last executing test programs: 42.305143992s ago: executing program 1 (id=2): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800010000000000040004800800020001000000180008801400078008000600a60000000800055108"], 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) 42.137687299s ago: executing program 2 (id=3): r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_buf(r0, 0x1, 0x37, 0x0, 0x0) 42.048063392s ago: executing program 1 (id=5): mkdir(&(0x7f0000001a80)='./file0\x00', 0xd2) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xff, 0x8, 0x7ffc1ffb}]}) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 41.913427859s ago: executing program 2 (id=6): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f0000000380)='syzkaller\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) close(0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010007b0000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0) 41.86404214s ago: executing program 1 (id=7): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) semop(0x0, 0x0, 0x0) 41.544009394s ago: executing program 1 (id=8): openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="000000008a"], 0x48) 41.543557044s ago: executing program 2 (id=9): socket(0x1, 0x5, 0x0) epoll_create1(0x80000) socket$caif_stream(0x25, 0x1, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000100)=ANY=[], 0x18) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x8) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x5c}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000030605000000000000050000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) 41.351827832s ago: executing program 2 (id=11): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2) 26.349674454s ago: executing program 32 (id=8): openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="000000008a"], 0x48) 26.218931309s ago: executing program 33 (id=11): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2) 17.424597685s ago: executing program 3 (id=117): r0 = socket$inet_sctp(0x2, 0x5, 0x84) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) getpid() r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="2b6853affe126c6220"], 0x9) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r7 = gettid() prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x18, 0x7ffc1fff}]}) rt_tgsigqueueinfo(0x0, r7, 0x7, &(0x7f00000019c0)={0x0, 0x3, 0x4}) r8 = socket(0x10, 0x3, 0x0) write(r8, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14) recvmmsg(r8, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0) syz_usbip_server_init(0x6) openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x300}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000, 0x40000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x80000001}, {}, {0x0, 0x10}, {0x0, 0x470a, 0x0, 0x8000000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xffb}, {0x0, 0x0, 0x0, 0x8000000, 0x80000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffc, 0x5}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x8, 0x0, 0x3}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5, 0x0, 0x0, 0x0, 0x0, 0xd2f8}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0x0, 0x0, 0x0, 0x200}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3, 0xfffffffe}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xfffffffc}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x4, 0x2, 0x2000000, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x10000, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d, 0x0, 0x10000}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4, 0x2}, {0x0, 0x3}, {0xffffffff, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x4}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x4}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16.976439594s ago: executing program 0 (id=120): socket(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000040000000000000000040000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000018c0000000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000600003805c000080080003400000000250000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c0002400000000000000010200001800e000100636f6e6e6c696d69740000000c000280080001"], 0x110}}, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) fsopen(0x0, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, 0x0, 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==") r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a310000000005000100ecffffff330007801800018014000240fe8000000000000080000000000000bb060004400e1f00000500070088000000060005404e"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) 16.867450599s ago: executing program 0 (id=121): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0) 16.807290672s ago: executing program 0 (id=122): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2) readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x13) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 16.680019027s ago: executing program 3 (id=123): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20842, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1, 0x1, r0}}, 0x40) r4 = socket(0x10, 0x3, 0x0) dup3(r4, r3, 0x0) 16.638724578s ago: executing program 3 (id=124): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) socket$nl_route(0x10, 0x3, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r3) r4 = gettid() socket$kcm(0x10, 0x3, 0x10) syz_open_procfs$namespace(r4, &(0x7f0000000000)='ns/uts\x00') r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f00000023c0)=r4) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x14, 0x10, 0x701, 0x0, 0x0, {0xa}, [@generic]}, 0x14}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000000c0)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000020}, 0x800) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) r7 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r7, &(0x7f0000000a40)={0xa, 0x4e02, 0x7ffe, @remote, 0x9}, 0x1c) sendmsg(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r5) 16.547572142s ago: executing program 3 (id=125): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070000000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10) r4 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) 16.494518145s ago: executing program 3 (id=126): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x900, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffe0, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x38}}, 0x4008800) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 16.347682801s ago: executing program 3 (id=127): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, 0x0, 0x16) write$nci(r0, &(0x7f0000000240)=@NCI_OP_CORE_SET_CONFIG_RSP={0x0, 0x0, 0x2, 0x2, 0x4, {0x1, 0x2, "cd42"}}, 0x7) 15.940133998s ago: executing program 0 (id=128): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0) 15.90514556s ago: executing program 0 (id=129): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) setreuid(0x0, 0x0) 15.828247733s ago: executing program 0 (id=130): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000e00)={0x0, 0x18, 0xfa00, {0x1, &(0x7f000000bb00)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0xfefe, 0x807, @empty, 0x3aa7}, @ib={0x1b, 0xffff, 0xfffffffd, {}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000080)={0x10, 0x30, 0xfa00, {0x0, 0x4, {0xa, 0x4e24, 0x0, @remote, 0x100}, r1}}, 0x38) 1.000265187s ago: executing program 34 (id=127): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, 0x0, 0x16) write$nci(r0, &(0x7f0000000240)=@NCI_OP_CORE_SET_CONFIG_RSP={0x0, 0x0, 