last executing test programs: 16.387562984s ago: executing program 1 (id=1238): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x8000000000000003}, 0x18) epoll_create(0x1) sendmmsg$inet_sctp(r0, &(0x7f0000000880)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000005c0)="90", 0x1}], 0x1, 0x0, 0x0, 0x4000080}], 0x1, 0x80) 15.435240361s ago: executing program 1 (id=1244): r0 = socket$inet(0x2, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000003000000030"], 0x0, 0x4b}, 0x28) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 14.442588324s ago: executing program 1 (id=1250): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000b00)={0x1c, 0x8, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0) readv(r0, 0x0, 0x0) 13.991985994s ago: executing program 1 (id=1254): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000004f80)={'wlan0\x00', &(0x7f0000004f40)=@ethtool_gfeatures}) 12.310956019s ago: executing program 1 (id=1256): sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x401c5820, 0x0) socket$key(0xf, 0x3, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000cc0)=[{&(0x7f0000000780)="1e", 0x1}], 0x1) recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0xffffffffffffff21, 0x0, 0x0, &(0x7f00000005c0)=""/108, 0x6c}, 0x7fff}], 0x3fffffffffffcbe, 0xfffe, 0x0) 6.075247474s ago: executing program 0 (id=1288): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52}, 0x20) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x17, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250af7a19d98c880e1b30400000000001800000000000000000000000000003db0519c2ae7179490"], &(0x7f0000000000)='GPL\x00'}, 0x80) r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='rdma.max\x00', 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x0}, {0x18, 0x9, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$cgroup_int(r0, &(0x7f0000000080)=0x8, 0x12) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x8, 0x4, 0x4, 0xa}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x18) r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)={0x38, r5, 0x1, 0x1, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x38}}, 0x0) 5.166840882s ago: executing program 0 (id=1292): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb) socket$inet6(0x10, 0x2, 0x4) 3.895590352s ago: executing program 0 (id=1298): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, 0x0}, 0x0) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}, 0x800027}], 0x1, 0x40000023, 0x0) 3.769752333s ago: executing program 5 (id=1301): r0 = socket(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x1ff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ipvlan1\x00'}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24) 3.495652085s ago: executing program 4 (id=1302): sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)="604a772826dea736729103ad8de752c24b2367617ecb7b6e6831a11ecd0b3617817414bf3243278133aeb1ef59f7bb", 0x2f, 0x8011}, 0x4000010) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002000000090001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000"], 0x80}}, 0x0) syz_emit_ethernet(0xbe, &(0x7f00000003c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x2001, 0x8809, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "1347a53d3021a5139e0b16a67d8bbdf3c8d1398f669d8f497480ba7bdf6723af", "e79023c77b7c00eeb5e4746426f7554a33206be2eabec725a3f6137c750e4cc1115ba65040897cc98e3a2ace0f8f7d0f", "09a9b8aa30785ed2965bf722a40b57ac15c66e13d7f2bb4e72ace5a1", {"aeb09b6f68c602a09307161a31964802", "ad3ab87150ab6082a1bb2055b96c223f"}}}}}}}, 0x0) 2.794139188s ago: executing program 0 (id=1304): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) 2.664967032s ago: executing program 3 (id=1305): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r0, 0x27, 0x7, 0x0, &(0x7f0000000080)="f8ad48cc02cb29", 0x0, 0x4, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2.653203186s ago: executing program 5 (id=1306): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x9) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x10, 0x803, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0a00fe1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x39) sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003002908000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r4], 0x5c}}, 0x40) 2.615396722s ago: executing program 4 (id=1307): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000000700)={0x10, 0x0, 0x25dfdbfc, 0x40002}, 0xc) r3 = socket(0x10, 0x803, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000440)="0659c78b5fa534d0ac05c8f700273a1635cf6de99cc5158ce26a9dd396f30ca011c579a2ed7a5b55a6562a7a68b18d1d2e79234fde013a2bab80dd9bd0221f6f7f53854c064b96e147bbd20f3b20eaddf5720cfe840fdfc892cade15489c6770ff984ee56ef5ce186570bc3db6132f4172d21f39b64fd3723b999d66a4ca675d72627455185653045a8be6136dcc4a4921ffab743d315c88dd668041b40e40581bc5436cdc4a2c8e2f42c60fafdb3eecceadfeffbc292586efa867db9df4fc8ae53a6f89e45fb8f8d507ccd8d806e6960aa8fe9b66ee6514a45c827ef81368bddee66abaf92ae3d257cd1f65ce7190bda054c76ec87f866a676fab5cd6e9bf3381c57189fd15c8241bc0a8da0f738646e092efc1ab66ac6ace20039241f153e77df8b4992a93c5f5acaeced51ab64c92e2bc07933c0d95d5c6677c701bf6131abfebeb2c723e0b7d081151c71e38e14df80fd888f2212e98866c4b6750b079315fec406982d663095be8b442a1b5c216b51aa3105d8bf05f6f1f69724fc207e763df08c4dc2bcf2dad05d3c59675b713e1463f415a6e0a0b6f8c74244233e2311adc642a644ad5687afd785de9dbf4dbbe4ffd60071509a9fe968d7a15aaf725a838f9bc7860ed6d28cb690c5fd2eaaa1b819699ce7a07ff6a64f1ce473b84e98d828798b3e2668d0b6e7e42203c51582a6d37fbd1e5d6f8c0dfb12850cae2dfe196fe3162d4b5b6b9ff8f36e1b739614a33f8cb35305ad14505b51608266a34b36aa0712803194198ad7e85d91c6320c9e53d4454b6099f4fd196912053a029d9276f7fcfb999c925218d204c390f7820cc97d911e07633edba859960d1b9", 