last executing test programs: 13.493880837s ago: executing program 2 (id=521): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) r5 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfe33) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x33, @loopback}, 0x1c) sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800) setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4) 13.348866693s ago: executing program 1 (id=522): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10) 12.836486053s ago: executing program 3 (id=523): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0), 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x0, 0x0}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)={r4, 0xfffe, 0x20}, &(0x7f00000001c0)=0x18) 12.456589542s ago: executing program 3 (id=527): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0xc0d6, &(0x7f0000000400)={[{@noload}, {@discard}, {@usrquota}, {@min_batch_time}, {@lazytime}, {@minixdf}, {@norecovery}, {@usrjquota}]}, 0x1, 0x45b, &(0x7f0000000b00)="$eJzs289vFFUcAPDvTH8ov+xK8Ac/lCoaiT9aWhA5eNFo4kETEz3gsbYLqSzU0JoIIQrG4NGQeDceTfgLPOnFqCejV/VsSIjhAnpaM7szdLvslu2m7Zbu55MMvDfz2ve+nfdm38zbCaBvjWb/JBHbI+KPiBipZ5cWGK3/d+vGhel/b1yYTqJafeefpFbu5o0L00XR4ue2FZnBiPTzJPa2qHf+3PlTU5VK+WyeH184/eH4/LnzL8yenjpZPlk+M3ns2JHDEy8dnXxxVeLM4rq555O5fbvfeO/KW9PHr7z/89WkiL8pjk4M3L3I6HIHn65WV1LdhrejIZ0M9rAhrMhAfZjGUG38j8RALJ68kXj9s542DlhT1Wq1+nD7w1drBYBNKjHEoU8VH/TZ/W+xrdPUY0O4/kr9BiiL+1a+1Y8MRpqXGWq6v11NoxFx/OJ/X2dbND+H2LJGlQIAfe37bP7zfKv5XxqNz4UeyNdQShHxYETsjIijEbErIh6KqJV9JCIeXWH9zYskd84/02tdBdahbP73cr62tXT+V8z+ojSQ53bU4h9KTsxWyoeyv8lv++slZivliWXq+OG1379sd6xx/pdtWf3FXDBvx7XB+5b+zMzUwlTXATe5filiz2Cr+JPbKwFJROyOiD1d1jH77Lf72h1rE/9wR794FdaZqt9EPFM//xejKf5Csvz65Pj9USkfGs97RYtlvV9+vfx2u/rvfv7X1vVLUfSuO85/3V+lpHG9dn7ldVz+84u295Td9v/h5N0l+z6eWlg4OxExnLxZy5ca9082lZtcLJ/1/4MHWo//nbH4l9gbEVknfiwiHo+I/Xnbn4iIJyPiwDLx//TqUx90H//ayuKfaXn9u93/m87/YmI4mve0Tgyc+vG7JZWWVhJ/dv6P1FIH8z2dXP86aVd3vRkAAADuPWlEbI8kHbudTtOxsfp3+HfF1rQyN7/w3Im5j87M1N8RKMVQWjz/HGl4HjqR39YX+cn8u8VF/nD+3PirgS21/Nj0XGWm18FDn9vWZvxn/u7gJRfgHte8jra1R+0A1p/3NaF/Gf/QnxLjH/pai/Hv1TPoE60+/z/tQTuA9dc0/pdd9jMxgM3F/T/0L+Mf+lf78Z+uazuAdTW/Je7+kvzmSGTXsg3QjM2SiHRDNENijRK9vjIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsjv8DAAD//17S444=") sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[], 0x48) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b00), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x68100, 0x12a) 11.415713355s ago: executing program 1 (id=530): socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@private2, 0x0, 0x0, 0x4e22, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010101, 0x4d5, 0x2b}, 0x0, @in6=@loopback, 0x3504, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r5, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc) sendmmsg(r4, &(0x7f0000000180), 0x400000000000077, 0x7600) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffdffffe, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0xd}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) 11.159209205s ago: executing program 3 (id=532): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) ftruncate(r1, 0x2000009) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x2, 0x4, 0x5, 0xbaa, 0x0, 0xffffffffffffffff, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r5}, 0x38) sendfile(r0, r1, 0x0, 0x7ffff004) 10.279294105s ago: executing program 2 (id=533): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000000)={0x0, 0xf, 0x31, 0x7ca, 0x0, 0x0, 0x0}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000040)={0xff, r3, 0x4cc20c9547f7a1ca}) write$UHID_INPUT(r5, &(0x7f0000000240)={0x8, {"54cfda08f1697f481aca03b9cf11eb2a2782c96c22e2765b24acfcb2aad2ecc643356a973b150dabc18a218b7e208ebc5d4e49268dc3a14b5561cb5cb844a6039ea058e22eb94ec295474f321862acc9e4d7072c1a293b53adabd864acdc614229f5cfe9200146c037dc8272655b6db7515ef291dc8a8c7b0f4348fb23c9ce1eb57ec1e391b38879953cbb5845e76db61aa8f60d17019fa473357e8a15f29aaba87e2b8af90814741b2e801b66b2d8eb0742d358a703e0d24c0f166d37852c14dfe91d70d023025e38cfc1d977938a7d693cbe00e4a02e83783963cecb97c7453a02cf9d8048c3671389343d10647d1a5c62137f3c2bd8d14d217ee21ce3134338640f9781414edd60b1f7692cdd05c743cc868791929a9417102b664058e1036ced90956ed8f6cf1a88153d2138ae806d41b0153c7fe3f67c7b2be9415d8a81ce73311a59b544913587f06981965f5c4c48ddbaacf522501355053f92baa7eec270585d1e43ede8e30a13f45b7b6440c18399cdfb16024e65ede0ee29becc5feb77adab67867be41fb29664c584f9098068aca193f9416068549321074e154e54f9f849ff34cd288c60af838b7210c15a8cadfe2c8b6e4550810807d18e11742ceb42bde896e18d29b08efaff93adadbb02aed406464760580dac74b7598274feb01d5eb89e214edb80e092f7f9332cba6c3f95101825dd500684b0400d4cd03cf11fadadd164869d3ec82df886d349a6f56e815ba4c85c55dc671ee2e1f2ecdb2b60a9e450214aa134e79f3c97ffe266dd119186313d523ebf9c0de2fd1c67969b4a3355fb6f0053c8274125cf47beb89845b852db176026176c40639437b32c2750cf242c3d3c1a160ed5507ee5ce718cdd7a3f949f1294e0bcbdc74842a7762c1bd4e209c1c3d886785e0fb87b2aad359d3a6f08d2d146ea0e4fa86c8797a9d84bdb5ae1bcd6a8b887ab84b318fa255c2513723b887bd364c55b60edb539b62a76ceff734ba621d2f36d633e4663d21f7d1f487511f1d172acb2c4cdb1622c7de63f888ec0dc9c1466f15c250f9c1df5bd3460574394845a0bf68492a4dbaae6f7399e248c410cd121eb6319f85312104ac7b18da4b196b3abffb3259ab333c3653fa45e03002c16b5deb16c5f5b28992c444a13d499840502b23603dd39e5367b91d9499950dc73fcac725f1779c9aa1b865e2dccbc21d2ab442439127f22c730c7faa0b978121e80991d695b7a80b2aee261bfc0554d467d4f2e328151bb02214b533564b99aaa1ddef675c8afe926415753c6ff3e3e0370b9bb993a4a9dde4ff6efb399075836538fe508c8d4e08793f7d17d32cf2caef81a662ba2da6b7eba445760236c85e75921d7c42d76bd4ff872e401c1b19302c11d2c2f9d32db7fcbe4a6c45a31a368d67236bdd731cbd91e7939c9ef28302f366d3f72736495163fbd692e80d0f533de96689453ff6857e424c40c6addc314d8f27a758d253f55cd325e921bcd6124aeab9261d355b5e1986b86ecbe5b0ed88b6d3734e05d0b46f8e4e36c62af1a6497faab6a2f98a625cb8baaff27e95661243dbabe2f546ae957c858c3b469fbe900a3caf782b97491498b6cc2fd0f54793d627b0f5537a5e05c93328209628935e5b9e62d15e82fcc93a87d9088a37837b800db12dc5f4a335a9652c2c65307664596890357f2e2e397a1d20714c01ec576b7241cbcf5fb3056b8230eba4ce63a8349984bf9146649f9f9d9f672b74c41a52069196ca3a2d923da7ba6c59a380c60d0d5a85a4b6779ba3aec7895a01cb1b77edebe55800a16b4795bf6a097e1b8daba20586c99c1bb29b1f8f1a95335bb8f3e831dce0a2ade25e49710b38cafb6813c31c0d96044bd7516a87083ed3f0dd7737944c3ffd39c2021fa46c85b7074cae79347d0fd52c87a583c2700e609255b1b8c5045d97e9d5e69b0364133ba784c8757b2124264b4b10856fc744a1da7e9b4c865abb67ddad1edea6fc22a260a58efcfda6b7ed0d225a7a7061b8e678ce71cbdc467fa1eaa5e6df216e1641675e32a5ff38ca60965bab9c41f7ee725b2ab69cf9c837aba12aa91428b7f26de9f5f942080963ca8a913b877e46308936489b27c1a9cb51688954c2f3db00c62691f9b9632c856cae43077a07be5039ea8c61c6a0ff2f72ab76faaed867feed66f419d87a79235079e0e85f78dc6cc46dad241e6c332d8187bff81121b5e2e3b8edc6603b1948c5922500ae659c1468e71d4ae6bcff3b5df0fa11bda02a12755157f0d3050758fd8f2155aebe96ff98aa6e2095a06ab66139285e487bcf7f619e8bcc4b0df4fad3162c122761b130447936ac6fde5d7529832e70f9b72cad56fcb527c159cba6097164557d9a9cbd003b1778f23b03876c4c9b6081309b635f3ff869386ec5c0d1fea36086d190038c53ab39ee98f48f690602e127c798879d1255675615255f80c039e1654409bd4a01b02daa475b73c1d043d463a8146ed3d781d70df9102cb82aa3012ddb7e128441b6afbae72911389247b833967cfec6ae33e4f1fc201d5dac25842b202469eb34d2765b9439c8d665e563294b1daac06c9246b8cdfd799211175d87884d3aa70e0af4680705437657dfdccb0abf3f952ee41a956c61a5a2e9a498e946fa2bdd80d945dcb86d080a68d6c70508b8151b165610261c6a06c223d447ed630102cb1a8263fe27fe9798c564758322aa7c3bbc9cf9c87d7451c0f0e488f7f1e5f09e3463ecbc0d99b8efcb8373f9da2043c45cd990ad6f4ad8b3f3e22f33014efc05b4e1a12e4cbc6dbaa7d54e73fae4dbbb012c20a50fcd1acab4169840ff1c3a620bada1fda0c08d3d2ddf08886166ac1def80ad1b50ff4870f42ace44c560fad792595db35478b2175e0172228be1cf79e2846caef3a199b7943dd40a2b84ef59f154c0eeca33cbbe785549bce3228253d12e147e5507f44377917cd16f8b96e10907ba0852895ed21b65da41628913614907c457849c61f1b95f59e4895af91a2190babb849bd45119e443715135e792d19aa1b045ebbd81eb51363fe1658c72b84a647c5949fb8e822bf5699345e4bbb8e0f2af1760b439bdd602db1f47035358f783b6b7a8c252bb02922922145b51f62546f1b36687380121222290c9b8ee227d7f311825bc11dc523a9b0270b09a81712cbf13379f73d6ca0cb0253b2944e1bd8bff0284e6adf935004f6d9c733727337efbb956da0e91734ca3152e76e7355882e81ed86b851c64bc0ed038c02acffb81bc89155ab0babe9843c29f7e23251c62f593731a9fca7565ab92b311f1af68bad60429b49be869ca8db6906c9413fed86bd9c8d9d4974bf514e5de5f7e72e005b3188f3179752c93b5bf751d5517e8b2ab80a5c504397192e0517821975e1682a6dba1e98076ae0f7395cb211c6557f645ea1eb213774e7a714d9c25f9150ef32279c2dc1ca5dfb37db6ddecf2c6ad48f9a45ad70c199a911d8a5eec3247638ce0186d5babf753fbe9234df1ec2b4c020f5ecb60e00ec8363aeaa5d4df4442a39bab2ef7dff6143f9d9c154bcb1cf57f44adbad054e84c4d3f5a9176d5e1eb75f9635445d782723d02356e3aa7ab13ef7c857246a582157d26c368e2c3b0c605e222f78c5f773b97bd5ddc4e850c7119ce78e6c00296092293289e4a7f4f45c162b2be4ddeb652c654b7dd152daf41566b969156d26af0f23be462ae4c14c11a296b1249cdff5580ca85e0b5f1c7c0935a3bda968f8af75f2f978efeffd97487b65d2a5d59420d7bbe7530c212fc1ef54ceaa76061d5b05af296281ef24a89c64b4dee5239a4e42fea0ce47d3ef0df0745abc8a4f77280111606ca3f25fa9b04dd86065c906b637f1a6873791dc2f22f118bfcbe65804ac54d1f0ad0d386ccfc47eb1c4d4c3144f8179067289d19b8bf0cd5a6ad79fbfb7dd2d380d0f4bc1f9486b561f49e2aeb276c765df4cfdd65a23d9235a700ea24ab5f2690b020cce205a2e30caa47c6b4380de08c47153130071e17df1958a1a1c6aa2e0e66dff639303d06086aa6cca2b957ce51e33c3ccb44c3f7995c3713b6a233f12b044c512e4d1fb2609ff855b7a4175a5b59d3a497b92901c6a75622ab6460f3560b85ed597d1c7f869b514e234b11bf15a2140c3c6a1b3967ca17dea7a90e719732717ba6f509769f4348dba03e1182f2bc32f122e5a01427b2e9759a0905c85c52e02f06922fc4ed422a141635d09b142f471ead3695735b1a8601fe53c0928a1ac72455a90ac3657d25139fbe6b084027462b7d02e656ad2fc48abbb645b3c6504dac1ceb28cfb1b34349af6924a0c07397a1f50948e19c6e1e28cbf8a1bb62903c236a55ba9aedd1ae54d60dcead287cdb6ccee1646e43fcb91ffcef22b3c55b9b57d4cbb23d0fbf1f6ce14f62bf79d973c5758dedf7d66d42f319d203e93537d527b2c4b8184d70deb940c8d7922bc2af5040aac2820906120dc2de77703d2f0aa9aa89dc208e261e81ca68b23d41db18070727f6034f99316a60b673a00984e159cdaf2cd97746707aa50c60db86b4e1c2d2028b9acd71ae49cddc2284313ed1040b5c50c25df5b24f06648ee67e4e1aa0b260ce0a6b7cdd116335dd5f8a0408bb966383bfd0a45c937dacc90154ad06e629a283a223d752e57e824483273271cff1c850d4b8d6d4a8aaa5c32a20f5511cb36296f174a935c36ac57ffedfe66e22a6c29f5f3e2cc97197e661252470633e527bd1b7495361f92a132cd98dfc03a86916cc80bb803dfe18147f89dc62754406e1a158ea89bb0aeab412e3906e85936a0c334ffc64982e2a865861ee05053ac9e056edcf4e5af354afff78525c9f8165e38dcf3c40dcd645d0cef3c742503aa0c8a1bb39e6d7c0587496c09411c14137442dfe6df655d413b884c59335c1bcae91a6c625be5a371cd8fd8befd316000ff1c4fc2ab5c755ede5267dde14e368bd345e1769b4286db37767d4f2043b642dded054a5ccbaf05c74e4e3019e004525b19cfb79e883044c8c2e5033c618bddb331912e56ca303239015474f6a3394a591dc8887925c7eb1b06e1f8d112457bee33774339ecd4bf94b60842e16f51b693c45ea69c43eb7d55878eb4ffba4b8e75d4f47247e76f1a7852b6cf0c42780bb5f7d69a0701ae9b45dd845ea2a0e922f3fa1630c3dd36a741f54d35728008a9ca2fdcfae0a9d5426cc31baf22a386f90847b44cf7da330f1234d17e52dc95e72ca41c1cbf560d9b56884945f629a35066305a16a4953b90fbb3400aa17d746cf253c046ba0f97fa627a1b9fd685d747156b9e43704779afff47b194e8f2356aac273ce024cc39a345565639ce8be8df29954dc4d8845f2c675a4a9b00a0b329c13e22ffdd7272ba6d024ee67f2f7ddf4528b1431ea632800ad57b5151588fac066cde69493b670df46144686106e3ee106643a8e39e152d330a6dc6d97c1e6c87ced92e100b03071d6aaea8826d29b7efcfc269eb657bc64ae59cd9846d1ce5b6aff631e8763e583fc1842af728419491c2426408528c59f7787f94b3b36b1f4b621261c32014e2fe41e34c9b55ab75d3c023bfc778c254a87f1662b55588aeb723bc4a82166cd541e0ccb13f8d622754f5afd51f9f388fe34e260f6d4a6a116a7bbe03b25443e7d229ec47f2fab314302653878f3df13f5fe899fcf02a32754d844893291f7dc4aff6ccd65de10893a2891b01eef13096af3592ca5fd236f4694448eb315489e675d3648bb815b4286ba12402653ab3ad43b95c82439bfa67f9b18a0d28c1", 0x1000}}, 0x1006) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r6 = gettid() process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 9.240483819s ago: executing program 1 (id=534): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$igmp6(0xa, 0x3, 0x2) socket$inet6(0xa, 0x3, 0x8000000003c) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) chdir(0x0) r4 = socket$isdn_base(0x22, 0x3, 0x0) dup3(r3, r4, 0x0) 8.159112311s ago: executing program 2 (id=536): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000009c0)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000007c0)=[{0x0}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000900)=""/172, 0xac}], 0x5, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) r3 = semget$private(0x0, 0x4, 0x24) semctl$GETZCNT(r3, 0x2, 0xf, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000001000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800) recvmmsg(r4, &(0x7f0000000780)=[{{&(0x7f0000000380)=@in, 0x80, 0x0}, 0x3}], 0x1, 0x40012100, 0x0) 8.158473611s ago: executing program 4 (id=537): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0), 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x0, 0x0}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)={r4, 0xfffe, 0x20}, &(0x7f00000001c0)=0x18) 7.738728737s ago: executing program 0 (id=538): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getsockopt$ax25_int(r1, 0x101, 0xc, 0x0, &(0x7f0000000300)) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prlimit64(0x0, 0x2, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) r5 = syz_open_dev$dri(0x0, 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x7}, @NFTA_SYNPROXY_FLAGS={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe0}}, 0x0) 7.655725346s ago: executing program 4 (id=539): syz_init_net_socket$netrom(0x6, 0x5, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x6, @empty, 0x4}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x81, 0x40, 0x8, 0xff, 0x1, 0xe5, 0x81, 0x31, 0x2, 0x12, 0xb1, 0xff, 0x0, 0x5}, 0xe) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)=0x3, 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0x6}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000240)=0x8) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x300, 0x0, 0x54}, 0x9c) 7.317199981s ago: executing program 3 (id=540): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) socket$kcm(0x21, 0x2, 0x2) socket$xdp(0x2c, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) socket$packet(0x11, 0x3, 0x300) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) socket$kcm(0x2, 0xa, 0x2) socket$inet_mptcp(0x2, 0x1, 0x106) syz_open_procfs$pagemap(0x0, &(0x7f0000000080)) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x2, 0x80805, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$alg(0x26, 0x5, 0x0) socket$l2tp(0x2, 0x2, 0x73) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 6.112560737s ago: executing program 3 (id=541): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10) 5.629510447s ago: executing program 4 (id=542): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffe, @local, 0x1}, 0x1c) syz_open_pts(0xffffffffffffffff, 0x141601) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001140)={&(0x7f0000000f00)={0x14, 0x0, 0x200, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4088e) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f00000035c0)={0x0, 0x0, 0x0}, 0x0) 5.628959473s ago: executing program 1 (id=543): syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef09000000070002030109022a00010000"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_init_net_socket$rose(0xb, 0x5, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r3, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) 3.729384261s ago: executing program 2 (id=544): openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x41, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, 0x0, 0x10) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() timer_create(0x7, 0x0, &(0x7f0000000000)) timer_settime(0x0, 0x1, 0x0, 0x0) rt_sigaction(0x1a, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6(0xa, 0x2, 0x0) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1}}}}, 0x30}}, 0x0) 3.7278898s ago: executing program 0 (id=545): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file7\x00', 0x1000000, &(0x7f0000000000)={[{@noblock_validity}]}, 0x3, 0x49a, &(0x7f00000004c0)="$eJzs3c1vFOUfAPDvzPaF9/bHD194UapobERbWlE5eFCjCRcTEz3osZZKkAKG1kQIETQGj8a/QD2a+Bd4wotRTxqvejcmxHABPZg1MztTtt1t6W67bOt+PskuzzM7s8/znWce5pl5pm0APWske0sidkTErxExVMsuXmGk9s+tG5em/7pxaTqJavW1P5N8vZs3Lk2Xq5bbbS8yo2lE+nES+5uUuzUipmZnZ84X+fH5M++Oz124+OSpM1MnZ07OnJ08duzoUxPPPjP59LrEmcV1c98H5w7sPf7mZ69MV+OtH77O6ruj+Lw+jprhNZc5EiNRrVar6aKlA/n7o2v+9o1lZ1066etiRWhJJSKy5urP+/9QVOJ24w3Fyx91tXJAR2Xnp8GGpZX8PSk+B/6rEn0celR5xs+uf8vX3R2BdNf1F7L3mTz+W8Wr9klfZNftyXDtir3SofJ3RBJvXPn78+wVTe9DAACsr2vZ+OeJZuO/NO6tW29XMYcyHBGHI2J3RPw/IvZExD0R+br3RcT9LZY/siTfOP75eWtbga1SNv57rpjbWjz+W5i1Ga4UuZ15/P3J26dmZ44U+2Q0+gez/MQKZXz70i+fFlNeDbL4y/Ff9srKL8eCRT3+6Ftyg+7E1PzUWuMuXf8wYl9fs/iThZmAJCL2RsS+Nr4/22enHv/qQJbetb3x8/r4+4p2WBz/Sq60UaPFql9GPFYr90osib+U1KZIlpufHN8SszNHxsujotGPP119tT7fX5e+c/t3Vtb+25oe/0X8ZTe4cPF0Pl8713oZV3/7ZNlrmnaO/8GYnxpIXs/TA8Wy96fm589PRAwUCxYtn7y9bZkv18/iHz3UvP/vjvjni2K7/RGRHcQPRMSDEXGwqPtDEfFwRBxaIf7vX3zknZX3UCvtv76Tq1n8J1Zq/4jhLDW30P6tJyqnv/tmufLv0P7Xkrz9j+aZ0WLhav7/W20F17j7AAAAYFNIa3PQ6dhCOk3HxmrP8O+Jbensubn5wyPx3tkTtWflh6M/Le90DdXdD50o7g2X+ckl+S0R8b/8SaOteX5s+tzszm4HDz1u+zL9P/N7px56ATaOlqYUks7VA7j7Wur/S5/YADa1vnV/rADYLGp9//luVwPoAud+6F3N+v/liFtdqApwlzn/Q+/S/6F36f/Qu/R/6EmNPxJf/pqSdn7S/3Zi9/E1bd5DiUqHvjnqf2lHBxKRdn3XtZ9IN0I1DhaJwfJvYaxiq8sdbdOlxw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDm928AAAD//9/P4G0=") r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90) getdents64(r1, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) socket$inet6(0xa, 0x3, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) mmap(&(0x7f000049b000/0x2000)=nil, 0x2000, 0xb635773f06ebbeef, 0x8bacedea6f0fac5a, r0, 0x94bb7000) connect$unix(r2, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x33, &(0x7f0000000240)=0xe8e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x3, 0x7ffc1fff}]}) socket$inet_mptcp(0x2, 0x1, 0x106) accept4(r3, 0x0, 0x0, 0x80800) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x38200, 0x0) 2.771473558s ago: executing program 4 (id=546): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@nodelalloc}, {@data_err_abort}, {@bh}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@usrjquota}, {@dioread_nolock}, {@minixdf}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x562}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r3 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r3) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r4, &(0x7f0000000980)={0x231, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x13\xf6\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00', 0x54, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x9d,;\x9e\x1dR\xc3\xd6\xda\x9b\xf6\x99\xfa\x88\xda\xce\b\x00\x00\x00\xa4\x00\xb4\xb0\xb4\xdb\xf6\xc6\x9ai\xd0\x17\xce\xc4Y\x06\xf1t\xa6f\xa8R\x9aE\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1a'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xffffffffffffffff}}, 0x231) getpriority(0x1, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r5 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r5, &(0x7f0000000080), 0x10) ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000080)={0x0, 0x2000003, 0x4003}) 2.769530618s ago: executing program 2 (id=547): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x39cb, 0x4) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendto$inet6(r3, 0x0, 0x0, 0x20004041, 0x0, 0x0) connect$inet6(r3, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0) 2.572303413s ago: executing program 0 (id=548): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000300)=@gcm_256={{0x304}, "62648f4b35b737b9", "21c20c7e7ad9ecfe59ccea2785467903baf72894db0a7efa8e26655613653bb4", "0e0200", "01d787a90d233d89"}, 0x38) r3 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCFLSH(r4, 0x40384708, 0xfffffffffffffffd) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x1082, &(0x7f00000000c0)={[{@adinicb}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@gid_forget}, {@anchor={'anchor', 0x3d, 0x6}}, {@volume={'volume', 0x3d, 0x2}}, {@undelete}, {@gid}, {@mode={'mode', 0x3d, 0x6}}]}, 0x10, 0xc34, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LMkkJcr+fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lhtwIAeJDOT3/1+AnPfwD4RLng//8BAAAAAAAAAAAAAOCgS1HEE5Fi6fxWmq0+dw2fa3euXpuZmLx9tZFU1Ryoypc/w8+fOHnqSy+Mn+7lh9ffa0/Fa9MXztZfXryytNxaWWnN12c67bnF+dY9b2G39W82Vh2A+pXXr85furRSP/HcyRu+vjb6wdDjR0bPjD9z7Ole2ZmJycnpvjK1wY+891vcaYTHoSjiWKR49vs/Ts2IKGL3x+Iu185+G6k6MVZ1YmZisurIQrvZWS2/nOodiCKi3lep0TtGD+Bc7EojYq1sftngsbJ700vN5ebFhVZ9qrm82l5tL3amUre1ZX/qUcTpFLEeEZtDt25uMIqoRYrvHt5KFyNioHccvlgNDL5zO4p97OM9KNtZH4xYLx6Bc3aADUURr0aKn7xTxFx5zPJPfCHi1TL/MeKtMl+KSOWFcSri/eo6GnnILWcv1KKIPyvP/5mtNF/dD3r3lXNfq3+lc2mxr2zvvvLIPx8epAN+bxqOIprVHX8rffTf7AAAAAAAAAAAAAAAAACw10aiiKcixSv//gfVuOKoxqUfPjP+u6M/3z9m/Mm7bKcs+1xErBX3Nib3UB5CPJWmUnrIY4k/yYajiD/K4/++/bAbAwAAAAAAAAAAAAAAAAAA8IlWxHuR4sV3j6b16J9TvN25XL/QvLjQnRW2N/dvb8707e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjluvnbOSczbmWcz3nRs7NnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIn0WK73xjK0WKiEbEbHRzY6hXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4mIZSET+IFPXfa1xfV4uIVP3bdbT85VQ0DpX56WiMl/lSNM7mbFZZa3z7IbSf3RlMRfwoUgwNv339hOfzP9j9dP0yiLe+ufPpl2rdHOh9OfrB0ONHDp8Zn/yVJ++0nG7XgLFz7c7Va/WZicnJ6b7Vtbz3T/etG837Lfam60TEyhtvvt5cWGgtW/hkLNS6C7XY0y2PROztBvduodZdyPereOjtucNC42A0Y2chqnv/be/ZfGyUz//3I8VvvvsfvQd+7/n/c91P15/w8dM/3nn+v3jzhvbp+f9E37oX8+9GBmsRw6tXlgaPRAyvvPHmsfaV5uXW5Vbn1PHjXx4f//LJ44OHIoYvtRdafUu7PlQAAAAAAAAAAAAAAAAAD1Yq4rcjRfNHW6keEdeq8VqjZ8afOfb0QAxU461uGLf12vSFs/WXF68sLbdWVlrz9ZlOe25xvnWvuxuuhnvNTEzuS2fuamSf2z8y/PLi0hvL7cu/v3rb7x8bPntxZXW5OXf7r2MkiohG/5qxqsEzE5NVoxfazU5VdWqPBmYOpiL+M1LMnaqnz+d1efxfGe8N9pXtH/+/1re+Wt6n8X+fumk/KRXx00jxG3/+ZHy+audjccsxy+X+OlKMnf5cLheHynK9NnTfK9AdGViW/d9I8fc/u7Fsr+9P7JR9/v6O7sFXnv/DkeIHf/q9+NW87sb3P+yM/+w//4/dvKF9Ov+f6Vv32A3vK9h118nn/1ikeOmJt+PX8roPe/9HEdvb29+KOJoLX38/xz6d/8/2rRuN7n5/fe+6DwAAAAAAAAAA8MgaTEX8TaR4erKWXsjr7uXv/83fvKF9+vtfv9i3bv4BzVe064MKAAAAAAfEYCrivUhxefXt62Oo+8Z/3zj+87d25l6fSDd9W/053y9U7w3Yyz//6zea9zu7+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dRn7zKf+kakeOW/n83l0pGyXG8e+NHq1+Hzi51jZxcWFueaq82LC6369FJzrlXW/Uyk2Pqrz+W6RTW/em+++e4c78PbvbnYlyPF5N/2ynbnYu/NTd6dD7w7F3tZ9lOR4r/+7sayvXmsP7tT9kRZ9i8jxdf/6fZlj+yUPVmW/V6k+OHX672yj5Vle+9H7b6TdLgWC63n5hYXbnkVKgAAAAAAAAAAAAAAAAAAANyvwVTEn0SK/7myHmt52H+e/783A3+tV/atb/bN93+Ta9U8/6PV/P93Wv4o8/+P7llPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg0ZGiiDcjxdL5rbQxVH7uGj7X7ly9NjMxeftqI6mqOVCVL3+Gnz9x8tSXXhg/3csPr7/XnorXpi+crb+8eGVpubWy0pqvz3Tac4vzrXvewm7r7xy6rrHqANSvvH51/tKllfqJ507e8PW10Q+GHj8yemb8mWNP98rOTExOTveVqQ3ex97vq3E7DkURfxEpnv3+j9M/D0UUsftjcZdrZ7+NVJ0YqzoxMzFZdWSh3eysll9O9Q5EEVHvq9ToHaMHcC52pRGxVja/bPBY2b3ppeZy8+JCqz7VXF5tr7YXO1Op29qyP/Uo4nSKWI+IzaFbNzcYRbweKb57eCv9y1DEQO84fPH89FePn7hzO4p97OM9KNtZH4xYLx6Bc3aADUUR/xApfvLO0fjXoYhadH/iCxGv9hd8KSKVF8apiPdvcx3xaKpFEf9Xnv8zW+mdofJ+0LuvnPta/SudS4t9ZXv3lYP0fNi+/2txZA92e+8O+L1pOIr4YXXH30r/5r9rAAAAAAAAAAAAAAAAgAOkiF+OFC++ezRV44Ovjyludy7XLzQvLnSH9fXG/tUj/rDM7e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjVsX29va3uvVruX7OtZzrtYiirJ8/b+aMAzJ2DwAAAAAAAAAAAAAAAAAA+Hgpqn9SfOcbW6maS7URMRvd3DAf6Mfe/wcAAP//3sf+xA==") 1.558558729s ago: executing program 3 (id=549): socket$inet_sctp(0x2, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x190, 0xc8, 0x8, 0x0, 0x5803, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @private1, [], [], 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0xf0, 0x158, 0x0, {0x0, 0x2000000000000}, [@common=@dst={{0x48}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x138, 0x158, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'dvmrp0\x00', 'batadv_slave_1\x00', 0x12, 