0x2, 0x2, 0x4, {0x1, 0x2, "cd42"}}, 0x7) 0s ago: executing program 35 (id=130): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000e00)={0x0, 0x18, 0xfa00, {0x1, &(0x7f000000bb00)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0xfefe, 0x807, @empty, 0x3aa7}, @ib={0x1b, 0xffff, 0xfffffffd, {}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000080)={0x10, 0x30, 0xfa00, {0x0, 0x4, {0xa, 0x4e24, 0x0, @remote, 0x100}, r1}}, 0x38) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts. [ 63.979797][ T5775] cgroup: Unknown subsys name 'net' [ 64.140764][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 65.556384][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.628417][ T5788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.636996][ T5788] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.649141][ T5788] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.659207][ T5790] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.667217][ T5790] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.680292][ T5790] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.690333][ T5790] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.725878][ T5797] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.740030][ T5792] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.743774][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.747760][ T5792] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.757256][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.762139][ T5797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.770275][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.777222][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.789975][ T5792] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.797526][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.797651][ T5792] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.812792][ T5792] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.822026][ T5792] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.829795][ T5792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.829831][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.852254][ T5788] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.859814][ T5788] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.293600][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 68.309296][ T5796] chnl_net:caif_netlink_parms(): no params data found [ 68.398821][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 68.488832][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 68.563321][ T5796] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.571479][ T5796] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.579878][ T5796] bridge_slave_0: entered allmulticast mode [ 68.586899][ T5796] bridge_slave_0: entered promiscuous mode [ 68.596419][ T5796] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.603553][ T5796] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.610849][ T5796] bridge_slave_1: entered allmulticast mode [ 68.618015][ T5796] bridge_slave_1: entered promiscuous mode [ 68.661510][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.668975][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.676331][ T5785] bridge_slave_0: entered allmulticast mode [ 68.683049][ T5785] bridge_slave_0: entered promiscuous mode [ 68.699775][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.707674][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.714955][ T5789] bridge_slave_0: entered allmulticast mode [ 68.721706][ T5789] bridge_slave_0: entered promiscuous mode [ 68.732556][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.739776][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.747069][ T5785] bridge_slave_1: entered allmulticast mode [ 68.753763][ T5785] bridge_slave_1: entered promiscuous mode [ 68.773120][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.780659][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.788797][ T5789] bridge_slave_1: entered allmulticast mode [ 68.795618][ T5789] bridge_slave_1: entered promiscuous mode [ 68.824731][ T5796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.836370][ T5796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.905237][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.917440][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.937020][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.944310][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.951529][ T5793] bridge_slave_0: entered allmulticast mode [ 68.964620][ T5793] bridge_slave_0: entered promiscuous mode [ 68.973479][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.015803][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.023030][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.030808][ T5793] bridge_slave_1: entered allmulticast mode [ 69.037821][ T5793] bridge_slave_1: entered promiscuous mode [ 69.057972][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.081996][ T5796] team0: Port device team_slave_0 added [ 69.090976][ T5789] team0: Port device team_slave_0 added [ 69.122964][ T5796] team0: Port device team_slave_1 added [ 69.141255][ T5789] team0: Port device team_slave_1 added [ 69.160225][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.173343][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.185793][ T5785] team0: Port device team_slave_0 added [ 69.230444][ T5785] team0: Port device team_slave_1 added [ 69.246917][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.253892][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.281021][ T5796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.293662][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.301137][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.327153][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.340009][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.347113][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.373390][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.399064][ T5793] team0: Port device team_slave_0 added [ 69.418679][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.425809][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.451747][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.463352][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.470470][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.496739][ T5796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.525083][ T5793] team0: Port device team_slave_1 added [ 69.532082][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.539773][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.565811][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.653872][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.661126][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.687326][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.701994][ T5789] hsr_slave_0: entered promiscuous mode [ 69.708363][ T5789] hsr_slave_1: entered promiscuous mode [ 69.720274][ T5785] hsr_slave_0: entered promiscuous mode [ 69.727710][ T5785] hsr_slave_1: entered promiscuous mode [ 69.733694][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.742320][ T5785] Cannot create hsr debugfs directory [ 69.760106][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.767410][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.793407][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.834802][ T51] Bluetooth: hci0: command tx timeout [ 69.837648][ T5796] hsr_slave_0: entered promiscuous mode [ 69.847026][ T5796] hsr_slave_1: entered promiscuous