detected capacity change from 0 to 4096 [ 147.141485][ T7650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.165502][ T7554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.317311][ T6086] Bluetooth: hci1: command tx timeout [ 148.649055][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.798807][ T7554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 149.049994][ T7554] team0: Port device team_slave_0 added [ 149.827072][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.862384][ T7554] team0: Port device team_slave_1 added [ 149.901770][ T7554] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 149.903829][ T7554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.911367][ T7554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 149.915691][ T7554] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 149.918055][ T7554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.926089][ T7554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 149.962075][ T7554] hsr_slave_0: entered promiscuous mode [ 149.964477][ T7554] hsr_slave_1: entered promiscuous mode [ 149.966653][ T7554] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 149.968909][ T7554] Cannot create hsr debugfs directory [ 150.321505][ T6086] Bluetooth: hci1: command tx timeout [ 150.551894][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.688294][ T7607] chnl_net:caif_netlink_parms(): no params data found [ 152.397121][ T7710] netlink: 12 bytes leftover after parsing attributes in process `syz.6.225'. [ 152.431030][ T6086] Bluetooth: hci1: command tx timeout [ 153.090383][ T7714] netlink: 4 bytes leftover after parsing attributes in process `syz.0.226'. [ 153.105878][ T7607] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.107937][ T7607] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.110291][ T7607] bridge_slave_0: entered allmulticast mode [ 153.218117][ T7726] loop6: detected capacity change from 0 to 256 [ 153.224471][ T7726] exfat: Deprecated parameter 'codepage' [ 153.224584][ T7726] exfat: Bad value for 'codepage' [ 153.769290][ T7607] bridge_slave_0: entered promiscuous mode [ 153.867751][ T7728] binder: 7727:7728 tried to acquire reference to desc 0, got 1 instead [ 153.878844][ T7728] binder: 7727:7728 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 153.878917][ T7728] binder: 7728 RLIMIT_NICE not set [ 153.878957][ T7728] binder: 7728 RLIMIT_NICE not set [ 153.879445][ T7728] binder: release 7727:7728 transaction 20 in, still active [ 153.910581][ T7728] binder: send failed reply for transaction 20 to 7727:7728 [ 153.953199][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.958121][ T7607] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.958206][ T7607] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.958383][ T7607] bridge_slave_1: entered allmulticast mode [ 153.959304][ T7607] bridge_slave_1: entered promiscuous mode [ 153.964266][ T3909] binder: undelivered TRANSACTION_COMPLETE [ 153.964310][ T3909] binder: undelivered TRANSACTION_ERROR: 29189 [ 153.992462][ T7392] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 154.049479][ T7392] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 154.155392][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.174878][ T7607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.186856][ T7607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.189574][ T7392] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 154.197952][ T7392] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 154.409268][ T7745] netlink: 'syz.0.230': attribute type 21 has an invalid length. [ 154.465672][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.947641][ T7607] team0: Port device team_slave_0 added [ 154.949381][ T7607] team0: Port device team_slave_1 added [ 155.190781][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.212520][ T7607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.212593][ T7607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.212663][ T7607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.213851][ T7607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.213879][ T7607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.213929][ T7607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.321457][ T7756] loop6: detected capacity change from 0 to 64 [ 155.998214][ T7392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.034138][ T7607] hsr_slave_0: entered promiscuous mode [ 156.036358][ T7607] hsr_slave_1: entered promiscuous mode [ 156.040928][ T7607] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 156.045530][ T7607] Cannot create hsr debugfs directory [ 156.060907][ T1814] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 156.125532][ T7392] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.133762][ T2076] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.133848][ T2076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.257606][ T1814] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 156.258394][ T1814] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 156.258599][ T1814] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 156.732967][ T1814] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 156.737376][ T1814] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.743358][ T1814] usb 1-1: Product: syz [ 156.745635][ T1814] usb 1-1: Manufacturer: syz [ 156.759964][ T1814] usb 1-1: SerialNumber: syz [ 156.788316][ T2076] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.788398][ T2076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.871054][ T7392] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 156.874114][ T7392] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 157.131244][ T7752] loop0: detected capacity change from 0 to 256 [ 157.131875][ T7752] vfat: Bad value for 'uni_xlate' [ 157.216991][ T12] bridge_slave_1: left allmulticast mode [ 157.217068][ T12] bridge_slave_1: left promiscuous mode [ 157.217182][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.234024][ T12] bridge_slave_0: left allmulticast mode [ 157.234097][ T12] bridge_slave_0: left promiscuous mode [ 157.234229][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.245416][ T12] bridge_slave_1: left allmulticast mode [ 157.245484][ T12] bridge_slave_1: left promiscuous mode [ 157.245691][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.255619][ T12] bridge_slave_0: left allmulticast mode [ 157.255725][ T12] bridge_slave_0: left promiscuous mode [ 157.255828][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.676248][ T1814] usb 1-1: 0:2 : does not exist [ 157.700601][ T1814] usb 1-1: USB disconnect, device number 2 [ 157.717990][ T7783] loop0: detected capacity change from 0 to 1024 [ 157.747937][ T7783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.781155][ T7580] udevd[7580]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 158.443410][ T7791] loop6: detected capacity change from 0 to 64 [ 158.757564][ T7791] syz.6.237: attempt to access beyond end of device [ 158.757564][ T7791] loop6: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 158.757947][ T7791] Buffer I/O error on dev loop6, logical block 134217734, async page read [ 158.914709][ T7791] Trying to free block not in datazone [ 159.136306][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.174094][ T7793] loop6: detected capacity change from 0 to 256 [ 159.270727][ T7795] evm: overlay not supported [ 159.882542][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 159.980980][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.064909][ T12] bond0 (unregistering): Released all slaves [ 160.275251][ T7803] process 'syz.0.242' launched './file1' with NULL argv: empty string added [ 163.458528][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 163.551071][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.664248][ T12] bond0 (unregistering): Released all slaves [ 163.687718][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.687801][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.687863][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.687913][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.687962][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.688011][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.688059][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.688107][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.688161][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.688209][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.241'. [ 163.797831][ T7825] loop0: detected capacity change from 0 to 256 [ 164.473488][ T7392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.517162][ T7554] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 167.606943][ T7554] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 167.613925][ T7554] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 167.708432][ T7554] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 167.947367][ T7392] veth0_vlan: entered promiscuous mode [ 169.148610][ T7392] veth1_vlan: entered promiscuous mode [ 169.154916][ T7904] __nla_validate_parse: 43 callbacks suppressed [ 169.156867][ T7904] netlink: 168 bytes leftover after parsing attributes in process `syz.6.258'. [ 169.248977][ T12] hsr_slave_0: left promiscuous mode [ 169.251361][ T12] hsr_slave_1: left promiscuous mode [ 169.251821][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.251910][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.258229][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.258313][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.268704][ T12] hsr_slave_0: left promiscuous mode [ 169.271139][ T12] hsr_slave_1: left promiscuous mode [ 169.273082][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.275314][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.278059][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.281297][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.367833][ T12] veth1_macvtap: left promiscuous mode [ 169.367933][ T12] veth0_macvtap: left promiscuous mode [ 169.368055][ T12] veth1_vlan: left promiscuous mode [ 169.368138][ T12] veth0_vlan: left promiscuous mode [ 169.443051][ T12] veth1_macvtap: left promiscuous mode [ 169.443160][ T12] veth0_macvtap: left promiscuous mode [ 169.443281][ T12] veth1_vlan: left promiscuous mode [ 169.443362][ T12] veth0_vlan: left promiscuous mode [ 170.567813][ T7914] loop0: detected capacity change from 0 to 32768 [ 170.568494][ T7914] XFS: ikeep mount option is deprecated. [ 171.231119][ T7914] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 171.407855][ T7914] XFS (loop0): Ending clean mount [ 171.421165][ T7950] netlink: 'syz.6.262': attribute type 33 has an invalid length. [ 171.423356][ T7950] netlink: 152 bytes leftover after parsing attributes in process `syz.6.262'. [ 171.433068][ T7914] XFS (loop0): Quotacheck needed: Please wait. [ 171.467996][ T7914] XFS (loop0): Quotacheck: Done. [ 171.474177][ T7954] netlink: 4 bytes leftover after parsing attributes in process `syz.6.262'. [ 171.537981][ T7914] XFS (loop0): User initiated shutdown received. [ 171.538267][ T7914] XFS (loop0): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x80/0x15c (fs/xfs/xfs_fsops.c:472). Shutting down filesystem. [ 171.538317][ T7914] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 171.639359][ T6520] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 173.295003][ T12] team0 (unregistering): Port device team_slave_1 removed [ 173.492564][ T12] team0 (unregistering): Port device team_slave_0 removed [ 178.815289][ T12] team0 (unregistering): Port device team_slave_1 removed [ 179.013980][ T12] team0 (unregistering): Port device team_slave_0 removed [ 180.909518][ T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 180.913137][ T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 180.915857][ T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 180.916639][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 180.917092][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 181.447041][ T7554] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.477995][ T7554] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.517585][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.517681][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.704763][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.704846][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.139369][ T52] Bluetooth: hci4: command tx timeout [ 184.365945][ T7554] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 184.455212][ T7607] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 184.796475][ T7607] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 184.811530][ T7607] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 184.834179][ T7607] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 185.273051][ T52] Bluetooth: hci4: command tx timeout [ 185.737047][ T7554] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.740298][ T8057] netlink: 28 bytes leftover after parsing attributes in process `syz.0.272'. [ 185.740538][ T8057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'. [ 185.813731][ T8065] netlink: 'syz.0.272': attribute type 10 has an invalid length. [ 185.824198][ T8064] loop6: detected capacity change from 0 to 512 [ 185.867034][ T8065] bridge0: port 1(team0) entered blocking state [ 185.867141][ T8065] bridge0: port 1(team0) entered disabled state [ 185.867276][ T8065] team0: entered allmulticast mode [ 185.877041][ T8064] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 185.877101][ T8064] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 185.877295][ T8064] EXT4-fs (loop6): orphan cleanup on readonly fs [ 185.886867][ T8064] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #13: comm syz.6.273: iget: bad i_size value: 12154761577498 [ 185.902333][ T7984] chnl_net:caif_netlink_parms(): no params data found [ 185.906387][ T8064] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.273: couldn't read orphan inode 13 (err -117) [ 185.921917][ T8064] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 186.043840][ T31] audit: type=1326 audit(186.010:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.043937][ T31] audit: type=1326 audit(186.030:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.043994][ T31] audit: type=1326 audit(186.030:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.044040][ T31] audit: type=1326 audit(186.030:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.046679][ T31] audit: type=1326 