0x3}}, @inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=") r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket(0x40000000015, 0x5, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0) mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 1.309547943s ago: executing program 4 (id=550): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0), 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x0, 0x0}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)={r3, 0xfffe, 0x20}, &(0x7f00000001c0)=0x18) 1.149746337s ago: executing program 2 (id=551): syz_open_dev$dri(0x0, 0x1, 0x11f1c0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x10000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[]) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28) lsetxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='ocfs2_dlmfs\x00', 0x0, 0x0) 1.124058215s ago: executing program 1 (id=552): socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_setup(0x6e8c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0) socket$inet6(0xa, 0x2, 0x0) socket$rds(0x15, 0x5, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x802c, @mcast2, 0x5}, 0x1c) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300"], 0x2c}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r4, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0) sendfile(r3, r1, 0x0, 0x100000000) 1.123774883s ago: executing program 4 (id=553): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f00000001c0)="a6e2", 0x2, 0x840, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) dup3(r3, r4, 0x0) sendmsg$OSF_MSG_REMOVE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000003fc0)=ANY=[], 0x1060}, 0x1, 0x0, 0x0, 0x4805}, 0x20000000) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0x100a, 0x0, 0x0}, &(0x7f0000000000)=0x40) 1.102180237s ago: executing program 0 (id=554): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c) 1.016513403s ago: executing program 1 (id=555): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r4, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r6 = accept(r3, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1) recvfrom(r5, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 801.325909ms ago: executing program 0 (id=556): socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r0, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r1], 0x3c}}, 0x0) 0s ago: executing program 0 (id=557): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x11, r0) r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x10, r2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.85' (ED25519) to the list of known hosts. [ 36.413396][ T6506] cgroup: Unknown subsys name 'net' [ 36.540686][ T6506] cgroup: Unknown subsys name 'cpuset' [ 36.544555][ T6506] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 36.726307][ T6506] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 39.018498][ T6517] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.021373][ T6517] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.024154][ T6517] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.026918][ T6517] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.029717][ T6517] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.065179][ T6517] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 39.069687][ T6517] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 39.072064][ T6517] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 39.078266][ T6517] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 39.081025][ T6517] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 39.132529][ T6517] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 39.135438][ T6517] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 39.138669][ T6517] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 39.151878][ T6527] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 39.153242][ T6527] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 39.153628][ T6527] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 39.154131][ T6527] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 39.154742][ T6527] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 39.155158][ T6527] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 39.156479][ T6527] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 39.156669][ T6527] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 39.165019][ T6527] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 39.173333][ T6530] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 39.178384][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 39.181311][ T6084] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 39.275729][ T6516] chnl_net:caif_netlink_parms(): no params data found [ 39.374742][ T6516] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.374900][ T6516] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.375023][ T6516] bridge_slave_0: entered allmulticast mode [ 39.375936][ T6516] bridge_slave_0: entered promiscuous mode [ 39.398549][ T6516] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.398622][ T6516] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.399022][ T6516] bridge_slave_1: entered allmulticast mode [ 39.400239][ T6516] bridge_slave_1: entered promiscuous mode [ 39.457259][ T6516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.462823][ T6516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.469469][ T6519] chnl_net:caif_netlink_parms(): no params data found [ 39.512564][ T6516] team0: Port device team_slave_0 added [ 39.545959][ T6516] team0: Port device team_slave_1 added [ 39.577512][ T6516] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.580029][ T6516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.580069][ T6516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.611478][ T6516] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.611537][ T6516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.611573][ T6516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.625791][ T6523] chnl_net:caif_netlink_parms(): no params data found [ 39.630336][ T6519] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.630718][ T6519] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.630823][ T6519] bridge_slave_0: entered allmulticast mode [ 39.631654][ T6519] bridge_slave_0: entered promiscuous mode [ 39.633518][ T6519] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.633580][ T6519] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.633714][ T6519] bridge_slave_1: entered allmulticast mode [ 39.634586][ T6519] bridge_slave_1: entered promiscuous mode [ 39.683941][ T6516] hsr_slave_0: entered promiscuous mode [ 39.684553][ T6516] hsr_slave_1: entered promiscuous mode [ 39.710149][ T6519] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.730627][ T6521] chnl_net:caif_netlink_parms(): no params data found [ 39.736349][ T6519] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.774500][ T6522] chnl_net:caif_netlink_parms(): no params data found [ 39.796813][ T6519] team0: Port device team_slave_0 added [ 39.800445][ T6519] team0: Port device team_slave_1 added [ 39.859882][ T6519] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.862081][ T6519] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.869353][ T6519] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.870587][ T6519] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.870613][ T6519] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.870646][ T6519] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.892595][ T6523] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.892704][ T6523] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.892849][ T6523] bridge_slave_0: entered allmulticast mode [ 39.893692][ T6523] bridge_slave_0: entered promiscuous mode [ 39.895098][ T6523] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.895144][ T6523] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.895247][ T6523] bridge_slave_1: entered allmulticast mode [ 39.896116][ T6523] bridge_slave_1: entered promiscuous mode [ 39.957104][ T6523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.977835][ T6519] hsr_slave_0: entered promiscuous mode [ 39.978348][ T6519] hsr_slave_1: entered promiscuous mode [ 39.978680][ T6519] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.978754][ T6519] Cannot create hsr debugfs directory [ 39.991574][ T6523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.002269][ T6521] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.004391][ T6521] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.006550][ T6521] bridge_slave_0: entered allmulticast mode [ 40.008845][ T6521] bridge_slave_0: entered promiscuous mode [ 40.029284][ T6521] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.029403][ T6521] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.029526][ T6521] bridge_slave_1: entered allmulticast mode [ 40.036129][ T6521] bridge_slave_1: entered promiscuous mode [ 40.069478][ T6523] team0: Port device team_slave_0 added [ 40.071096][ T6523] team0: Port device team_slave_1 added [ 40.094372][ T6522] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.096584][ T6522] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.098836][ T6522] bridge_slave_0: entered allmulticast mode [ 40.101387][ T6522] bridge_slave_0: entered promiscuous mode [ 40.104055][ T6522] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.104352][ T6522] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.104472][ T6522] bridge_slave_1: entered allmulticast mode [ 40.105352][ T6522] bridge_slave_1: entered promiscuous mode [ 40.106272][ T6523] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.106297][ T6523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.106349][ T6523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.107613][ T6523] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.108703][ T6523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.108744][ T6523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.111241][ T6521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.113118][ T6521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.191785][ T6522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.193479][ T6522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.206511][ T6521] team0: Port device team_slave_0 added [ 40.209758][ T6521] team0: Port device team_slave_1 added [ 40.270630][ T6522] team0: Port device team_slave_0 added [ 40.272863][ T6522] team0: Port device team_slave_1 added [ 40.281888][ T6523] hsr_slave_0: entered promiscuous mode [ 40.282477][ T6523] hsr_slave_1: entered promiscuous mode [ 40.282831][ T6523] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.282861][ T6523] Cannot create hsr debugfs directory [ 40.312957][ T6521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.313024][ T6521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.313070][ T6521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.314149][ T6521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.314175][ T6521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.314209][ T6521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.326889][ T6516] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 40.350528][ T6522] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.350572][ T6522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.350638][ T6522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.351716][ T6522] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.351742][ T6522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.351777][ T6522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.381514][ T6516] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 40.385500][ T6516] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 40.416094][ T6516] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 40.443074][ T6521] hsr_slave_0: entered promiscuous