mode [ 69.853036][ T5796] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.861224][ T5796] Cannot create hsr debugfs directory [ 69.914126][ T5788] Bluetooth: hci3: command tx timeout [ 69.914214][ T5790] Bluetooth: hci1: command tx timeout [ 69.919857][ T51] Bluetooth: hci2: command tx timeout [ 69.999947][ T5793] hsr_slave_0: entered promiscuous mode [ 70.006793][ T5793] hsr_slave_1: entered promiscuous mode [ 70.013046][ T5793] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.021495][ T5793] Cannot create hsr debugfs directory [ 70.314998][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 70.327602][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 70.341151][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 70.351288][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.410104][ T5796] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.429419][ T5796] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.446174][ T5796] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.458052][ T5796] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.540928][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.579310][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.589391][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.600880][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.658703][ T5793] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.671312][ T5793] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.692176][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.700856][ T5793] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.710471][ T5793] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.808317][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.823669][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.831135][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.862913][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.870155][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.923576][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.963065][ T5796] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.009437][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.016627][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.030081][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.037222][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.056731][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.091116][ T5785] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.127042][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.158187][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.208968][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.216260][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.239106][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.297697][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.304976][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.349081][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.356311][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.390515][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.397747][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.473208][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.523151][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.530545][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.621755][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.701079][ T5785] veth0_vlan: entered promiscuous mode [ 71.744938][ T5785] veth1_vlan: entered promiscuous mode [ 71.786898][ T5796] veth0_vlan: entered promiscuous mode [ 71.851156][ T5796] veth1_vlan: entered promiscuous mode [ 71.878899][ T5785] veth0_macvtap: entered promiscuous mode [ 71.896783][ T5785] veth1_macvtap: entered promiscuous mode [ 71.915481][ T51] Bluetooth: hci0: command tx timeout [ 71.959380][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.987422][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.994506][ T51] Bluetooth: hci1: command tx timeout [ 72.004742][ T51] Bluetooth: hci2: command tx timeout [ 72.004753][ T5790] Bluetooth: hci3: command tx timeout [ 72.010680][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.039817][ T5796] veth0_macvtap: entered promiscuous mode [ 72.060444][ T5796] veth1_macvtap: entered promiscuous mode [ 72.072941][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.086615][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.096050][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.105172][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.113872][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.159723][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.171578][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.182928][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.203174][ T5789] veth0_vlan: entered promiscuous mode [ 72.219211][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.230255][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.242056][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.277751][ T5796] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.288830][ T5796] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.297840][ T5796] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.307537][ T5796] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.330867][ T5789] veth1_vlan: entered promiscuous mode [ 72.376422][ T5793] veth0_vlan: entered promiscuous mode [ 72.412616][ T5793] veth1_vlan: entered promiscuous mode [ 72.458653][ T5789] veth0_macvtap: entered promiscuous mode [ 72.466342][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.471361][ T5789] veth1_macvtap: entered promiscuous mode [ 72.476554][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.525488][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.539059][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.549621][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.560826][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.572309][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.592463][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.606715][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.613011][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.625427][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.640446][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.651084][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.662742][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.695473][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.704611][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.713321][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.722860][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.736765][ T5793] veth0_macvtap: entered promiscuous mode [ 72.749382][ T5793] veth1_macvtap: entered promiscuous mode [ 72.758980][ T137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.771408][ T137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.872746][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.892159][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.920227][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.932672][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.934162][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.958070][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.971144][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.987910][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.001182][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.018660][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.031294][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.060209][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.075577][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.085605][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.096113][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.108289][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.119336][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.131746][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.175748][ T5793] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.204083][ T5793] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.212833][ T5793] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.234101][ T5793] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.254965][ T137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.262826][ T137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.322778][ T27] audit: type=1326 audit(1763745638.958:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69b8b8f749 code=0x7ffc0000 [ 73.421756][ T27] audit: type=1326 audit(1763745638.968:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69b8b8f749 code=0x7ffc0000 [ 73.475292][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.483164][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.506247][ T27] audit: type=1326 audit(1763745638.998:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f69b8b8f749 code=0x7ffc0000 [ 73.563625][ T5885] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6'. [ 73.580853][ T27] audit: type=1326 audit(1763745638.998:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69b8b8f749 code=0x7ffc0000 [ 73.618417][ T137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.653807][ T137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.702029][ T27] audit: type=1326 audit(1763745638.998:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69b8b8f749 code=0x7ffc0000 [ 73.997844][ T5790] Bluetooth: hci0: command tx timeout [ 74.134641][ T5790] Bluetooth: hci3: command tx timeout [ 74.140498][ T5790] Bluetooth: hci2: command tx timeout [ 74.146537][ T5790] Bluetooth: hci1: command tx timeout [ 75.708011][ T27] audit: type=1326 audit(1763745641.358:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5916 comm="syz.0.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 75.791601][ T27] audit: type=1326 audit(1763745641.358:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5916 comm="syz.0.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 75.826980][ T27] audit: type=1326 audit(1763745641.388:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5916 comm="syz.0.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 75.893991][ T27] audit: type=1326 audit(1763745641.388:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5916 comm="syz.0.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 75.945083][ T27] audit: type=1326 audit(1763745641.398:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5916 comm="syz.0.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 76.032878][ T5923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12'. [ 76.650312][ T5944] syz.0.14[5944]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 76.705155][ T5944] loop0: detected capacity change from 0 to 512 [ 76.720744][ T5944] EXT4-fs: Ignoring removed nobh option [ 76.772829][ T5944] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 76.873758][ T5944] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #3: comm syz.0.14: corrupted inode contents [ 76.949838][ T5944] EXT4-fs (loop0): Remounting filesystem read-only [ 76.995459][ T5944] EXT4-fs (loop0): 1 truncate cleaned up [ 77.012747][ T5944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.062355][ T5944] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.419227][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.274611][ T5968] futex_wake_op: syz.0.17 tries to shift op by -1; fix this program [ 78.297071][ T5968] loop9: detected capacity change from 0 to 7 [ 78.317804][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.327279][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.339752][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.348971][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.360803][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.370024][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.378081][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.387310][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.395902][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.405192][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.417319][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.426546][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.434665][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.443948][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.451833][ T5786] ldm_validate_partition_table(): Disk read failed. [ 78.466625][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.475853][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.485768][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.495439][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.503604][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.512849][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 78.520986][ T5786] Dev loop9: unable to read RDB block 0 [ 78.537345][ T5786] loop9: unable to read partition table [ 78.543464][ T5786] loop9: partition table beyond EOD, truncated [ 78.575741][ T5968] ldm_validate_partition_table(): Disk read failed. [ 78.592716][ T5968] Dev loop9: unable to read RDB block 0 [ 78.603288][ T5968] loop9: unable to read partition table [ 78.612720][ T5968] loop9: partition table beyond EOD, truncated [ 78.620548][ T5968] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 78.620548][ T5968] ) failed (rc=-5) [ 78.778975][ T5981] netlink: 24 bytes leftover after parsing attributes in process `syz.0.18'. [ 79.226179][ T5999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21'. [ 80.054182][ T9] cfg80211: failed to load regulatory.db [ 81.095230][ T6040] tipc: Started in network mode [ 81.100392][ T6040] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711 [ 81.144718][ T6040] tipc: Enabled bearer , priority 10 [ 81.156438][ T27] kauditd_printk_skb: 40 callbacks suppressed [ 81.156451][ T27] audit: type=1326 audit(1763745646.808:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.211079][ T27] audit: type=1326 audit(1763745646.808:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.240026][ T27] audit: type=1326 audit(1763745646.808:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.269894][ T27] audit: type=1326 audit(1763745646.808:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.312486][ T27] audit: type=1326 audit(1763745646.838:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.355991][ T27] audit: type=1326 audit(1763745646.838:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.398098][ T27] audit: type=1326 audit(1763745646.838:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.444080][ T27] audit: type=1326 audit(1763745646.838:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.476914][ T27] audit: type=1326 audit(1763745646.838:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 81.501375][ T27] audit: type=1326 audit(1763745646.848:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.0.