audit(186.030:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.046756][ T31] audit: type=1326 audit(186.030:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.046802][ T31] audit: type=1326 audit(186.030:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.046846][ T31] audit: type=1326 audit(186.030:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.047281][ T31] audit: type=1326 audit(186.030:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.047336][ T31] audit: type=1326 audit(186.030:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8070 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed5a8a8 code=0x7ffc0000 [ 186.153294][ T8071] wireguard0: entered promiscuous mode [ 186.153343][ T8071] wireguard0: entered allmulticast mode [ 186.232882][ T8077] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.273: dx entry: limit 65535 != root limit 120 [ 186.233070][ T8077] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.273: Corrupt directory, running e2fsck is recommended [ 186.792866][ T7153] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.887280][ T7554] veth0_vlan: entered promiscuous mode [ 186.893327][ T7554] veth1_vlan: entered promiscuous mode [ 187.173303][ T7984] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.173421][ T7984] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.173555][ T7984] bridge_slave_0: entered allmulticast mode [ 187.174516][ T7984] bridge_slave_0: entered promiscuous mode [ 187.177401][ T7984] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.177459][ T7984] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.177615][ T7984] bridge_slave_1: entered allmulticast mode [ 187.179485][ T7984] bridge_slave_1: entered promiscuous mode [ 187.320522][ T52] Bluetooth: hci4: command tx timeout [ 187.365486][ T2408] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.365585][ T2408] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.935858][ T7607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.946203][ T7984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.997818][ T7984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.058865][ T7554] veth0_macvtap: entered promiscuous mode [ 188.159775][ T7984] team0: Port device team_slave_0 added [ 188.163902][ T7607] 8021q: adding VLAN 0 to HW filter on device team0 [ 188.166579][ T7554] veth1_macvtap: entered promiscuous mode [ 188.184497][ T7984] team0: Port device team_slave_1 added [ 188.191107][ T7554] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.195182][ T4558] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.195271][ T4558] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.801886][ T6561] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 188.848896][ T7554] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.864062][ T4558] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.864147][ T4558] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.880132][ T7554] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.890235][ T7554] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.890415][ T7554] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.890456][ T7554] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.892084][ T7984] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.892137][ T7984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.892203][ T7984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.893908][ T7984] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.893952][ T7984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.894011][ T7984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.973120][ T6561] usb 1-1: config 0 has an invalid interface number: 146 but max is 0 [ 188.973186][ T6561] usb 1-1: config 0 has no interface number 0 [ 188.973222][ T6561] usb 1-1: New USB device found, idVendor=14ea, idProduct=ab11, bcdDevice=cf.a5 [ 188.973250][ T6561] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.975561][ T6561] usb 1-1: config 0 descriptor?? [ 189.018505][ T8101] binder: BINDER_SET_CONTEXT_MGR already set [ 189.018569][ T8101] binder: 8100:8101 ioctl 4018620d 20000040 returned -16 [ 189.023860][ T8101] binder: 8100:8101 got transaction to invalid handle, 1 [ 189.023925][ T8101] binder: 8101:8100 cannot find target node [ 189.023968][ T8101] binder: 8100:8101 transaction call to 0:0 failed 23/29201/-22, code 0 size 0-0 line 3152 [ 189.258581][ T6561] asix 1-1:0.146 (unnamed net_device) (uninitialized): invalid hw address, using random [ 189.283410][ T52] Bluetooth: hci2: link tx timeout [ 189.283522][ T52] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 189.284494][ T52] Bluetooth: hci2: killing stalled connection 00:00:00:00:00:00 [ 189.292625][ T12] bridge_slave_1: left allmulticast mode [ 189.292682][ T12] bridge_slave_1: left promiscuous mode [ 189.292829][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.312894][ T12] bridge_slave_0: left allmulticast mode [ 189.312974][ T12] bridge_slave_0: left promiscuous mode [ 189.313145][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.360508][ T52] Bluetooth: hci4: command tx timeout [ 189.424285][ T6561] asix 1-1:0.146 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 189.424348][ T6561] asix 1-1:0.146 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 189.424604][ T6561] asix 1-1:0.146: probe with driver asix failed with error -71 [ 189.434104][ T6561] usb 1-1: USB disconnect, device number 3 [ 191.360454][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 191.375313][ T8124] loop6: detected capacity change from 0 to 128 [ 191.549574][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.594239][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.235758][ T12] bond0 (unregistering): Released all slaves [ 192.269820][ T7984] hsr_slave_0: entered promiscuous mode [ 192.271454][ T7984] hsr_slave_1: entered promiscuous mode [ 192.271892][ T7984] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.272263][ T7984] Cannot create hsr debugfs directory [ 192.290224][ T172] kworker/u8:5: attempt to access beyond end of device [ 192.290224][ T172] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 192.438782][ T12] hsr_slave_0: left promiscuous mode [ 192.441553][ T12] hsr_slave_1: left promiscuous mode [ 192.442058][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.443377][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.468516][ T12] veth1_vlan: left promiscuous mode [ 192.468651][ T12] veth0_vlan: left promiscuous mode [ 193.630884][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 193.826680][ T8146] loop6: detected capacity change from 0 to 256 [ 193.883671][ T8146] FAT-fs (loop6): count of clusters too big (178174) [ 193.883800][ T8146] FAT-fs (loop6): Can't find a valid FAT filesystem [ 195.576012][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 195.578150][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 195.598013][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 195.601464][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 195.604810][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 197.529966][ T12] team0 (unregistering): Port device team_slave_1 removed [ 197.733213][ T12] team0 (unregistering): Port device team_slave_0 removed [ 198.010606][ T6086] Bluetooth: hci3: command tx timeout [ 198.470550][ T8176] loop0: detected capacity change from 0 to 256 [ 200.080542][ T6086] Bluetooth: hci3: command tx timeout [ 201.354800][ T7607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.845668][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 201.853650][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 201.858156][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 201.863760][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 201.865870][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 201.992610][ T31] kauditd_printk_skb: 6 callbacks suppressed [ 201.992693][ T31] audit: type=1107 audit(201.980:28): pid=8226 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 202.161687][ T52] Bluetooth: hci3: command tx timeout [ 202.761838][ T8157] chnl_net:caif_netlink_parms(): no params data found [ 202.845964][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.156138][ T6086] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 203.817348][ T6086] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 203.819930][ T6086] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 203.829201][ T6086] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 203.832333][ T6086] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 203.872196][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.920457][ T6086] Bluetooth: hci0: command tx timeout [ 204.073844][ T8157] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.073986][ T8157] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.074185][ T8157] bridge_slave_0: entered allmulticast mode [ 204.075173][ T8157] bridge_slave_0: entered promiscuous mode [ 204.214687][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.227927][ T8157] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.228025][ T8157] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.228244][ T8157] bridge_slave_1: entered allmulticast mode [ 204.229478][ T8157] bridge_slave_1: entered promiscuous mode [ 204.369618][ T6086] Bluetooth: hci3: command tx timeout [ 204.980270][ T8270] loop0: detected capacity change from 0 to 512 [ 204.985243][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.011193][ T8270] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.310: iget: bad i_size value: 38620345925642 [ 205.016081][ T8270] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.310: couldn't read orphan inode 15 (err -117) [ 205.017206][ T8270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.202846][ T8157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.209156][ T8157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.930534][ T6086] Bluetooth: hci5: command tx timeout [ 205.932664][ T7984] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 205.985625][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.986887][ T8157] team0: Port device team_slave_0 added [ 206.000565][ T6086] Bluetooth: hci0: command tx timeout [ 206.045024][ T8222] chnl_net:caif_netlink_parms(): no params data found [ 206.132459][ T7984] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 206.175720][ T7984] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 206.180079][ T7984] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 206.205429][ T8157] team0: Port device team_slave_1 added [ 206.957807][ T8251] chnl_net:caif_netlink_parms(): no params data found [ 207.083937][ T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.136458][ T8312] loop0: detected capacity change from 0 to 2048 [ 207.160993][ T8157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.161054][ T8157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.161112][ T8157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.162348][ T8157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.162376][ T8157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.162420][ T8157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.187875][ T8312] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 207.270647][ T8222] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.270757][ T8222] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.270960][ T8222] bridge_slave_0: entered allmulticast mode [ 207.271887][ T8222] bridge_slave_0: entered promiscuous mode [ 207.273092][ T8222] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.273167][ T8222] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.273301][ T8222] bridge_slave_1: entered allmulticast mode [ 207.274191][ T8222] bridge_slave_1: entered promiscuous mode [ 207.316479][ T8222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.321610][ T8222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.371230][ T8222] team0: Port device team_slave_0 added [ 208.060635][ T6086] Bluetooth: hci5: command tx timeout [ 208.062913][ T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.119077][ T6086] Bluetooth: hci0: command tx timeout [ 208.184698][ T8222] team0: Port device team_slave_1 added [ 208.208712][ T8323] loop0: detected capacity change from 0 to 128 [ 208.227616][ T8323] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 208.241886][ T8323] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 208.256356][ T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.359963][ T8157] hsr_slave_0: entered promiscuous mode [ 208.371161][ T8157] hsr_slave_1: entered promiscuous mode [ 208.373805][ T8157] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.373869][ T8157] Cannot create hsr debugfs directory [ 208.421810][ T8222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.431209][ T8222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.431335][ T8222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.444527][ T8222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.444586][ T8222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.444661][ T8222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.512043][ T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.219451][ T8251] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.219539][ T8251] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.220013][ T8251] bridge_slave_0: entered allmulticast mode [ 209.221470][ T8251] bridge_slave_0: entered promiscuous mode [ 209.309391][ T8251] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.312974][ T8251] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.315135][ T8251] bridge_slave_1: entered allmulticast mode [ 209.317964][ T8251] bridge_slave_1: entered promiscuous mode [ 209.335384][ T8251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.340965][ T8251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.397388][ T7984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.413713][ T7984] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.452620][ T8222] hsr_slave_0: entered promiscuous mode [ 209.454921][ T8222] hsr_slave_1: entered promiscuous mode [ 209.457433][ T8222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 209.459839][ T8222] Cannot create hsr debugfs directory [ 210.091442][ T6086] Bluetooth: hci5: command tx timeout [ 210.159150][ T8251] team0: Port device team_slave_0 added [ 210.161031][ T6086] Bluetooth: hci0: command tx timeout [ 210.174052][ T8251] team0: Port device team_slave_1 added [ 210.389802][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.389870][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.389947][ T8251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.064590][ T2076] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.064684][ T2076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.071318][ T2076] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.071394][ T2076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.206108][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.206172][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.206236][ T8251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.416865][ T8251] hsr_slave_0: entered promiscuous mode [ 211.417555][ T8251] hsr_slave_1: entered promiscuous mode [ 211.418291][ T8251] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.418336][ T8251] Cannot create hsr debugfs directory [ 211.587729][ T8373] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 212.230436][ T6086] Bluetooth: hci5: command tx timeout [ 212.242116][ T12] bridge_slave_1: left allmulticast mode [ 212.242183][ T12] bridge_slave_1: left promiscuous mode [ 212.242308][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.249318][ T12] bridge_slave_0: left allmulticast mode [ 212.252698][ T12] bridge_slave_0: left promiscuous mode [ 212.254452][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.273550][ T12] bridge_slave_1: left allmulticast mode [ 212.273629][ T12] bridge_slave_1: left promiscuous mode [ 212.273779][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.292856][ T12] bridge_slave_0: left allmulticast mode [ 212.292931][ T12] bridge_slave_0: left promiscuous mode [ 212.293057][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.770975][ T8403] loop0: detected capacity change from 0 to 64 [ 214.795535][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.846637][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.893606][ T12] bond0 (unregistering): Released all slaves [ 216.356568][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 216.393488][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 216.432239][ T12] bond0 (unregistering): Released all slaves [ 216.974362][ T8222] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 217.140053][ T8222] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 217.210518][ T8222] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 217.219533][ T8222] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 217.451331][ T7984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.624352][ T12] hsr_slave_0: left promiscuous mode [ 217.626546][ T12] hsr_slave_1: left promiscuous mode [ 217.628530][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.628630][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 217.631358][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 217.631407][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 217.639472][ T12] hsr_slave_0: left promiscuous mode [ 217.648528][ T12] hsr_slave_1: left promiscuous mode [ 217.649038][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.649117][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 217.650796][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 217.650845][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 217.679548][ T12] veth1_macvtap: left promiscuous mode [ 217.679645][ T12] veth0_macvtap: left promiscuous mode [ 217.679751][ T12] veth1_vlan: left promiscuous mode [ 217.679829][ T12] veth0_vlan: left promiscuous mode [ 217.682344][ T12] veth1_macvtap: left promiscuous mode [ 217.682406][ T12] veth0_macvtap: left promiscuous mode [ 217.682501][ T12] veth1_vlan: left promiscuous mode [ 217.682584][ T12] veth0_vlan: left promiscuous mode [ 221.455352][ T12] team0 (unregistering): Port device team_slave_1 removed [ 221.623591][ T12] team0 (unregistering): Port device team_slave_0 removed [ 225.704904][ T8488] loop0: detected capacity change from 0 to 8 [ 227.336833][ T8497] loop0: detected capacity change from 0 to 1024 [ 227.373836][ T8497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.184462][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.381205][ T12] team0 (unregistering): Port device team_slave_1 removed [ 228.936302][ T12] team0 (unregistering): Port device team_slave_0 removed [ 231.317356][ T8222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.338664][ T8222] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.358594][ T8222] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 231.358650][ T8222] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 231.820347][ T6679] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.820434][ T6679] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.947610][ T6679] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.947689][ T6679] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.465029][ T7984] veth0_vlan: entered promiscuous mode [ 232.474825][ T7984] veth1_vlan: entered promiscuous mode [ 233.145541][ T7984] veth0_macvtap: entered promiscuous mode [ 233.147511][ T7984] veth1_macvtap: entered promiscuous mode [ 233.160681][ T7984] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.174473][ T7984] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.178421][ T7984] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.181445][ T7984] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.183883][ T7984] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.186424][ T7984] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.200019][ T8222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.216280][ T8553] loop0: detected capacity change from 0 to 512 [ 234.222103][ T8553] EXT4-fs: Ignoring removed mblk_io_submit option [ 234.233807][ T8553] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 234.249309][ T4558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.249375][ T4558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.270176][ T8553] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 234.270530][ T8553] EXT4-fs (loop0): orphan cleanup on readonly fs [ 234.285247][ T8553] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #12: comm syz.0.338: pblk 0 bad header/extent: invalid magic - magic f3ff, entries 1, max 4(0), depth 0(0) [ 234.291080][ T8553] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.338: couldn't read orphan inode 12 (err -117) [ 234.306579][ T8553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 234.326155][ T4558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.328403][ T4558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.404411][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.636192][ T8573] loop5: detected capacity change from 0 to 2048 [ 234.657819][ T8222] veth0_vlan: entered promiscuous mode [ 234.662838][ T8222] veth1_vlan: entered promiscuous mode [ 234.674974][ T8222] veth0_macvtap: entered promiscuous mode [ 234.715522][ T8222] veth1_macvtap: entered promiscuous mode [ 235.193349][ T8573] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 235.460813][ T8473] udevd[8473]: incorrect nilfs2 checksum on /dev/loop5 [ 235.468495][ T2225] bridge_slave_1: left allmulticast mode [ 235.468576][ T2225] bridge_slave_1: left promiscuous mode [ 235.468720][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.490918][ T2225] bridge_slave_0: left allmulticast mode [ 235.494345][ T2225] bridge_slave_0: left promiscuous mode [ 