mode [ 40.443641][ T6521] hsr_slave_1: entered promiscuous mode [ 40.443949][ T6521] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.443978][ T6521] Cannot create hsr debugfs directory [ 40.446373][ T6522] hsr_slave_0: entered promiscuous mode [ 40.446844][ T6522] hsr_slave_1: entered promiscuous mode [ 40.447179][ T6522] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.447206][ T6522] Cannot create hsr debugfs directory [ 40.488992][ T6519] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.513041][ T6519] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.536100][ T6519] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.540710][ T6519] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.716892][ T6516] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.717960][ T6523] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 40.723689][ T6523] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 40.727412][ T6523] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 40.739400][ T6523] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 40.755395][ T6519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.763997][ T6516] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.786046][ T6519] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.793781][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.793904][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.795231][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.795288][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.808206][ T185] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.808283][ T185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.814984][ T6521] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 40.834143][ T6521] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 40.855646][ T185] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.855721][ T185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.860872][ T6521] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 40.865948][ T6521] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 40.934278][ T6516] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.948384][ T6522] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 40.952544][ T6522] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 40.980686][ T6522] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 40.984230][ T6522] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 41.020745][ T6523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.050517][ T6523] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.059258][ T6526] Bluetooth: hci0: command tx timeout [ 41.061783][ T185] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.061868][ T185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.082993][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.083076][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.122116][ T6521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.138805][ T6526] Bluetooth: hci1: command tx timeout [ 41.140689][ T6519] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.156651][ T6516] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.161124][ T6521] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.185916][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.185987][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.203351][ T185] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.203437][ T185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.213933][ T6522] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.222639][ T6526] Bluetooth: hci2: command tx timeout [ 41.222659][ T52] Bluetooth: hci3: command tx timeout [ 41.236440][ T6522] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.239713][ T6516] veth0_vlan: entered promiscuous mode [ 41.245677][ T6516] veth1_vlan: entered promiscuous mode [ 41.276518][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.276608][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.277966][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.278014][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.291785][ T6516] veth0_macvtap: entered promiscuous mode [ 41.295346][ T6516] veth1_macvtap: entered promiscuous mode [ 41.297904][ T52] Bluetooth: hci4: command tx timeout [ 41.319251][ T6519] veth0_vlan: entered promiscuous mode [ 41.331333][ T6519] veth1_vlan: entered promiscuous mode [ 41.364426][ T6516] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.370710][ T6516] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.389735][ T6519] veth0_macvtap: entered promiscuous mode [ 41.394151][ T6516] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.396807][ T6516] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.399884][ T6516] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.402474][ T6516] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.440187][ T6519] veth1_macvtap: entered promiscuous mode [ 41.449761][ T6523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.494987][ T6519] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.514054][ T6523] veth0_vlan: entered promiscuous mode [ 41.522721][ T6519] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.526086][ T6523] veth1_vlan: entered promiscuous mode [ 41.547160][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.547259][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.560416][ T6519] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.562985][ T6519] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.564103][ T6519] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.564137][ T6519] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.596454][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.596509][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.606847][ T6521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.620637][ T6522] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.650911][ T6523] veth0_macvtap: entered promiscuous mode [ 41.665580][ T6523] veth1_macvtap: entered promiscuous mode [ 41.673584][ T6523] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.679642][ T6523] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.683465][ T6523] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.685996][ T6523] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.689471][ T6523] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.691892][ T6523] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.704404][ T6516] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 41.861952][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.862021][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.889378][ T6521] veth0_vlan: entered promiscuous mode [ 41.934966][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.937525][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.953595][ T6521] veth1_vlan: entered promiscuous mode [ 42.594799][ T238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.597085][ T238] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.605191][ T185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.608587][ T185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.632759][ T6521] veth0_macvtap: entered promiscuous mode [ 42.636387][ T6521] veth1_macvtap: entered promiscuous mode [ 42.646699][ T6521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.654615][ T6522] veth0_vlan: entered promiscuous mode [ 42.660615][ T6522] veth1_vlan: entered promiscuous mode [ 42.672921][ T6522] veth0_macvtap: entered promiscuous mode [ 42.676426][ T6522] veth1_macvtap: entered promiscuous mode [ 42.684209][ T6522] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.688242][ T6522] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.692060][ T6522] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.694653][ T6522] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.697085][ T6522] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.700764][ T6522] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.766397][ T6521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.837592][ T6521] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.846005][ T6521] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.874246][ T6521] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.876918][ T6521] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.333990][ T52] Bluetooth: hci0: command tx timeout [ 43.334281][ T52] Bluetooth: hci1: command tx timeout [ 43.334679][ T52] Bluetooth: hci3: command tx timeout [ 43.335109][ T52] Bluetooth: hci2: command tx timeout [ 43.377929][ T52] Bluetooth: hci4: command tx timeout [ 44.895683][ T6653] loop2: detected capacity change from 0 to 2048 [ 45.295925][ T6653] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 45.314801][ T6653] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.098604][ T52] Bluetooth: hci3: command tx timeout [ 46.098795][ T52] Bluetooth: hci1: command tx timeout [ 46.098856][ T52] Bluetooth: hci0: command tx timeout [ 46.098929][ T52] Bluetooth: hci4: command tx timeout [ 47.240669][ T6526] Bluetooth: hci2: command tx timeout [ 47.674283][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.674360][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.728023][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.728072][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.819995][ T6671] loop1: detected capacity change from 0 to 2048 [ 47.836261][ T6672] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 48.588400][ T6526] Bluetooth: hci4: command tx timeout [ 48.588480][ T6526] Bluetooth: hci0: command tx timeout [ 48.588536][ T6526] Bluetooth: hci1: command tx timeout [ 48.588584][ T6526] Bluetooth: hci3: command tx timeout [ 48.616545][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.616609][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.299576][ T6084] Bluetooth: hci2: command tx timeout [ 49.412878][ T6672] NILFS (loop1): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 49.417829][ T6672] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=2) [ 49.435957][ T6672] Remounting filesystem read-only [ 49.443362][ T6516] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 49.498825][ T238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.501562][ T238] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.712561][ T6698] loop3: detected capacity change from 0 to 1024 [ 52.349890][ T6707] process 'syz.0.16' launched './file2' with NULL argv: empty string added [ 53.372809][ T6712] Driver unsupported XDP return value 0 on prog (id 2) dev N/A, expect packet loss! [ 54.136201][ T6721] loop1: detected capacity change from 0 to 128 [ 55.397700][ T6738] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.903828][ T6750] TCP: out of memory -- consider tuning tcp_mem [ 60.056840][ T6776] loop4: detected capacity change from 0 to 1024 [ 63.354661][ T6797] loop1: detected capacity change from 0 to 512 [ 63.357925][ T6798] loop2: detected capacity change from 0 to 16 [ 63.362563][ T6797] EXT4-fs: quotafile must be on filesystem root [ 63.372215][ T6798] erofs (device loop2): mounted with root inode @ nid 36. [ 63.413494][ T6797] ======================================================= [ 63.413494][ T6797] WARNING: The mand mount option has been deprecated and [ 63.413494][ T6797] and is ignored by this kernel. Remove the mand [ 63.413494][ T6797] option from the mount to silence this warning. [ 63.413494][ T6797] ======================================================= [ 63.512424][ T6798] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 63.525928][ T6798] erofs (device loop2): failed to decompress -20 in[58, 4038] out[1851] [ 63.526030][ T6798] erofs (device loop2): read error -117 @ 43 of nid 36 [ 63.611301][ T6802] loop4: detected capacity change from 0 to 512 [ 63.618383][ T6802] EXT4-fs: Ignoring removed nobh option [ 63.671760][ T6802] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.44: iget: bad i_size value: 38620345925642 [ 63.691699][ T6802] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.44: couldn't read orphan inode 15 (err -117) [ 63.725124][ T6802] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.964547][ T6788] loop0: detected capacity change from 0 to 32768 [ 63.970488][ T6788] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.40 (6788) [ 63.976918][ T6788] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 63.977601][ T6788] BTRFS info (device loop0): using sha256 (sha256-arm64) checksum algorithm [ 63.978425][ T6788] BTRFS info (device loop0): using free-space-tree [ 64.672377][ T6522] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.493066][ T6823] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 65.724906][ T2410] ieee802154 phy0 wpan0: encryption failed: -22 [ 65.726982][ T2410] ieee802154 phy1 wpan1: encryption failed: -22 [ 66.435977][ T6519] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.110229][ T6856] loop4: detected capacity change from 0 to 128 [ 69.111446][ T6856] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 69.317246][ T6865] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.448339][ T9] cfg80211: failed to load regulatory.db [ 70.503602][ T6875] loop1: detected capacity change from 0 to 512 [ 70.938984][ T6875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.974988][ T6875] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.57: corrupted inode contents [ 70.987766][ T6875] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.57: mark_inode_dirty error [ 71.025103][ T6875] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.57: corrupted inode contents [ 73.166485][ T6900] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.57: corrupted inode contents [ 73.183234][ T6900] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.57: mark_inode_dirty error [ 73.319773][ T6900] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.57: corrupted inode contents [ 73.355292][ T6900] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.57: mark_inode_dirty error [ 73.360535][ T6900] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.57: corrupted inode contents [ 73.363126][ T6900] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.57: mark_inode_dirty error [ 75.053083][ T6516] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.513869][ T6954] loop1: detected capacity change from 0 to 16 [ 78.520007][ T6954] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 81.202245][ T6977] loop0: detected capacity change from 0 to 40427 [ 81.219573][ T6977] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 81.219667][ T6977] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 81.239208][ T6977] F2FS-fs (loop0): invalid crc value [ 81.272002][ T6977] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 81.272120][ T6977] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 84.322009][ T7007] loop4: detected capacity change from 0 to 16 [ 84.331680][ T7007] erofs (device loop4): mounted with root inode @ nid 36. [ 84.604849][ T7014] Soft offlining pfn 0x1380b3 at process virtual address 0x20cb3000 [ 85.411294][ T7014] Memory failure: 0x1380b3: unhandlable page. [ 88.043226][ T7023] loop1: detected capacity change from 0 to 32768 [ 88.051045][ T7023] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.90 (7023) [ 88.083692][ T7023] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 88.086624][ T7023] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 88.090393][ T7023] BTRFS info (device loop1): using free-space-tree [ 88.201863][ T7044] loop0: detected capacity change from 0 to 24 [ 88.206710][ T7044] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 88.227115][ T7044] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 89.523188][ T7044] VFS: Lookup of 'file0' in romfs loop0 would have caused loop [ 89.527736][ T7023] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 89.528673][ T7023] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 89.549250][ T7044] ubi31: attaching mtd0 [ 89.584855][ T7044] ubi31: scanning is finished [ 89.584885][ T7044] ubi31: empty MTD device detected [ 89.753832][ T7023] BTRFS error (device loop1): open_ctree failed: -12 [ 90.550315][ T6084] Bluetooth: hci2: command tx timeout [ 91.218582][ T7044] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4 [ 95.021968][ T7111] syz.0.112 uses obsolete (PF_INET,SOCK_PACKET) [ 95.196345][ T7121] batman_adv: batadv0: Adding interface: ip6gretap1 [ 95.199747][ T7121] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.206997][ T7121] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active [ 95.404608][ T7120] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 95.406517][ T7126] netlink: 12 bytes leftover after parsing attributes in process `syz.3.116'. [ 95.417724][ T7111] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.417814][ T7111] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.419413][ T7111] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.419466][ T7111] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.420205][ T7111] batman_adv: batadv0: Removing interface: ip6gretap1 [ 96.141231][ T7126] bridge1: port 1(veth3) entered blocking state [ 96.141339][ T7126] bridge1: port 1(veth3) entered disabled state [ 96.141507][ T7126] veth3: entered allmulticast mode [ 96.154636][ T7126] veth3: entered promiscuous mode [ 96.245817][ T7133] vlan2: entered allmulticast mode [ 96.248528][ T7133] veth1: entered allmulticast mode [ 96.252492][ T7133] bridge1: port 2(vlan2) entered blocking state [ 96.256606][ T7133] bridge1: port 2(vlan2) entered disabled state [ 96.277530][ T7133] vlan2: entered promiscuous mode [ 96.277586][ T7133] veth1: entered promiscuous mode [ 96.945970][ T7138] loop4: detected capacity change from 0 to 1024 [ 96.956684][ T7138] EXT4-fs: quotafile must be on filesystem root [ 102.496248][ T7201] loop4: detected capacity change from 0 to 4096 [ 102.502800][ T7201] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 104.018391][ T7206] loop0: detected capacity change from 0 to 32768 [ 104.044032][ T7206] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section [ 104.044032][ T7206] clean (size 2912): [ 104.044032][ T7206] flags: 0 [ 104.044032][ T7206] journal_seq: 8 [ 104.044032][ T7206] prio_ptrs: [ 104.044032][ T7206] usage: type=key_version v=0 [ 104.044032][ T7206] usage: type=reserved v=0 [ 104.044032][ T7206] usage: type=reserved v=0 [ 104.044032][ T7206] usage: type=reserved v=0 [ 104.044032][ T7206] usage: type=reserved v=0 [ 104.044032][ T7206] data_usage: btree: 1/1 [0]=2816 [ 104.044032][ T7206] data_usage: journal: 1/1 [0]=0 [ 104.044032][ T7206] data_usage: user: 1/1 [0]=32 [ 104.044032][ T7206] dev_usage: dev=0 [ 104.044032][ T7206] free: buckets=83 sectors=0 fragmented=0 [ 104.044032][ T7206] sb: buckets=25 sectors=6152 fragmented=248 [ 104.044032][ T7206] journal: buckets=8 sectors=2048 fragmented=0 [ 104.044032][ T7206] btree: buckets=11 sectors=2816 fragmented=0 [ 104.044032][ T7206] user: buckets=1 sectors=32 fragmented=224 [ 104.044032][ T7206] cached: buckets=0 sectors=0 fragmented=0 [ 104.044032][ T7206] parity: buckets=0 sectors=0 fragmented=786432 [ 104.044032][ T7206] stripe: buckets=0 sectors=0 fragmented=0 [ 104.044032][ T7206] need_gc_gens: buckets=0 sectors=0 fragmented=0 [ 104.044032][ T7206] need_discard: buckets=0 sectors=0 fragmented=0 [ 104.044032][ T7206] clock: read=0 [ 104.044032][ T7206] clock: write=1288 [ 104.044032][ T7206] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 249e7ae2a [ 104.044220][ T7206] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 104.189368][ T7201] ntfs3(loop4): ino=19, mi_enum_attr [ 104.301636][ T7213] netlink: 'syz.0.139': attribute type 1 has an invalid length. [ 105.225597][ T7224] loop6: detected capacity change from 0 to 524287999 [ 105.226425][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.226692][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.226804][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.226942][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.227065][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.227179][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.227308][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.227435][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.227515][ T7224] ldm_validate_partition_table(): Disk read failed. [ 105.227594][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.229092][ T7224] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.229344][ T7224] Dev loop6: unable to read RDB block 0 [ 105.229758][ T7224] loop6: unable to read partition table [ 105.229949][ T7224] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 105.334298][ T7213] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.723304][ T7229] tipc: Can't bind to reserved service type 0 [ 105.729682][ T7229] netlink: 44 bytes leftover after parsing attributes in process `syz.3.141'. [ 105.745180][ T7218] bond1: (slave veth0_to_bond): making interface the new active one [ 105.795369][ T7218] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 105.811517][ T7230] vlan2: entered allmulticast mode [ 105.818546][ T7230] veth1: entered allmulticast mode [ 105.821795][ T7230] veth1: entered promiscuous mode [ 105.824076][ T7230] veth1: left promiscuous mode [ 105.828961][ T7230] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 107.018985][ T7248] netlink: 32 bytes leftover after parsing attributes in process `syz.0.146'. [ 107.585050][ T7237] loop3: detected capacity change from 0 to 32768 [ 107.585690][ T7237] btrfs: Unknown parameter 'fragment' [ 110.787164][ T7271] sctp: failed to load transform for md5: -2 [ 117.774716][ T7309] loop3: detected capacity change from 0 to 32768 [ 118.791637][ T7309] JBD2: journal reset failed [ 118.791739][ T7309] (syz.3.160,7309,0):ocfs2_journal_load:1167 ERROR: Failed to load journal! [ 118.791767][ T7309] (syz.3.160,7309,0):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4 [ 120.933794][ T9] IPVS: starting estimator thread 0... [ 121.372405][ T7360] IPVS: using max 32 ests per chain, 76800 per kthread [ 121.392190][ T7361] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.392330][ T7361] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 121.543577][ T7369] loop1: detected capacity change from 0 to 2048 [ 122.294318][ T7375] loop4: detected capacity change from 0 to 1024 [ 122.558026][ T7361] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.558087][ T7361] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 122.563106][ T7369] loop1: detected capacity change from 0 to 32768 [ 122.568503][ T14] hfsplus: b-tree write err: -5, ino 4 [ 122.578726][ T7369] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.173 (7369) [ 123.232162][ T7369] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 123.232260][ T7369] BTRFS info (device loop1): using sha256 (sha256-arm64) checksum algorithm [ 123.232318][ T7369] BTRFS info (device loop1): using free-space-tree [ 123.302483][ T7369] BTRFS info (device loop1): rebuilding free space tree [ 123.317908][ T7361] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.317974][ T7361] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 123.378966][ T7361] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.379028][ T7361] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 124.204417][ T6516] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 124.653045][ T7361] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 124.653707][ T7361] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 124.890472][ T7409] loop4: detected capacity change from 0 to 4096 [ 125.238928][ T7424] loop3: detected capacity change from 0 to 256 [ 126.178844][ T2410] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.178929][ T2410] ieee802154 phy1 wpan1: encryption failed: -22 [ 127.253315][ T7439] loop4: detected capacity change