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 82.261095][ T788] tipc: Node number set to 4269801494 [ 83.151307][ T6060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'. [ 83.242574][ T6060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'. [ 83.363335][ T6060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'. [ 83.607681][ T6067] netlink: 32 bytes leftover after parsing attributes in process `syz.3.36'. [ 83.843175][ T6071] loop3: detected capacity change from 0 to 512 [ 83.850632][ T6071] ======================================================= [ 83.850632][ T6071] WARNING: The mand mount option has been deprecated and [ 83.850632][ T6071] and is ignored by this kernel. Remove the mand [ 83.850632][ T6071] option from the mount to silence this warning. [ 83.850632][ T6071] ======================================================= [ 83.955848][ T6071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.972927][ T6071] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.023854][ T6071] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.38: corrupted inode contents [ 84.073017][ T6071] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.38: mark_inode_dirty error [ 84.100812][ T6075] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 84.122855][ T6071] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.38: corrupted inode contents [ 84.158378][ T6071] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.38: mark_inode_dirty error [ 84.217842][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.936423][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.47'. [ 85.476848][ T6099] block device autoloading is deprecated and will be removed. [ 85.491588][ T6099] syz.3.48: attempt to access beyond end of device [ 85.491588][ T6099] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 86.083422][ T6107] netlink: 12 bytes leftover after parsing attributes in process `syz.0.52'. [ 86.379956][ T6112] loop3: detected capacity change from 0 to 128 [ 86.439561][ T6112] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.452461][ T6112] ext4 filesystem being mounted at /26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 86.947093][ T6117] loop0: detected capacity change from 0 to 164 [ 87.016398][ T6117] Unable to read rock-ridge attributes [ 87.430419][ T5789] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 87.535180][ T6122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.56'. [ 87.607282][ T6124] loop0: detected capacity change from 0 to 128 [ 87.638282][ T6124] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 87.660785][ T6124] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 87.744354][ T5793] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 87.979307][ T6136] binfmt_misc: register: failed to install interpreter file ./file0 [ 88.200997][ T6142] loop0: detected capacity change from 0 to 512 [ 88.230921][ T6142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.266133][ T6142] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.284135][ T6142] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #2: comm syz.0.65: corrupted inode contents [ 88.299376][ T6142] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #2: comm syz.0.65: mark_inode_dirty error [ 88.312958][ T6142] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #2: comm syz.0.65: corrupted inode contents [ 88.325412][ T6142] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.65: mark_inode_dirty error [ 88.368522][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.660162][ T6156] loop3: detected capacity change from 0 to 512 [ 88.668249][ T6156] EXT4-fs: Ignoring removed nobh option [ 88.738049][ T6156] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #3: comm syz.3.70: corrupted inode contents [ 88.761185][ T6156] EXT4-fs (loop3): Remounting filesystem read-only [ 88.773654][ T6156] __quota_error: 83 callbacks suppressed [ 88.773672][ T6156] Quota error (device loop3): write_blk: dquota write failed [ 88.793093][ T6156] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 88.822261][ T6156] EXT4-fs (loop3): 1 truncate cleaned up [ 88.832802][ T6156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.859935][ T6156] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.929854][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.702319][ T6167] loop3: detected capacity change from 0 to 512 [ 89.766550][ T6167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.809609][ T6167] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 89.830435][ T6167] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.74: corrupted inode contents [ 89.847225][ T6167] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.74: mark_inode_dirty error [ 89.870016][ T6167] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.74: corrupted inode contents [ 89.887817][ T6167] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.74: mark_inode_dirty error [ 89.940901][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.228771][ T6181] loop3: detected capacity change from 0 to 1024 [ 91.285649][ T6181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 91.298123][ T6181] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.421796][ T1146] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: comm kworker/u4:7: lblock 0 mapped to illegal pblock 0 (length 6) [ 91.458555][ T1146] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 91.476088][ T1146] EXT4-fs (loop3): This should not happen!! Data will be lost [ 91.476088][ T1146] [ 91.491256][ T42] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm kworker/u4:2: bg 0: block 112: padding at end of block bitmap is not set [ 91.513539][ T42] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117 [ 91.530736][ T42] EXT4-fs (loop3): This should not happen!! Data will be lost [ 91.530736][ T42] [ 91.543229][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 91.696676][ T6186] loop3: detected capacity change from 0 to 512 [ 91.724864][ T6186] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 91.801369][ T5157] udevd[5157]: worker [5786] terminated by signal 33 (Unknown signal 33) [ 91.814440][ T6186] Quota error (device loop3): v2_read_file_info: Free block number 58381 out of range (1, 6). [ 91.833148][ T6186] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 91.970071][ T5789] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 92.251899][ T6193] loop3: detected capacity change from 0 to 2048 [ 92.322728][ T6193] Alternate GPT is invalid, using primary GPT. [ 92.329928][ T6193] loop3: p2 p3 p7 [ 92.662546][ T6154] Set syz1 is full, maxelem 65536 reached [ 92.742297][ T6195] netlink: 148 bytes leftover after parsing attributes in process `syz.0.82'. [ 93.808974][ T6200] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.934673][ T6200] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.100255][ T6200] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.380321][ T6200] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.520764][ T6200] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.541888][ T6200] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.563706][ T6200] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.586481][ T6200] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.775843][ T6205] loop0: detected capacity change from 0 to 512 [ 94.783014][ T6205] EXT4-fs: Ignoring removed nobh option [ 94.803886][ T6205] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #3: comm syz.0.86: corrupted inode contents [ 94.830796][ T6205] EXT4-fs (loop0): Remounting filesystem read-only [ 94.836888][ T6191] Set syz1 is full, maxelem 65536 reached [ 94.842671][ T6205] Quota error (device loop0): write_blk: dquota