235.498934][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.519560][ T8577] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.762469][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 236.512646][ T8585] loop0: detected capacity change from 0 to 128 [ 236.516962][ T8585] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 240.317533][ T8609] loop0: detected capacity change from 0 to 1024 [ 240.347321][ T8609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 241.298581][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.236542][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 242.291058][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.323570][ T8632] loop5: detected capacity change from 0 to 128 [ 242.325601][ T2225] bond0 (unregistering): Released all slaves [ 242.336813][ T8632] ufs: You didn't specify the type of your ufs filesystem [ 242.336813][ T8632] [ 242.336813][ T8632] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 242.336813][ T8632] [ 242.336813][ T8632] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 242.336945][ T8632] ufs: ufstype=old is supported read-only [ 242.351793][ T8632] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 242.517003][ T8222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 242.519830][ T8222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 242.534904][ T8222] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.534979][ T8222] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.535011][ T8222] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.535041][ T8222] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.221145][ T2225] hsr_slave_0: left promiscuous mode [ 243.222904][ T2225] hsr_slave_1: left promiscuous mode [ 243.223375][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.227066][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.899765][ T8643] loop0: detected capacity change from 0 to 512 [ 243.905555][ T8643] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 243.905612][ T8643] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 243.915326][ T8643] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 243.915514][ T8643] EXT4-fs (loop0): 1 truncate cleaned up [ 243.916380][ T8643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 244.187691][ T8647] sctp: [Deprecated]: syz.0.357 (pid 8647) Use of struct sctp_assoc_value in delayed_ack socket option. [ 244.187691][ T8647] Use struct sctp_sack_info instead [ 244.836009][ T6520] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.874106][ T8649] loop0: detected capacity change from 0 to 128 [ 244.874702][ T8649] EXT4-fs: Ignoring removed nomblk_io_submit option [ 244.874746][ T8649] EXT4-fs: Ignoring removed nomblk_io_submit option [ 244.888574][ T8649] EXT4-fs (loop0): Test dummy encryption mode enabled [ 244.891037][ T8649] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 244.896926][ T8649] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-ce" [ 244.936206][ T8649] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 244.949153][ T8649] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 245.222694][ T8657] loop5: detected capacity change from 0 to 2048 [ 246.007081][ T8657] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 246.025156][ T8657] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 247.208794][ T8664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 247.209115][ T8664] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 247.218660][ T2225] team0 (unregistering): Port device team_slave_1 removed [ 248.332563][ T2225] team0 (unregistering): Port device team_slave_0 removed [ 249.228567][ T2408] ieee802154 phy0 wpan0: encryption failed: -22 [ 249.228658][ T2408] ieee802154 phy1 wpan1: encryption failed: -22 [ 249.428972][ T8678] fuse: Bad value for 'fd' [ 254.220305][ T8700] loop5: detected capacity change from 0 to 40427 [ 254.235031][ T8700] F2FS-fs (loop5): Invalid SB checksum offset: 0 [ 254.235086][ T8700] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 254.238005][ T8700] F2FS-fs (loop5): invalid crc value [ 254.314813][ T8700] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 254.314896][ T8700] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 255.611250][ T7984] syz-executor: attempt to access beyond end of device [ 255.611250][ T7984] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 255.611349][ T7984] CPU: 1 UID: 0 PID: 7984 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 255.611366][ T7984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 255.611374][ T7984] Call trace: [ 255.611378][ T7984] show_stack+0x2c/0x3c (C) [ 255.611399][ T7984] __dump_stack+0x30/0x40 [ 255.611413][ T7984] dump_stack_lvl+0xd8/0x12c [ 255.611426][ T7984] dump_stack+0x1c/0x28 [ 255.611440][ T7984] f2fs_handle_critical_error+0x34c/0x4b8 [ 255.611453][ T7984] f2fs_stop_checkpoint+0x5c/0x70 [ 255.611466][ T7984] f2fs_write_end_io+0x58c/0x818 [ 255.611478][ T7984] bio_endio+0x804/0x840 [ 255.611490][ T7984] submit_bio_noacct+0x158/0x176c [ 255.611503][ T7984] submit_bio+0x354/0x4d4 [ 255.611516][ T7984] f2fs_submit_write_bio+0x13c/0x324 [ 255.611528][ T7984] __submit_merged_bio+0x254/0x704 [ 255.611539][ T7984] __submit_merged_write_cond+0x23c/0x4ac [ 255.611550][ T7984] f2fs_write_data_pages+0x1d28/0x2634 [ 255.611563][ T7984] do_writepages+0x270/0x468 [ 255.611578][ T7984] filemap_fdatawrite+0x144/0x1e8 [ 255.611592][ T7984] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 255.611607][ T7984] f2fs_write_checkpoint+0x684/0x1694 [ 255.611621][ T7984] kill_f2fs_super+0x21c/0x584 [ 255.611632][ T7984] deactivate_locked_super+0xc4/0x12c [ 255.611644][ T7984] deactivate_super+0xe0/0x100 [ 255.611655][ T7984] cleanup_mnt+0x31c/0x3ac [ 255.611666][ T7984] __cleanup_mnt+0x20/0x30 [ 255.611677][ T7984] task_work_run+0x1dc/0x260 [ 255.611689][ T7984] do_notify_resume+0x16c/0x1ec [ 255.611701][ T7984] el0_svc+0xb4/0x17c [ 255.611721][ T7984] el0t_64_sync_handler+0x78/0x108 [ 255.611733][ T7984] el0t_64_sync+0x198/0x19c [ 255.611920][ T7984] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 255.704579][ T8717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.374'. [ 255.720153][ T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 255.733964][ T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 255.734809][ T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 255.736871][ T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 255.737438][ T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 255.965964][ T8723] loop5: detected capacity change from 0 to 1024 [ 257.219776][ T81] hfsplus: b-tree write err: -5, ino 8 [ 257.822009][ T8157] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 257.840508][ T6086] Bluetooth: hci1: command tx timeout [ 259.155176][ T8739] delete_channel: no stack [ 259.217296][ T8251] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 259.241650][ T8251] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 259.268436][ T8251] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 259.274715][ T8251] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 259.324740][ T4558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.327082][ T4558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.544762][ T4558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.547094][ T4558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.586561][ T8251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.777895][ T8251] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.012052][ T6086] Bluetooth: hci1: command tx timeout [ 260.651891][ T6680] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.651982][ T6680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.818332][ T8718] chnl_net:caif_netlink_parms(): no params data found [ 260.866831][ T6680] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.866915][ T6680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.123201][ T8770] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 262.383106][ T6086] Bluetooth: hci1: command tx timeout [ 262.438799][ T8772] netlink: 36 bytes leftover after parsing attributes in process `syz.0.383'. [ 262.483207][ T8772] netlink: 16 bytes leftover after parsing attributes in process `syz.0.383'. [ 262.485763][ T8772] netlink: 36 bytes leftover after parsing attributes in process `syz.0.383'. [ 262.488371][ T8772] netlink: 36 bytes leftover after parsing attributes in process `syz.0.383'. [ 262.610008][ T8718] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.612274][ T8718] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.614700][ T8718] bridge_slave_0: entered allmulticast mode [ 262.639625][ T8718] bridge_slave_0: entered promiscuous mode [ 263.424283][ T8718] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.426419][ T8718] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.426648][ T8718] bridge_slave_1: entered allmulticast mode [ 263.434730][ T8718] bridge_slave_1: entered promiscuous mode [ 264.221282][ T8718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.276064][ T8718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.415876][ T8718] team0: Port device team_slave_0 added [ 264.417489][ T8718] team0: Port device team_slave_1 added [ 264.431677][ T52] Bluetooth: hci1: command tx timeout [ 264.440030][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 264.444584][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 264.447317][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 264.457034][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 264.459480][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 264.553752][ T1814] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 264.736985][ T1814] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 265.306082][ T8718] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 265.306144][ T8718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.306230][ T8718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 265.308020][ T8718] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 265.308057][ T8718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.308105][ T8718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.518678][ T8813] bridge0: entered promiscuous mode [ 265.518839][ T8813] team0: entered promiscuous mode [ 265.518893][ T8813] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:579 [ 265.518920][ T8813] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 8813, name: syz.0.392 [ 265.518949][ T8813] preempt_count: 201, expected: 0 [ 265.518973][ T8813] RCU nest depth: 0, expected: 0 [ 265.518997][ T8813] 3 locks held by syz.0.392/8813: [ 265.519022][ T8813] #0: ffff80008f64f450 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire+0x18/0x54 [ 265.519157][ T8813] #1: ffff800092872028 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x710/0x15dc [ 265.519261][ T8813] #2: ffff0000dd7dc368 (&dev_addr_list_lock_key#6/1){+...}-{3:3}, at: dev_uc_add+0x5c/0x104 [ 265.519418][ T8813] Preemption disabled at: [ 265.519432][ T8813] [] local_bh_disable+0x28/0x34 [ 265.519475][ T8813] CPU: 1 UID: 0 PID: 8813 Comm: syz.0.392 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 265.519491][ T8813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.519499][ T8813] Call trace: [ 265.519503][ T8813] show_stack+0x2c/0x3c (C) [ 265.519522][ T8813] __dump_stack+0x30/0x40 [ 265.519537][ T8813] dump_stack_lvl+0xd8/0x12c [ 265.519551][ T8813] dump_stack+0x1c/0x28 [ 265.519565][ T8813] __might_resched+0x348/0x4c4 [ 265.519579][ T8813] __might_sleep+0x94/0x110 [ 265.519592][ T8813] __mutex_lock_common+0x10c/0x2190 [ 265.519605][ T8813] mutex_lock_nested+0x2c/0x38 [ 265.519615][ T8813] team_change_rx_flags+0x44/0x1d8 [ 265.519630][ T8813] __dev_set_promiscuity+0x454/0x634 [ 265.519643][ T8813] netif_set_promiscuity+0x60/0xf4 [ 265.519654][ T8813] dev_set_promiscuity+0x104/0x1fc [ 265.519667][ T8813] br_manage_promisc+0x3cc/0x48c [ 265.519681][ T8813] br_dev_change_rx_flags+0x40/0x50 [ 265.519692][ T8813] __dev_set_promiscuity+0x454/0x634 [ 265.519703][ T8813] __dev_set_rx_mode+0x140/0x204 [ 265.519722][ T8813] dev_uc_add+0xb8/0x104 [ 265.519736][ T8813] vlan_dev_open+0x300/0x4f0 [ 265.519748][ T8813] __dev_open+0x42c/0x830 [ 265.519761][ T8813] __dev_change_flags+0x1ac/0x54c [ 265.519772][ T8813] rtnl_newlink_create+0x498/0x9ac [ 265.519786][ T8813] rtnl_newlink+0x1194/0x15dc [ 265.519799][ T8813] rtnetlink_rcv_msg+0x664/0x97c [ 265.519812][ T8813] netlink_rcv_skb+0x220/0x3fc [ 265.519826][ T8813] rtnetlink_rcv+0x28/0x38 [ 265.519839][ T8813] netlink_unicast+0x60c/0x824 [ 265.519852][ T8813] netlink_sendmsg+0x648/0x930 [ 265.519865][ T8813] ____sys_sendmsg+0x490/0x7b8 [ 265.519876][ T8813] ___sys_sendmsg+0x204/0x278 [ 265.519887][ T8813] __arm64_sys_sendmsg+0x184/0x238 [ 265.519898][ T8813] invoke_syscall+0x98/0x2b8 [ 265.519913][ T8813] el0_svc_common+0x130/0x23c [ 265.519927][ T8813] do_el0_svc+0x48/0x58 [ 265.519941][ T8813] el0_svc+0x58/0x17c [ 265.519954][ T8813] el0t_64_sync_handler+0x78/0x108 [ 265.519966][ T8813] el0t_64_sync+0x198/0x19c [ 265.520185][ T8813] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 265.594021][ T8813] ============================= [ 265.595397][ T8813] [ BUG: Invalid wait context ] [ 265.596736][ T8813] 6.16.0-rc1-syzkaller-g39dfc971e42d #0 Tainted: G W [ 265.599021][ T8813] ----------------------------- [ 265.600270][ T8813] syz.0.392/8813 is trying to lock: [ 265.601611][ T8813] ffff0000d742ce00 (team->team_lock_key#2){+.+.}-{4:4}, at: team_change_rx_flags+0x44/0x1d8 [ 265.604245][ T8813] other info that might help us debug this: [ 265.605763][ T8813] context-{5:5} [ 265.606661][ T8813] 3 locks held by syz.0.392/8813: [ 265.607986][ T8813] #0: ffff80008f64f450 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire+0x18/0x54 [ 265.610484][ T8813] #1: ffff800092872028 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x710/0x15dc [ 265.612868][ T8813] #2: ffff0000dd7dc368 (&dev_addr_list_lock_key#6/1){+...