from 0 to 1024 [ 130.691937][ T7465] loop0: detected capacity change from 0 to 64 [ 131.647141][ T7473] loop4: detected capacity change from 0 to 8 [ 131.941753][ T7474] loop3: detected capacity change from 0 to 128 [ 132.274192][ T7474] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 132.663385][ T7483] netlink: 36 bytes leftover after parsing attributes in process `syz.0.200'. [ 135.240403][ T7503] loop4: detected capacity change from 0 to 256 [ 135.293774][ T7503] exFAT-fs (loop4): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 135.310358][ T7503] exFAT-fs (loop4): valid_size(10) is greater than size(0) [ 135.887145][ T6521] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 135.955552][ T7510] loop1: detected capacity change from 0 to 64 [ 139.135432][ T7539] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 139.972438][ T7554] netlink: 12 bytes leftover after parsing attributes in process `syz.4.221'. [ 140.022865][ T7561] loop0: detected capacity change from 0 to 1024 [ 140.427197][ T7567] loop3: detected capacity change from 0 to 1024 [ 140.994626][ T7567] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 140.996019][ T7567] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 140.996196][ T7567] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 141.001747][ T7554] bridge1: port 1(veth3) entered blocking state [ 141.001809][ T7554] bridge1: port 1(veth3) entered disabled state [ 141.001919][ T7554] veth3: entered allmulticast mode [ 141.002821][ T7554] veth3: entered promiscuous mode [ 141.015707][ T7569] vlan2: entered allmulticast mode [ 141.015763][ T7569] veth1: entered allmulticast mode [ 141.016200][ T7569] bridge1: port 2(vlan2) entered blocking state [ 141.016273][ T7569] bridge1: port 2(vlan2) entered disabled state [ 141.023377][ T7569] vlan2: entered promiscuous mode [ 141.023424][ T7569] veth1: entered promiscuous mode [ 141.863359][ T6084] Bluetooth: hci0: command tx timeout [ 142.441380][ T7567] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 142.441603][ T7567] EXT4-fs (loop3): orphan cleanup on readonly fs [ 142.482621][ T7567] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.222: Inode bitmap for bg 0 marked uninitialized [ 142.496668][ T7567] EXT4-fs (loop3): Remounting filesystem read-only [ 142.497846][ T7567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 142.508681][ T7561] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.722850][ T6521] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.760143][ T7583] loop1: detected capacity change from 0 to 2048 [ 143.498974][ T7590] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.220: bg 0: block 393: padding at end of block bitmap is not set [ 143.521640][ T7590] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28 [ 143.521774][ T7590] EXT4-fs (loop0): This should not happen!! Data will be lost [ 143.521774][ T7590] [ 143.521808][ T7590] EXT4-fs (loop0): Total free blocks count 0 [ 143.521836][ T7590] EXT4-fs (loop0): Free/Dirty block details [ 143.521870][ T7590] EXT4-fs (loop0): free_blocks=0 [ 143.521905][ T7590] EXT4-fs (loop0): dirty_blocks=16 [ 143.521932][ T7590] EXT4-fs (loop0): Block reservation details [ 143.521959][ T7590] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 143.789060][ T7583] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.793836][ T6519] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.975614][ T7608] loop0: detected capacity change from 0 to 256 [ 145.521350][ T7608] FAT-fs (loop0): Directory bread(block 64) failed [ 145.521513][ T7608] FAT-fs (loop0): Directory bread(block 65) failed [ 145.521600][ T7608] FAT-fs (loop0): Directory bread(block 66) failed [ 145.521642][ T7608] FAT-fs (loop0): Directory bread(block 67) failed [ 145.521702][ T7608] FAT-fs (loop0): Directory bread(block 68) failed [ 145.521741][ T7608] FAT-fs (loop0): Directory bread(block 69) failed [ 145.521801][ T7608] FAT-fs (loop0): Directory bread(block 70) failed [ 145.521841][ T7608] FAT-fs (loop0): Directory bread(block 71) failed [ 145.521899][ T7608] FAT-fs (loop0): Directory bread(block 72) failed [ 145.521939][ T7608] FAT-fs (loop0): Directory bread(block 73) failed [ 145.654412][ T6516] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.785396][ T7623] loop1: detected capacity change from 0 to 256 [ 146.786175][ T7623] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 148.632578][ T7638] netlink: 12 bytes leftover after parsing attributes in process `syz.1.238'. [ 149.650831][ T7648] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 149.756969][ T7638] bridge1: port 1(veth3) entered blocking state [ 149.757057][ T7638] bridge1: port 1(veth3) entered disabled state [ 149.757193][ T7638] veth3: entered allmulticast mode [ 150.659932][ T7650] loop4: detected capacity change from 0 to 16 [ 150.961453][ T7650] erofs (device loop4): mounted with root inode @ nid 36. [ 151.020079][ T6084] erofs (device loop4): failed to decompress -26 in[46, 0] out[9000] [ 151.037662][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[9000] [ 151.037993][ T7650] erofs (device loop4): read error -117 @ 2 of nid 89 [ 151.039844][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[9000] [ 151.040088][ T7650] erofs (device loop4): read error -117 @ 2 of nid 89 [ 151.041627][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[9000] [ 151.041845][ T7650] erofs (device loop4): read error -117 @ 2 of nid 89 [ 151.042758][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[9000] [ 151.042930][ T7650] erofs (device loop4): read error -117 @ 2 of nid 89 [ 151.063553][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[8192] [ 151.063609][ T7650] erofs (device loop4): read error -117 @ 0 of nid 89 [ 151.063695][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[8192] [ 151.063733][ T7650] erofs (device loop4): read error -117 @ 0 of nid 89 [ 151.063804][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[8192] [ 151.063841][ T7650] erofs (device loop4): read error -117 @ 0 of nid 89 [ 151.063902][ T7650] erofs (device loop4): failed to decompress -26 in[46, 4050] out[8192] [ 151.063938][ T7650] erofs (device loop4): read error -117 @ 0 of nid 89 [ 151.067134][ T7638] veth3: entered promiscuous mode [ 151.326736][ T7654] vlan2: entered allmulticast mode [ 151.409445][ T7654] veth1: entered allmulticast mode [ 151.409647][ T7654] bridge1: port 2(vlan2) entered blocking state [ 151.409704][ T7654] bridge1: port 2(vlan2) entered disabled state [ 151.411044][ T7654] vlan2: entered promiscuous mode [ 151.411088][ T7654] veth1: entered promiscuous mode [ 152.597177][ T31] audit: type=1326 audit(152.310:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7652 comm="syz.3.241" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b5a9a8 code=0x7fc00000 [ 152.942420][ T7674] loop3: detected capacity change from 0 to 16 [ 152.950553][ T7674] erofs (device loop3): mounted with root inode @ nid 36. [ 155.322824][ T7673] erofs (device loop3): readahead error at folio 2 @ nid 89 [ 156.161836][ T6084] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162163][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162204][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.162323][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162366][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.162609][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162641][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.162747][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162776][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.162876][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.162905][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.163343][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.163375][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.163481][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.163510][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.163612][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.163641][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.163799][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.163828][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.163928][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.163957][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164065][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164094][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164245][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164275][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164385][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164418][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164519][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164547][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164699][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164728][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164832][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164860][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.164960][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.164988][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.165136][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.165165][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.165268][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.165297][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.165401][ T7673] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.165434][ T7673] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.183340][ T7683] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.183388][ T7683] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.183503][ T7683] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.183535][ T7683] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.183653][ T7683] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.183684][ T7683] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.183786][ T7683] erofs (device loop3): failed to decompress 6887 in[4096, 0] out[8192] [ 156.183815][ T7683] erofs (device loop3): read error -117 @ 0 of nid 89 [ 156.510281][ T7691] loop4: detected capacity change from 0 to 40427 [ 156.513199][ T7691] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 156.513234][ T7691] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 156.541338][ T7691] F2FS-fs (loop4): invalid crc value [ 156.572242][ T7691] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 156.572304][ T7691] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 157.291646][ T7691] syz.4.251: attempt to access beyond end of device [ 157.291646][ T7691] loop4: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 159.444827][ T7722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.258'. [ 160.059504][ T7722] bridge1: port 1(veth3) entered blocking state [ 160.059613][ T7722] bridge1: port 1(veth3) entered disabled state [ 160.059765][ T7722] veth3: entered allmulticast mode [ 160.063296][ T7722] veth3: entered promiscuous mode [ 160.090948][ T6522] syz-executor: attempt to access beyond end of device [ 160.090948][ T6522] loop4: rw=2051, sector=77832, nr_sectors = 56 limit=40427 [ 160.092325][ T6522] F2FS-fs (loop4): Issue discard(9729, 9729, 7) failed, ret: -5 [ 160.270714][ T7735] TCP: out of memory -- consider tuning tcp_mem [ 161.573485][ T7751] loop3: detected capacity change from 0 to 1024 [ 161.729863][ T7751] EXT4-fs (loop3): inodes count not valid: 0 vs 32 [ 162.449250][ T7763] loop4: detected capacity change from 0 to 1024 [ 162.450618][ T7763] EXT4-fs: Ignoring removed nomblk_io_submit option [ 163.485255][ T7763] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.288874][ T6522] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.834000][ T7802] syz.1.276: attempt to access beyond end of device [ 166.834000][ T7802] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 166.834159][ T7802] efs: cannot read volume header [ 168.739421][ T7807] loop4: detected capacity change from 0 to 262144 [ 168.745968][ T7807] F2FS-fs (loop4): invalid crc value [ 168.770523][ T7807] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 170.071033][ T7832] loop3: detected capacity change from 0 to 256 [ 171.076322][ T7832] FAT-fs (loop3): Directory bread(block 64) failed [ 171.157747][ T7832] FAT-fs (loop3): Directory bread(block 65) failed [ 171.157870][ T7832] FAT-fs (loop3): Directory bread(block 66) failed [ 171.157924][ T7832] FAT-fs (loop3): Directory bread(block 67) failed [ 171.157984][ T7832] FAT-fs (loop3): Directory bread(block 68) failed [ 171.158024][ T7832] FAT-fs (loop3): Directory bread(block 69) failed [ 171.158082][ T7832] FAT-fs (loop3): Directory bread(block 70) failed [ 171.158121][ T7832] FAT-fs (loop3): Directory bread(block 71) failed [ 171.158179][ T7832] FAT-fs (loop3): Directory bread(block 72) failed [ 171.158218][ T7832] FAT-fs (loop3): Directory bread(block 73) failed [ 173.464381][ T7854] loop3: detected capacity change from 0 to 128 [ 173.472214][ T7854] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 173.480732][ T7854] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.645641][ T7859] loop1: detected capacity change from 0 to 128 [ 173.724707][ T7856] loop0: detected capacity change from 0 to 4096 [ 173.725295][ T7856] ntfs3: Unknown parameter '184467440737095516150xffffffffffffffff01777777777777777777777ÿ0xffffffffffffffff0x0000000000000003ÿÿÿÿÿÿÿÿÿÿÿÿ' [ 173.991141][ T7860] syz.1.293: attempt to access beyond end of device [ 173.991141][ T7860] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 176.422586][ T7885] loop0: detected capacity change from 0 to 512 [ 176.454764][ T7885] EXT4-fs: Ignoring removed mblk_io_submit option [ 176.460483][ T7885] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 176.558073][ T7887] netlink: 4 bytes leftover after parsing attributes in process `syz.3.299'. [ 176.567099][ T7887] netlink: 4 bytes leftover after parsing attributes in process `syz.3.299'. [ 185.447439][ T7952] loop1: detected capacity change from 0 to 256 [ 186.482301][ T7952] FAT-fs (loop1): Directory bread(block 64) failed [ 186.482386][ T7952] FAT-fs (loop1): Directory bread(block 65) failed [ 186.482465][ T7952] FAT-fs (loop1): Directory bread(block 66) failed [ 186.482506][ T7952] FAT-fs (loop1): Directory bread(block 67) failed [ 186.482563][ T7952] FAT-fs (loop1): Directory bread(block 68) failed [ 186.482602][ T7952] FAT-fs (loop1): Directory bread(block 69) failed [ 186.482660][ T7952] FAT-fs (loop1): Directory bread(block 70) failed [ 186.482699][ T7952] FAT-fs (loop1): Directory bread(block 71) failed [ 186.482761][ T7952] FAT-fs (loop1): Directory bread(block 72) failed [ 186.482800][ T7952] FAT-fs (loop1): Directory bread(block 73) failed [ 187.619348][ T2410] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.621417][ T2410] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.644782][ T7971] loop4: detected capacity change from 0 to 512 [ 188.654117][ T7971] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 188.704741][ T7971] EXT4-fs (loop4): 1 orphan inode deleted [ 188.707305][ T7971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.719753][ T6821] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 188.719946][ T6821] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1 [ 189.076264][ T6522] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.834318][ T7996] loop3: detected capacity change from 0 to 1024 [ 191.494411][ T6919] hfsplus: b-tree write err: -5, ino 4 [ 191.535226][ T8004] netlink: 28 bytes leftover after parsing attributes in process `syz.2.329'. [ 191.535311][ T8004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.329'. [ 196.388983][ T8043] loop4: detected capacity change from 0 to 256 [ 204.380938][ T8112] loop4: detected capacity change from 0 to 65536 [ 204.442847][ T8109] netlink: 36 bytes leftover after parsing attributes in process `syz.3.357'. [ 204.445796][ T8109] netlink: 16 bytes leftover after parsing attributes in process `syz.3.357'. [ 204.569377][ T8109] netlink: 36 bytes leftover after parsing attributes in process `syz.3.357'. [ 204.624716][ T8109] netlink: 36 bytes leftover after parsing attributes in process `syz.3.357'. [ 204.925440][ T8112] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 205.148602][ T8112] XFS (loop4): Ending clean mount [ 206.927906][ T8136] XFS (loop4): Metadata CRC error detected at xfs_agf_read_verify+0x100/0x1d4, xfs_agf block 0x1 [ 206.928123][ T8136] XFS (loop4): Unmount and run xfs_repair [ 206.928147][ T8136] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 206.928172][ T8136] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 206.928195][ T8136] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 206.928217][ T8136] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 206.928238][ T8136] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 206.928274][ T8136] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 206.928296][ T8136] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 ................ [ 206.928317][ T8136] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 206.928347][ T8136] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 206.928535][ T8136] XFS (loop4): metadata I/O error in "xfs_read_agf+0x238/0x58c" at daddr 0x1 len 1 error 74 [ 206.933836][ T8136] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x4c8/0x964 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 206.933885][ T8136] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 207.154694][ T6522] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 207.961985][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.364'. [ 207.969620][ T8146] bond_slave_0: entered promiscuous mode [ 207.969807][ T8146] bond_slave_1: entered promiscuous mode [ 207.974694][ T8146] macvtap1: entered promiscuous mode [ 207.974773][ T8146] bond0: entered promiscuous mode [ 207.975039][ T8146] macvtap1: entered allmulticast mode [ 207.975063][ T8146] bond0: entered allmulticast mode [ 207.975084][ T8146] bond_slave_0: entered allmulticast mode [ 207.975106][ T8146] bond_slave_1: entered allmulticast mode [ 207.976456][ T8146] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 208.100074][ T8151] loop4: detected capacity change from 0 to 1024 [ 208.210967][ T8146] bond0: left allmulticast mode [ 208.211040][ T8146] bond_slave_0: left allmulticast mode [ 208.211083][ T8146] bond_slave_1: left allmulticast mode [ 208.211120][ T8146] bond0: left promiscuous mode [ 208.211442][ T8146] bond_slave_0: left promiscuous mode [ 208.211580][ T8146] bond_slave_1: left promiscuous mode [ 208.223207][ T8151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.387193][ T6522] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.479682][ T8166] xt_NFQUEUE: number of total queues is 0 [ 214.519059][ T8211] loop4: detected capacity change from 0 to 1024 [ 214.998531][ T8211] EXT4-fs: Ignoring removed orlov option [ 215.879241][ T8211] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.981795][ T6522] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.346781][ T8294] loop1: detected capacity change from 0 to 22 [ 226.347457][ T8294] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 226.361515][ T8294] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 226.570612][ T8296] netlink: 4 bytes leftover after parsing attributes in process `syz.3.392'. [ 226.596938][ T8296] erspan0: entered promiscuous mode [ 226.601628][ T8296] macvtap1: entered promiscuous mode [ 226.601749][ T8296] macvtap1: entered allmulticast mode [ 226.601790][ T8296] erspan0: entered allmulticast mode [ 227.228137][ T8300] loop4: detected capacity change from 0 to 4096 [ 227.229290][ T8300] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 227.351818][ T8296] erspan0: left allmulticast mode [ 227.352004][ T8296] erspan0: left promiscuous mode [ 227.402097][ T8300] ntfs3(loop4): ino=19, mi_enum_attr [ 227.726812][ T8306] loop3: detected capacity change from 0 to 1024 [ 227.928838][ T8313] loop6: detected capacity change from 0 to 524287999 [ 227.929169][ T8313] buffer_io_error: 6 callbacks suppressed [ 227.929214][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929286][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929361][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929424][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929494][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929564][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929646][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929716][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929763][ T8313] ldm_validate_partition_table(): Disk read failed. [ 227.929806][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929867][ T8313] Buffer I/O error on dev loop6, logical block 0, async page read [ 227.929976][ T8313] Dev loop6: unable to read RDB block 0 [ 227.930171][ T8313] loop6: unable to read partition table [ 227.930286][ T8313] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 228.193328][ T8312] ntfs3: Cannot use different iocharset when remounting! [ 228.264216][ T8313] ntfs3(loop4): failed to convert "c46c" to cp932 [ 228.269202][ T8313] ntfs3(loop4): ino=20, mi_enum_attr [ 228.687719][ T8306] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 228.691114][ T8306] UDF-fs: warning (device loop3): udf_fill_super: No fileset found [ 228.944846][ T8322] Zero length message leads to an empty skb [ 229.689067][ T8332] loop1: detected capacity change from 0 to 256 [ 230.696255][ T8332] FAT-fs (loop1): Directory bread(block 64) failed [ 230.696341][ T8332] FAT-fs (loop1): Directory bread(block 65) failed [ 230.696424][ T8332] FAT-fs (loop1): Directory bread(block 66) failed [ 230.696471][ T8332] FAT-fs (loop1): Directory bread(block 67) failed [ 230.696530][ T8332] FAT-fs (loop1): Directory bread(block 68) failed [ 230.696569][ T8332] FAT-fs (loop1): Directory bread(block 69) failed [ 230.696627][ T8332] FAT-fs (loop1): Directory bread(block 70) failed [ 230.696666][ T8332] FAT-fs (loop1): Directory bread(block 71) failed [ 230.696724][ T8332] FAT-fs (loop1): Directory bread(block 72) failed [ 230.696762][ T8332] FAT-fs (loop1): Directory bread(block 73) failed [ 232.086278][ T31] audit: type=1400 audit(231.810:3): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=8347 comm="syz.0.411" saddr=0.0.0.224 src=20000 daddr=224.0.0.1 dest=20000 netif=wpan0 [ 232.537109][ T8348] netlink: 132 bytes leftover after parsing attributes in process `syz.0.411'. [ 232.543801][ T8352] netlink: 4 bytes leftover after parsing attributes in process `syz.3.412'. [ 232.554028][ T8352] erspan0: entered promiscuous mode [ 232.555768][ T8352] macvtap2: entered promiscuous mode [ 232.557920][ T8352] macvtap2: entered allmulticast mode [ 232.559575][ T8352] erspan0: entered allmulticast mode [ 234.812096][ T8371] loop1: detected capacity change from 0 to 1024 [ 234.843410][ T8371] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 234.843522][ T8371] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 234.850142][ T8371] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #5: comm syz.1.417: unexpected bad inode w/o EXT4_IGET_BAD [ 234.855415][ T8371] EXT4-fs (loop1): Remounting filesystem read-only [ 234.857320][ T8371] EXT4-fs (loop1): no journal found [ 234.860131][ T8371] EXT4-fs (loop1): can't get journal size [ 234.862967][ T8371] EXT4-fs (loop1): failed to initialize system zone (-117) [ 234.865305][ T8371] EXT4-fs (loop1): mount failed [ 240.748449][ T8414] cgroup: fork rejected by pids controller in /syz0 [ 241.681346][ T8451] loop3: detected capacity change from 0 to 256 [ 242.242448][ T8460] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 242.736256][ T8465] loop4: detected capacity change from 0 to 2048 [ 242.747407][ T8465] EXT4-fs: Ignoring removed