write failed [ 94.851074][ T6205] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 94.865535][ T6205] EXT4-fs (loop0): 1 truncate cleaned up [ 94.873151][ T6205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.889163][ T6205] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.917522][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.982666][ T27] audit: type=1326 audit(1763745660.628:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.009905][ T27] audit: type=1326 audit(1763745660.658:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.037440][ T27] audit: type=1326 audit(1763745660.658:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.060255][ T6210] netlink: 'syz.3.87': attribute type 21 has an invalid length. [ 95.060794][ T27] audit: type=1326 audit(1763745660.658:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.069381][ T6210] netlink: 'syz.3.87': attribute type 1 has an invalid length. [ 95.090869][ T27] audit: type=1326 audit(1763745660.658:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.103798][ T6210] netlink: 144 bytes leftover after parsing attributes in process `syz.3.87'. [ 95.120690][ T27] audit: type=1326 audit(1763745660.678:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.152059][ T27] audit: type=1326 audit(1763745660.688:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.192584][ T27] audit: type=1326 audit(1763745660.688:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.0.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb2d8f749 code=0x7ffc0000 [ 95.411415][ T6223] loop3: detected capacity change from 0 to 512 [ 95.418509][ T6223] EXT4-fs: inline encryption not supported [ 95.426353][ T6223] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 95.439371][ T6223] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2872: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 95.452923][ T6223] EXT4-fs (loop3): 1 truncate cleaned up [ 95.459293][ T6223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.484725][ T6223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.93'. [ 95.559946][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.608351][ T6226] ip6t_srh: unknown srh match flags 4000 [ 95.702230][ T6230] rdma_op ffff8880688469f0 conn xmit_rdma 0000000000000000 [ 95.789166][ T6234] loop3: detected capacity change from 0 to 1024 [ 95.809317][ T6234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 95.821652][ T6234] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.843739][ T6234] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: comm syz.3.98: lblock 0 mapped to illegal pblock 0 (length 1) [ 95.859754][ T6234] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 95.872422][ T6234] EXT4-fs (loop3): This should not happen!! Data will be lost [ 95.872422][ T6234] [ 95.901282][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 96.187256][ T6251] loop0: detected capacity change from 0 to 1024 [ 96.210205][ T6251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 96.224448][ T6251] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.252351][ T6251] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: comm syz.0.105: lblock 0 mapped to illegal pblock 0 (length 1) [ 96.271361][ T6251] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 96.288962][ T6251] EXT4-fs (loop0): This should not happen!! Data will be lost [ 96.288962][ T6251] [ 96.351157][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 96.466648][ T6263] serio: Serial port ptm0 [ 97.317994][ T6270] loop0: detected capacity change from 0 to 512 [ 97.326470][ T6270] EXT4-fs: Ignoring removed i_version option [ 97.332523][ T6270] EXT4-fs: Ignoring removed bh option [ 97.353433][ T6270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.366754][ T6270] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 97.395576][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.761031][ T6279] loop0: detected capacity change from 0 to 128 [ 97.780765][ T6279] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 97.807427][ T6279] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 97.845081][ T6279] netlink: 12 bytes leftover after parsing attributes in process `syz.0.115'. [ 97.933942][ T6285] loop3: detected capacity change from 0 to 1024 [ 97.941448][ T6285] EXT4-fs: Ignoring removed orlov option [ 97.956834][ T6285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.023166][ T6285] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 98.027605][ T6289] loop0: detected capacity change from 0 to 1024 [ 98.040876][ T6289] EXT4-fs: Ignoring removed bh option [ 98.046503][ T6289] EXT4-fs: inline encryption not supported [ 98.053413][ T6289] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 98.066287][ T6289] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 98.080333][ T6289] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.118: lblock 2 mapped to illegal pblock 2 (length 1) [ 98.095908][ T6289] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 48: comm syz.0.118: lblock 0 mapped to illegal pblock 48 (length 1) [ 98.112129][ T6289] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.118: Failed to acquire dquot type 0 [ 98.124362][ T6289] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 98.135712][ T6289] EXT4-fs error (device loop0): ext4_evict_inode:252: inode #11: comm syz.0.118: mark_inode_dirty error [ 98.148484][ T6289] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 98.158964][ T6289] EXT4-fs (loop0): 1 orphan inode deleted [ 98.166141][ T6289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.179112][ T1146] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 98.184847][ T6289] mmap: syz.0.118 (6289) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 98.200473][ T1146] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u4:7: Failed to release dquot type 0 [ 98.233654][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.243075][ T5793] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 98.257670][ T5793] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 98.268394][ T5793] EXT4-fs error (device loop0): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 98.366350][ T6294] loop0: detected capacity change from 0 to 512 [ 98.373261][ T6294] EXT4-fs: Ignoring removed i_version option [ 98.380343][ T6294] EXT4-fs: Ignoring removed bh option [ 98.400269][ T6294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.413360][ T6294] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.441281][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.523433][ T6300] serio: Serial port ptm0 [ 98.585346][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.844675][ T6310] tipc: Enabled bearer , priority 0 [ 98.852199][ T6310] syzkaller0: entered promiscuous mode [ 98.858442][ T6310] syzkaller0: entered allmulticast mode [ 98.868460][ T6310] Zero length message leads to an empty skb [ 98.878584][ T6310] tipc: Resetting bearer [ 98.887690][ T6309] tipc: Resetting bearer [ 98.902674][ T6309] tipc: Disabling bearer [ 132.967474][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.973869][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.397813][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.421862][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 227.674209][ T29] INFO: task kworker/1:5:5855 blocked for more than 143 seconds. [ 227.681981][ T29] Not tainted syzkaller #0 [ 227.687289][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 227.696104][ T29] task:kworker/1:5 state:D stack:24976 pid:5855 ppid:2 flags:0x00004000 [ 227.705379][ T29] Workqueue: events