}-{3:3}, at: dev_uc_add+0x5c/0x104 [ 265.615562][ T8813] stack backtrace: [ 265.616556][ T8813] CPU: 1 UID: 0 PID: 8813 Comm: syz.0.392 Tainted: G W 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT [ 265.619743][ T8813] Tainted: [W]=WARN [ 265.620703][ T8813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.623336][ T8813] Call trace: [ 265.624219][ T8813] show_stack+0x2c/0x3c (C) [ 265.625408][ T8813] __dump_stack+0x30/0x40 [ 265.626536][ T8813] dump_stack_lvl+0xd8/0x12c [ 265.627810][ T8813] dump_stack+0x1c/0x28 [ 265.628876][ T8813] __lock_acquire+0xaec/0x30a4 [ 265.630172][ T8813] lock_acquire+0x14c/0x2e0 [ 265.631339][ T8813] __mutex_lock_common+0x1d0/0x2190 [ 265.632672][ T8813] mutex_lock_nested+0x2c/0x38 [ 265.633878][ T8813] team_change_rx_flags+0x44/0x1d8 [ 265.635216][ T8813] __dev_set_promiscuity+0x454/0x634 [ 265.636558][ T8813] netif_set_promiscuity+0x60/0xf4 [ 265.637920][ T8813] dev_set_promiscuity+0x104/0x1fc [ 265.639244][ T8813] br_manage_promisc+0x3cc/0x48c [ 265.640597][ T8813] br_dev_change_rx_flags+0x40/0x50 [ 265.641954][ T8813] __dev_set_promiscuity+0x454/0x634 [ 265.643325][ T8813] __dev_set_rx_mode+0x140/0x204 [ 265.644561][ T8813] dev_uc_add+0xb8/0x104 [ 265.645668][ T8813] vlan_dev_open+0x300/0x4f0 [ 265.646889][ T8813] __dev_open+0x42c/0x830 [ 265.648001][ T8813] __dev_change_flags+0x1ac/0x54c [ 265.649319][ T8813] rtnl_newlink_create+0x498/0x9ac [ 265.650693][ T8813] rtnl_newlink+0x1194/0x15dc [ 265.651961][ T8813] rtnetlink_rcv_msg+0x664/0x97c [ 265.653236][ T8813] netlink_rcv_skb+0x220/0x3fc [ 265.654471][ T8813] rtnetlink_rcv+0x28/0x38 [ 265.655595][ T8813] netlink_unicast+0x60c/0x824 [ 265.656804][ T8813] netlink_sendmsg+0x648/0x930 [ 265.658019][ T8813] ____sys_sendmsg+0x490/0x7b8 [ 265.659266][ T8813] ___sys_sendmsg+0x204/0x278 [ 265.660575][ T8813] __arm64_sys_sendmsg+0x184/0x238 [ 265.661874][ T8813] invoke_syscall+0x98/0x2b8 [ 265.663106][ T8813] el0_svc_common+0x130/0x23c [ 265.664385][ T8813] do_el0_svc+0x48/0x58 [ 265.665443][ T8813] el0_svc+0x58/0x17c [ 265.666430][ T8813] el0t_64_sync_handler+0x78/0x108 [ 265.667755][ T8813] el0t_64_sync+0x198/0x19c [ 265.683078][ T8813] vlan2: entered promiscuous mode [ 265.814227][ T2225] bridge_slave_1: left allmulticast mode [ 265.814282][ T2225] bridge_slave_1: left promiscuous mode [ 265.814382][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.817629][ T2225] bridge_slave_0: left allmulticast mode [ 265.817661][ T2225] bridge_slave_0: left promiscuous mode [ 265.817782][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.998014][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 266.026234][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 266.061935][ T2225] bond0 (unregistering): Released all slaves [ 266.066000][ T8718] hsr_slave_0: entered promiscuous mode [ 266.066472][ T8718] hsr_slave_1: entered promiscuous mode [ 266.066740][ T8718] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 266.066764][ T8718] Cannot create hsr debugfs directory [ 266.237659][ T2225] hsr_slave_0: left promiscuous mode [ 266.239333][ T2225] hsr_slave_1: left promiscuous mode [ 266.239938][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.248470][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 266.624777][ T2225] team0 (unregistering): Port device team_slave_1 removed [ 266.741629][ T2225] team0 (unregistering): Port device team_slave_0 removed [ 268.363671][ T2225] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.446630][ T2225] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.562925][ T2225] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.662403][ T2225] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.862696][ T2225] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.944935][ T2225] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.032289][ T2225] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.092722][ T2225] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.230566][ T2225] bridge_slave_1: left allmulticast mode [ 269.230621][ T2225] bridge_slave_1: left promiscuous mode [ 269.230749][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.236896][ T2225] bridge_slave_0: left allmulticast mode [ 269.238460][ T2225] bridge_slave_0: left promiscuous mode [ 269.240078][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.244291][ T2225] bridge_slave_1: left allmulticast mode [ 269.245793][ T2225] bridge_slave_1: left promiscuous mode [ 269.247419][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.250845][ T2225] bridge_slave_0: left allmulticast mode [ 269.252479][ T2225] bridge_slave_0: left promiscuous mode [ 269.254154][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.258346][ T2225] bridge_slave_1: left allmulticast mode [ 269.260514][ T2225] bridge_slave_1: left promiscuous mode [ 269.260631][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.264501][ T2225] bridge_slave_0: left allmulticast mode [ 269.264548][ T2225] bridge_slave_0: left promiscuous mode [ 269.264645][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.268756][ T2225] bridge_slave_1: left allmulticast mode [ 269.268787][ T2225] bridge_slave_1: left promiscuous mode [ 269.268877][ T2225] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.272956][ T2225] bridge_slave_0: left allmulticast mode [ 269.272990][ T2225] bridge_slave_0: left promiscuous mode [ 269.273088][ T2225] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.605634][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.642898][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.682186][ T2225] bond0 (unregistering): Released all slaves [ 271.035687][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 271.074066][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 271.142792][ T2225] bond0 (unregistering): Released all slaves [ 272.674911][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 272.712640][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 272.762026][ T2225] bond0 (unregistering): Released all slaves [ 274.234683][ T2225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 274.272481][ T2225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 274.322570][ T2225] bond0 (unregistering): Released all slaves [ 275.265335][ T2225] hsr_slave_0: left promiscuous mode [ 275.267048][ T2225] hsr_slave_1: left promiscuous mode [ 275.267499][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.269083][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.275781][ T2225] hsr_slave_0: left promiscuous mode [ 275.277430][ T2225] hsr_slave_1: left promiscuous mode [ 275.278105][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.283917][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.291473][ T2225] hsr_slave_0: left promiscuous mode [ 275.293579][ T2225] hsr_slave_1: left promiscuous mode [ 275.293952][ T2225] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 275.293998][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.295587][ T2225] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 275.295623][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.308696][ T2225] hsr_slave_0: left promiscuous mode [ 275.310235][ T2225] hsr_slave_1: left promiscuous mode [ 275.310978][ T2225] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 275.311035][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.315701][ T2225] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 275.317534][ T2225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.331865][ T2225] veth1_macvtap: left promiscuous mode [ 275.333343][ T2225] veth0_macvtap: left promiscuous mode [ 275.335028][ T2225] veth1_vlan: left promiscuous mode [ 275.336574][ T2225] veth0_vlan: left promiscuous mode [ 275.338898][ T2225] veth1_macvtap: left promiscuous mode [ 275.344066][ T2225] veth0_macvtap: left promiscuous mode [ 275.344175][ T2225] veth1_vlan: left promiscuous mode [ 275.344243][ T2225] veth0_vlan: left promiscuous mode