orlov option [ 242.747462][ T8465] EXT4-fs: Ignoring removed nomblk_io_submit option [ 242.941527][ T8451] FAT-fs (loop3): Directory bread(block 64) failed [ 242.943450][ T8451] FAT-fs (loop3): Directory bread(block 65) failed [ 242.945588][ T8451] FAT-fs (loop3): Directory bread(block 66) failed [ 242.947603][ T8451] FAT-fs (loop3): Directory bread(block 67) failed [ 242.955579][ T8451] FAT-fs (loop3): Directory bread(block 68) failed [ 242.956589][ T8451] FAT-fs (loop3): Directory bread(block 69) failed [ 242.956664][ T8451] FAT-fs (loop3): Directory bread(block 70) failed [ 242.956706][ T8451] FAT-fs (loop3): Directory bread(block 71) failed [ 242.956765][ T8451] FAT-fs (loop3): Directory bread(block 72) failed [ 242.956805][ T8451] FAT-fs (loop3): Directory bread(block 73) failed [ 243.731646][ T8465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.177980][ T8474] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 249.493929][ T2410] ieee802154 phy0 wpan0: encryption failed: -22 [ 252.097887][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.451'. [ 254.971229][ T8570] netlink: 'syz.4.460': attribute type 1 has an invalid length. [ 255.130774][ T8570] 8021q: adding VLAN 0 to HW filter on device bond1 [ 256.126803][ T8575] bond1: (slave gretap1): making interface the new active one [ 256.140414][ T8575] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 258.145550][ T8601] loop1: detected capacity change from 0 to 256 [ 258.173026][ T8601] FAT-fs (loop1): Directory bread(block 64) failed [ 258.173104][ T8601] FAT-fs (loop1): Directory bread(block 65) failed [ 258.173161][ T8601] FAT-fs (loop1): Directory bread(block 66) failed [ 258.173194][ T8601] FAT-fs (loop1): Directory bread(block 67) failed [ 258.173243][ T8601] FAT-fs (loop1): Directory bread(block 68) failed [ 258.173275][ T8601] FAT-fs (loop1): Directory bread(block 69) failed [ 258.173324][ T8601] FAT-fs (loop1): Directory bread(block 70) failed [ 258.173368][ T8601] FAT-fs (loop1): Directory bread(block 71) failed [ 258.173428][ T8601] FAT-fs (loop1): Directory bread(block 72) failed [ 258.173461][ T8601] FAT-fs (loop1): Directory bread(block 73) failed [ 260.174107][ T8618] netlink: 'syz.1.475': attribute type 1 has an invalid length. [ 260.312815][ T8618] 8021q: adding VLAN 0 to HW filter on device bond2 [ 260.389355][ T8624] bond2: (slave gretap1): making interface the new active one [ 260.398056][ T8624] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 260.673266][ T8628] netlink: 'syz.2.474': attribute type 10 has an invalid length. [ 260.673468][ T8628] netlink: 55 bytes leftover after parsing attributes in process `syz.2.474'. [ 261.157606][ T8630] loop1: detected capacity change from 0 to 512 [ 261.192740][ T8630] EXT4-fs: Ignoring removed mblk_io_submit option [ 261.196775][ T8630] EXT4-fs: inline encryption not supported [ 261.218786][ T8630] EXT4-fs: Ignoring removed mblk_io_submit option [ 261.231438][ T8630] EXT4-fs (loop1): Test dummy encryption mode enabled [ 261.233608][ T8630] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 261.241383][ T8630] EXT4-fs (loop1): 1 truncate cleaned up [ 261.244932][ T8630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.340604][ T8634] Bluetooth: MGMT ver 1.23 [ 261.404272][ T6516] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.455009][ T8639] loop3: detected capacity change from 0 to 1024 [ 262.557866][ T8649] loop1: detected capacity change from 0 to 2048 [ 263.084125][ T8656] loop3: detected capacity change from 0 to 512 [ 263.677364][ T8660] loop1: detected capacity change from 0 to 64 [ 263.688128][ T8656] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 263.688261][ T8656] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 263.688286][ T8656] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.484: Corrupt directory, running e2fsck is recommended [ 263.692329][ T8656] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 263.692570][ T8656] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.484: corrupted in-inode xattr: invalid ea_ino [ 263.694048][ T8656] EXT4-fs (loop3): Remounting filesystem read-only [ 263.694937][ T8656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.851624][ T8655] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 264.794193][ T6521] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.105778][ T8718] loop1: detected capacity change from 0 to 512 [ 268.464239][ T8718] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 269.101287][ T8718] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 269.101398][ T8718] System zones: 1-12 [ 269.107314][ T8718] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 269.124301][ T8718] EXT4-fs (loop1): 1 truncate cleaned up [ 269.129258][ T8718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.454972][ T6516] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.353106][ T8777] netlink: 'syz.3.500': attribute type 3 has an invalid length. [ 272.353970][ T8777] netlink: 'syz.3.500': attribute type 3 has an invalid length. [ 274.909677][ T8802] loop3: detected capacity change from 0 to 32768 [ 274.926757][ T8802] bcachefs (/dev/loop3): error validating superblock: Not a bcachefs superblock layout [ 274.926874][ T8802] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout [ 283.368950][ T8883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.524'. [ 283.423373][ T8879] bond1: (slave veth0_to_bond): Releasing active interface [ 283.425661][ T8879] bond1: (slave veth0_to_bond): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 283.426781][ T8885] netlink: 'syz.2.521': attribute type 1 has an invalid length. [ 283.426823][ T8885] netlink: 'syz.2.521': attribute type 4 has an invalid length. [ 283.426846][ T8885] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.521'. [ 283.427949][ T8885] netlink: 'syz.2.521': attribute type 1 has an invalid length. [ 283.427979][ T8885] netlink: 'syz.2.521': attribute type 4 has an invalid length. [ 283.428002][ T8885] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.521'. [ 283.454387][ T8879] bond1: (slave vlan2): making interface the new active one [ 283.456855][ T8879] veth1: entered promiscuous mode [ 283.499021][ T8879] bridge2: port 1(veth0_to_bond) entered blocking state [ 283.501314][ T8879] bridge2: port 1(veth0_to_bond) entered disabled state [ 283.503505][ T8879] veth0_to_bond: entered allmulticast mode [ 283.506885][ T8879] veth0_to_bond: entered promiscuous mode [ 283.571717][ T8888] loop3: detected capacity change from 0 to 512 [ 283.575921][ T8888] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 283.586296][ T8888] EXT4-fs (loop3): 1 truncate cleaned up [ 283.604473][ T8888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.237236][ T8888] EXT4-fs error (device loop3): ext4_get_verity_descriptor_location:298: inode #15: comm syz.3.527: verity file has no extents [ 284.472868][ T8888] fs-verity (loop3, inode 15): Error -117 getting verity descriptor size [ 285.610727][ T8892] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set [ 285.644607][ T6521] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.732638][ T8953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 290.733072][ T8953] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 293.317842][ T31] audit: type=1326 audit(293.030:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.317924][ T31] audit: type=1326 audit(293.030:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.318291][ T31] audit: type=1326 audit(293.030:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.318467][ T31] audit: type=1326 audit(293.030:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.318779][ T31] audit: type=1326 audit(293.030:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=242 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.318835][ T31] audit: type=1326 audit(293.030:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.319111][ T31] audit: type=1326 audit(293.030:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.319410][ T31] audit: type=1326 audit(293.030:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 293.319464][ T31] audit: type=1326 audit(293.030:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8962 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8675a9a8 code=0x7ffc0000 [ 294.702820][ T8979] loop3: detected capacity change from 0 to 64 [ 295.126102][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.556'. [ 296.409263][ C0] ------------[ cut here ]------------ [ 296.409453][ C0] WARNING: CPU: 0 PID: 8992 at net/mac80211/tx.c:5024 __ieee80211_beacon_get+0xf64/0x12c0 [ 296.413819][ C0] Modules linked in: [ 296.415012][ C0] CPU: 0 UID: 0 PID: 8992 Comm: syz.2.551 Not tainted 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT [ 296.418082][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 296.420940][ C0] pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 296.423119][ C0] pc : __ieee80211_beacon_get+0xf64/0x12c0 [ 296.424729][ C0] lr : __ieee80211_beacon_get+0xf64/0x12c0 [ 296.426403][ C0] sp : ffff800080007a40 [ 296.427544][ C0] x29: ffff800080007a80 x28: ffffffffffffe3b0 x27: 0000000000000001 [ 296.429832][ C0] x26: 0000000000000041 x25: ffff0000cdc4d000 x24: 0000000000000000 [ 296.432090][ C0] x23: ffff0000d8398e40 x22: ffff800080007b00 x21: ffff0000f7172500 [ 296.434334][ C0] x20: dfff800000000000 x19: ffff0000f71729d0 x18: 1fffe000337dc876 [ 296.436539][ C0] x17: 00000000ffff0000 x16: ffff80008051eb44 x15: ffff700010000f61 [ 296.438831][ C0] x14: 0000000000000000 x13: 0000000000000007 x12: 0000000000ff0100 [ 296.441086][ C0] x11: ffff0000c8538000 x10: 0000000000ff0100 x9 : 0000000000000000 [ 296.443300][ C0] x8 : ffff0000c8538000 x7 : 0000000000000000 x6 : 0000000000000000 [ 296.445615][ C0] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80008a7facd0 [ 296.447896][ C0] x2 : 000000000000000a x1 : 0000000000000000 x0 : 0000000000000000 [ 296.450139][ C0] Call trace: [ 296.451055][ C0] __ieee80211_beacon_get+0xf64/0x12c0 (P) [ 296.452726][ C0] ieee80211_beacon_get_tim+0xb8/0x244 [ 296.454396][ C0] mac80211_hwsim_beacon_tx+0x314/0x6e0 [ 296.455958][ C0] __iterate_interfaces+0x250/0x504 [ 296.457473][ C0] ieee80211_iterate_active_interfaces_atomic+0xd4/0x180 [ 296.459486][ C0] mac80211_hwsim_beacon+0xc8/0x1b8 [ 296.461006][ C0] __hrtimer_run_queues+0x41c/0xb78 [ 296.462490][ C0] hrtimer_run_softirq+0x160/0x400 [ 296.464009][ C0] handle_softirqs+0x328/0xc88 [ 296.465373][ C0] __do_softirq+0x14/0x20 [ 296.466664][ C0] ____do_softirq+0x14/0x20 [ 296.467890][ C0] call_on_irq_stack+0x24/0x30 [ 296.469217][ C0] do_softirq_own_stack+0x20/0x2c [ 296.470632][ C0] __irq_exit_rcu+0x1b0/0x478 [ 296.471934][ C0] irq_exit_rcu+0x14/0x84 [ 296.473182][ C0] el1_interrupt+0x38/0x54 [ 296.474430][ C0] el1h_64_irq_handler+0x18/0x24 [ 296.475816][ C0] el1h_64_irq+0x6c/0x70 [ 296.476961][ C0] arch_local_irq_restore+0x8/0xc (P) [ 296.478439][ C0] __might_resched+0x48/0x4c4 [ 296.479799][ C0] __might_sleep+0x94/0x110 [ 296.481051][ C0] __might_fault+0x7c/0x124 [ 296.482369][ C0] _inline_copy_from_user+0x3c/0x180 [ 296.483869][ C0] ___sys_recvmsg+0x11c/0x45c [ 296.485219][ C0] do_recvmmsg+0x294/0x7cc [ 296.486477][ C0] __arm64_sys_recvmmsg+0x17c/0x238 [ 296.487910][ C0] invoke_syscall+0x98/0x2b8 [ 296.489256][ C0] el0_svc_common+0x130/0x23c [ 296.490569][ C0] do_el0_svc+0x48/0x58 [ 296.491733][ C0] el0_svc+0x58/0x17c [ 296.492892][ C0] el0t_64_sync_handler+0x78/0x108 [ 296.494381][ C0] el0t_64_sync+0x198/0x19c [ 296.495672][ C0] irq event stamp: 100019 [ 296.496930][ C0] hardirqs last enabled at (100018): [] _raw_spin_unlock_irqrestore+0x38/0x98 [ 296.499902][ C0] hardirqs last disabled at (100019): [] el1_dbg+0x24/0x80 [ 296.502394][ C0] softirqs last enabled at (99706): [] handle_softirqs+0xaf8/0xc88 [ 296.505082][ C0] softirqs last disabled at (99947): [] __do_softirq+0x14/0x20 [ 296.507625][ C0] ---[ end trace 0000000000000000 ]---