rfkill_global_led_trigger_worker [ 227.712071][ T29] Call Trace: [ 227.715454][ T29] [ 227.718406][ T29] __schedule+0x14d2/0x44d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 227.722929][ T29] ? mark_lock+0x94/0x320 [ 227.727321][ T29] ? asan.module_dtor+0x20/0x20 [ 227.732207][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 227.737539][ T29] schedule+0xbd/0x170 [ 227.741631][ T29] schedule_preempt_disabled+0x13/0x20 [ 227.747273][ T29] __mutex_lock+0x6b7/0xcc0 [ 227.751803][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 227.783972][ T29] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 227.790272][ T29] ? mutex_lock_nested+0x20/0x20 [ 227.818192][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 227.824315][ T29] ? read_lock_is_recursive+0x20/0x20 [ 227.829709][ T29] ? process_scheduled_works+0x957/0x15b0 [ 227.835518][ T29] rfkill_global_led_trigger_worker+0x27/0xd0 [ 227.841597][ T29] ? process_scheduled_works+0x957/0x15b0 [ 227.847433][ T29] process_scheduled_works+0xa45/0x15b0 [ 227.853000][ T29] ? assign_work+0x400/0x400 [ 227.857668][ T29] ? assign_work+0x39e/0x400 [ 227.862249][ T29] worker_thread+0xa55/0xfc0 [ 227.866928][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 227.872822][ T29] ? _raw_spin_unlock+0x40/0x40 [ 227.877675][ T29] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 227.883562][ T29] kthread+0x2fa/0x390 [ 227.887652][ T29] ? pr_cont_work+0x560/0x560 [ 227.892317][ T29] ? kthread_blkcg+0xd0/0xd0 [ 227.896974][ T29] ret_from_fork+0x48/0x80 [ 227.901405][ T29] ? kthread_blkcg+0xd0/0xd0 [ 227.906061][ T29] ret_from_fork_asm+0x11/0x20 [ 227.910837][ T29] [ 227.914013][ T29] INFO: task syz.1.8:5890 blocked for more than 143 seconds. [ 227.921379][ T29] Not tainted syzkaller #0 [ 227.926488][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 227.936184][ T29] task:syz.1.8 state:D stack:27016 pid:5890 ppid:5785 flags:0x00004006 [ 227.945472][ T29] Call Trace: [ 227.948737][ T29] [ 227.951653][ T29] __schedule+0x14d2/0x44d0 [ 227.956298][ T29] ? asan.module_dtor+0x20/0x20 [ 227.961170][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 227.965889][ T29] ? __mutex_trylock_common+0x84/0x250 [ 227.971357][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 227.977598][ T29] schedule+0xbd/0x170 [ 227.981683][ T29] schedule_preempt_disabled+0x13/0x20 [ 227.987144][ T29] __mutex_lock+0x6b7/0xcc0 [ 227.991635][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 227.996479][ T29] ? rfkill_unregister+0xc8/0x220 [ 228.001508][ T29] ? mutex_lock_nested+0x20/0x20 [ 228.006472][ T29] ? kill_device+0x160/0x160 [ 228.011054][ T29] ? nfc_genl_device_removed+0x22e/0x320 [ 228.017817][ T29] ? destroy_workqueue+0x898/0xf20 [ 228.022945][ T29] ? nfc_genl_setup_device_added+0x320/0x320 [ 228.028966][ T29] ? destroy_workqueue+0xd80/0xf20 [ 228.034155][ T29] ? destroy_workqueue+0x898/0xf20 [ 228.039279][ T29] rfkill_unregister+0xc8/0x220 [ 228.044199][ T29] nfc_unregister_device+0x96/0x2a0 [ 228.049403][ T29] ? virtual_ncidev_open+0x1a0/0x1a0 [ 228.054719][ T29] virtual_ncidev_close+0x59/0x90 [ 228.059734][ T29] __fput+0x234/0x970 [ 228.063705][ T29] task_work_run+0x1ce/0x250 [ 228.068330][ T29] ? task_work_cancel+0x240/0x240 [ 228.073342][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 228.078894][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 228.084298][ T29] exit_to_user_mode_prepare+0xf6/0x180 [ 228.089863][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 228.095332][ T29] do_syscall_64+0x61/0xb0 [ 228.099739][ T29] ? clear_bhb_loop+0x40/0x90 [ 228.104439][ T29] ? clear_bhb_loop+0x40/0x90 [ 228.109102][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 228.115060][ T29] RIP: 0033:0x7f69b8b8f749 [ 228.119489][ T29] RSP: 002b:00007ffe65c2cd18 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 228.128060][ T29] RAX: 0000000000000000 RBX: 0000000000012059 RCX: 00007f69b8b8f749 [ 228.136100][ T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 228.144150][ T29] RBP: 00007f69b8de7da0 R08: 0000000000000001 R09: 0000000765c2d00f [ 228.152120][ T29] R10: 0000001b2d620000 R11: 0000000000000246 R12: 00007f69b8de5fac [ 228.160126][ T29] R13: 00007f69b8de5fa0 R14: ffffffffffffffff R15: 00007ffe65c2ce30 [ 228.168133][ T29] [ 228.171152][ T29] INFO: task syz.2.11:5900 blocked for more than 143 seconds. [ 228.178669][ T29] Not tainted syzkaller #0 [ 228.183610][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 228.192326][ T29] task:syz.2.11 state:D stack:25320 pid:5900 ppid:5796 flags:0x00004006 [ 228.201634][ T29] Call Trace: [ 228.204994][ T29] [ 228.207926][ T29] __schedule+0x14d2/0x44d0 [ 228.212429][ T29] ? asan.module_dtor+0x20/0x20 [ 228.217291][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 228.221957][ T29] ? __mutex_trylock_common+0x84/0x250 [ 228.227460][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 228.233608][ T29] schedule+0xbd/0x170 [ 228.237695][ T29] schedule_preempt_disabled+0x13/0x20 [ 228.243139][ T29] __mutex_lock+0x6b7/0xcc0 [ 228.247664][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 228.252331][ T29] ? nfc_rfkill_set_block+0x50/0x2e0 [ 228.257624][ T29] ? mutex_lock_nested+0x20/0x20 [ 228.262552][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 228.267779][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 228.273654][ T29] ? _raw_spin_unlock+0x40/0x40 [ 228.278511][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 228.284059][ T29] nfc_rfkill_set_block+0x50/0x2e0 [ 228.289178][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 228.294672][ T29] rfkill_set_block+0x1c6/0x420 [ 228.299540][ T29] rfkill_fop_write+0x45c/0x570 [ 228.304539][ T29] ? end_current_label_crit_section+0x149/0x170 [ 228.310795][ T29] ? rfkill_fop_read+0x4b0/0x4b0 [ 228.316829][ T29] ? fsnotify_perm+0x5d/0x5e0 [ 228.321526][ T29] ? security_file_permission+0x79/0xa0 [ 228.330485][ T29] do_iter_write+0x50e/0xc70 [ 228.335254][ T29] ? rfkill_fop_read+0x4b0/0x4b0 [ 228.340316][ T29] ? vfs_iter_write+0xa0/0xa0 [ 228.345427][ T29] ? __import_iovec+0x3fa/0x860 [ 228.350302][ T29] ? import_iovec+0x73/0xa0 [ 228.354838][ T29] do_writev+0x252/0x410 [ 228.359091][ T29] ? do_readv+0x3e0/0x3e0 [ 228.363499][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 228.369514][ T29] ? lock_chain_count+0x20/0x20 [ 228.374412][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 228.379608][ T29] do_syscall_64+0x55/0xb0 [ 228.384058][ T29] ? clear_bhb_loop+0x40/0x90 [ 228.388736][ T29] ? clear_bhb_loop+0x40/0x90 [ 228.393396][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 228.399329][ T29] RIP: 0033:0x7fac8818f749 [ 228.403744][ T29] RSP: 002b:00007fac8908a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 228.412236][ T29] RAX: ffffffffffffffda RBX: 00007fac883e5fa0 RCX: 00007fac8818f749 [ 228.420250][ T29] RDX: 0000000000000002 RSI: 0000200000000500 RDI: 0000000000000003 [ 228.428245][ T29] RBP: 00007fac88213f91 R08: 0000000000000000 R09: 0000000000000000 [ 228.436268][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.444329][ T29] R13: 00007fac883e6038 R14: 00007fac883e5fa0 R15: 00007ffc256d0858 [ 228.452314][ T29] [ 228.455398][ T29] [ 228.455398][ T29] Showing all locks held in the system: [ 228.463115][ T29] 1 lock held by khungtaskd/29: [ 228.467984][ T29] #0: ffffffff8cd2fee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 228.477920][ T29] 2 locks held by getty/5548: [ 228.482581][ T29] #0: ffff8880309f20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 228.492335][ T29] #1: ffffc9000328b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 228.502450][ T29] 3 locks held by kworker/1:5/5855: [ 228.507673][ T29] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 228.518740][ T29] #1: ffffc90004fe7d00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 228.532221][ T29] #2: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 228.543535][ T29] 2 locks held by syz.1.8/5890: [ 228.548383][ T29] #0: ffff88805d0f9100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0 [ 228.558216][ T29] #1: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 228.568378][ T29] 2 locks held by syz.2.11/5900: [ 228.573309][ T29] #0: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a2/0x570 [ 228.583399][ T29] #1: ffff88805d0f9100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 228.593064][ T29] 2 locks held by syz-executor/6164: [ 228.598344][ T29] #0: ffff88801df73118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 228.608376][ T29] #1: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 228.618339][ T29] 2 locks held by syz-executor/6166: [ 228.623620][ T29] #0: ffff88807bd55118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 228.633714][ T29] #1: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 228.644215][ T29] 3 locks held by syz.3.127/6312: [ 228.649257][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.657708][ T29] #1: ffff88801d34a100 (&dev->mutex){....}-{3:3}, at: nfc_register_device+0xa1/0x320 [ 228.667289][ T29] #2: ffffffff8e297928 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 228.677211][ T29] 1 lock held by syz.0.130/6322: [ 228.682132][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.690620][ T29] 1 lock held by syz-executor/6329: [ 228.695831][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.704300][ T29] 1 lock held by syz-executor/6331: [ 228.709488][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.718412][ T29] 1 lock held by syz-executor/6334: [ 228.723722][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.732237][ T29] 1 lock held by syz-executor/6335: [ 228.737523][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.746022][ T29] 1 lock held by syz-executor/6341: [ 228.751219][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.759661][ T29] 1 lock held by syz-executor/6343: [ 228.764871][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.773336][ T29] 1 lock held by syz-executor/6346: [ 228.778530][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.786976][ T29] 1 lock held by syz-executor/6347: [ 228.792153][ T29] #0: ffffffff8d4c2788 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5a/0x370 [ 228.800617][ T29] [ 228.802937][ T29] ============================================= [ 228.802937][ T29] [ 228.811585][ T29] NMI backtrace for cpu 1 [ 228.815939][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 228.823132][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 228.833172][ T29] Call Trace: [ 228.836445][ T29] [ 228.839372][ T29] dump_stack_lvl+0x16c/0x230 [ 228.844047][ T29] ? preempt_count_add+0x91/0x1a0 [ 228.849077][ T29] ? show_regs_print_info+0x20/0x20 [ 228.854269][ T29] ? load_image+0x3b0/0x3b0 [ 228.858771][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 228.863703][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 228.869845][ T29] ? _printk+0xd0/0x110 [ 228.873989][ T29] ? load_image+0x3b0/0x3b0 [ 228.878483][ T29] ? load_image+0x3b0/0x3b0 [ 228.882977][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 228.889037][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 228.895010][ T29] watchdog+0xf41/0xf80 [ 228.899157][ T29] ? watchdog+0x1e1/0xf80 [ 228.903477][ T29] kthread+0x2fa/0x390 [ 228.907534][ T29] ? hungtask_pm_notify+0x90/0x90 [ 228.912553][ T29] ? kthread_blkcg+0xd0/0xd0 [ 228.917129][ T29] ret_from_fork+0x48/0x80 [ 228.921535][ T29] ? kthread_blkcg+0xd0/0xd0 [ 228.926113][ T29] ret_from_fork_asm+0x11/0x20 [ 228.930874][ T29] [ 228.934105][ T29] Sending NMI from CPU 1 to CPUs 0: [ 228.939337][ C0] NMI backtrace for cpu 0 [ 228.939346][ C0] CPU: 0 PID: 42 Comm: kworker/u4:2 Not tainted syzkaller #0 [ 228.939359][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 228.939367][ C0] Workqueue: bat_events batadv_nc_worker [ 228.939390][ C0] RIP: 0010:kasan_check_range+0x89/0x290 [ 228.939408][ C0] Code: 00 fc ff df 4d 8d 34 19 4d 89 f4 4d 29 dc 49 83 fc 10 7f 29 4d 85 e4 0f 84 41 01 00 00 4c 89 cb 48 f7 d3 4c 01 fb 41 80 3b 00 <0f> 85 cc 01 00 00 49 ff c3 48 ff c3 75 ee e9 21 01 00 00 44 89 dd [ 228.939420][ C0] RSP: 0018:ffffc90000b378e8 EFLAGS: 00000046 [ 228.939431][ C0] RAX: 0000000000000001 RBX: ffffffffffffffff RCX: ffffffff8167b534 [ 228.939441][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90da85d8 [ 228.939455][ C0] RBP: 0000000000000002 R08: ffffffff90da85df R09: 1ffffffff21b50bb [ 228.939464][ C0] R10: dffffc0000000000 R11: fffffbfff21b50bb R12: 0000000000000001 [ 228.939473][ C0] R13: dffffc0000000000 R14: fffffbfff21b50bc R15: 1ffffffff21b50bb [ 228.939483][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 228.939495][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.939504][ C0] CR2: 00007f84f0e04414 CR3: 000000000cb30000 CR4: 00000000003506f0 [ 228.939517][ C0] Call Trace: [ 228.939522][ C0] [ 228.939529][ C0] mark_lock+0x94/0x320 [ 228.939546][ C0] lockdep_hardirqs_on_prepare+0x240/0x760 [ 228.939563][ C0] ? lock_chain_count+0x20/0x20 [ 228.939579][ C0] ? rcu_is_watching+0x15/0xb0 [ 228.939596][ C0] ? batadv_nc_purge_paths+0x311/0x3a0 [ 228.939615][ C0] trace_hardirqs_on+0x28/0x40 [ 228.939634][ C0] __local_bh_enable_ip+0x12e/0x1c0 [ 228.939648][ C0] ? _local_bh_enable+0xa0/0xa0 [ 228.939662][ C0] ? do_raw_spin_unlock+0x121/0x230 [ 228.939679][ C0] ? batadv_nc_purge_paths+0x311/0x3a0 [ 228.939698][ C0] ? batadv_nc_to_purge_nc_path_coding+0x120/0x120 [ 228.939718][ C0] batadv_nc_purge_paths+0x311/0x3a0 [ 228.939743][ C0] batadv_nc_worker+0x369/0x610 [ 228.939763][ C0] ? process_scheduled_works+0x957/0x15b0 [ 228.939780][ C0] process_scheduled_works+0xa45/0x15b0 [ 228.939806][ C0] ? assign_work+0x400/0x400 [ 228.939824][ C0] ? assign_work+0x39e/0x400 [ 228.939841][ C0] worker_thread+0xa55/0xfc0 [ 228.939866][ C0] kthread+0x2fa/0x390 [ 228.939878][ C0] ? pr_cont_work+0x560/0x560 [ 228.939894][ C0] ? kthread_blkcg+0xd0/0xd0 [ 228.939906][ C0] ret_from_fork+0x48/0x80 [ 228.939922][ C0] ? kthread_blkcg+0xd0/0xd0 [ 228.939935][ C0] ret_from_fork_asm+0x11/0x20 [ 228.939959][ C0] [ 228.940391][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 229.196555][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 229.203735][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 229.213776][ T29] Call Trace: [ 229.217045][ T29] [ 229.219964][ T29] dump_stack_lvl+0x16c/0x230 [ 229.224634][ T29] ? show_regs_print_info+0x20/0x20 [ 229.229822][ T29] ? load_image+0x3b0/0x3b0 [ 229.234318][ T29] panic+0x2c0/0x710 [ 229.238201][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 229.243825][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 229.248315][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 229.253855][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 229.260002][ T29] watchdog+0xf80/0xf80 [ 229.264147][ T29] ? watchdog+0x1e1/0xf80 [ 229.268471][ T29] kthread+0x2fa/0x390 [ 229.272523][ T29] ? hungtask_pm_notify+0x90/0x90 [ 229.277539][ T29] ? kthread_blkcg+0xd0/0xd0 [ 229.282111][ T29] ret_from_fork+0x48/0x80 [ 229.286513][ T29] ? kthread_blkcg+0xd0/0xd0 [ 229.291087][ T29] ret_from_fork_asm+0x11/0x20 [ 229.295848][ T29] [ 229.299082][ T29] Kernel Offset: disabled [ 229.303392][ T29] Rebooting in 86400 seconds..