0x25f}], 0x1, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xbf}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp={0x44, 0x28, 0xec, 0x0, 0x6, [0xe7, 0x0, 0x5, 0x7, 0x1, 0x8000000b, 0x2, 0x80000000, 0x50cd]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x12}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x88}, 0x4000004) sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) socket$packet(0x11, 0x1, 0x300) r5 = accept$packet(r3, &(0x7f0000000280), &(0x7f00000003c0)=0x14) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0xfffffffffffffd81) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c00000010001fff109e00008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a00010000000500090001", @ANYRES32=r6], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0) r7 = socket(0x10, 0x803, 0x2) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000980)=@newlink={0x40, 0x10, 0xffffff1f, 0xfdfffffe, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x101}, @IFLA_GTP_ROLE={0x8, 0x4, 0x2}]}}}]}, 0x40}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r12, 0x40, 0xa6, 0xb}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x20, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="180800000000000000000000000000008510000003000000180000000000000000000000000000009500000000000000ddaa000000"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="0100"], 0x3c}}, 0x0) r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x840, 0x0) ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000240)={'pimreg0\x00', 0x400}) socket(0x10, 0x3, 0x0) 2.442395508s ago: executing program 0 (id=1309): bind$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r1, 0x27, 0xe, 0x0, &(0x7f0000000080)="f8ad48cc02cb29dcc8007f5b88a8", 0x0, 0x4, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x1e) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) unshare(0x6a040000) bpf$MAP_CREATE(0x0, 0x0, 0x50) accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000) 2.259366748s ago: executing program 3 (id=1310): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0) 2.258357581s ago: executing program 5 (id=1311): bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff"], 0x7c}, 0x1, 0x0, 0x0, 0x40054}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)={0x14, 0x0, 0x2, 0x70bd2d, 0xff, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x800) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0) 2.216529809s ago: executing program 2 (id=1312): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00', 0x8000}, 0x1c) 1.876016767s ago: executing program 2 (id=1313): socket(0x18, 0x2, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="ba6eb4e47f", 0x5}], 0x1) r0 = socket(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000100)=0x20000, 0x4) syz_emit_ethernet(0x138, &(0x7f0000000000)=ANY=[@ANYBLOB="ff02"], 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) connect$unix(r0, &(0x7f0000000000), 0x10) write(r0, &(0x7f0000000240)="14bdfa5d1d34e2fecb284a6498307dcda9aec43050036123339a346f737850551408753f95b7688ad4c4e1dd5489e7bafc58d3e5823757ae8b630719ef187ccad995f13dbe19a6dd4e6902bd8297b0799b426aabe9fad9db6996571c6d9f8bb5d542c2148aa42be940970fe88d34d8f99afe7e7820237400000000008000000100"/138, 0xfc7e) 1.872755052s ago: executing program 4 (id=1314): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0x208) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x20007fffffff}, 0x0, 0x0) 1.87193216s ago: executing program 3 (id=1315): r0 = semget(0x0, 0x1, 0x8) semctl$GETALL(r0, 0x0, 0x6, 0x0) 1.592152534s ago: executing program 0 (id=1316): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a) sendfile(r1, r2, 0x0, 0xffffffff000) openat$cgroup_devices(r2, &(0x7f00000000c0)='devices.allow\x00', 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x4) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f00000003c0)={0x9, {{0xa, 0x0, 0x3, @mcast1}}, {{0xa, 0x2, 0x6, @private1, 0xfffffff8}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000500)=ANY=[@ANYBLOB="09000000000000000a00004000000003ff020000000000000000000000000001f300000000000000000000000000000000000000000000000000000000000000000000004ab56b4175f3c960bdc0c7ba9600"/157], 0x90) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140)) close(0xffffffffffffffff) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20048880, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) recvmmsg$unix(r0, &(0x7f0000002380), 0x0, 0x0, 0x0) 1.435308114s ago: executing program 3 (id=1317): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4) r1 = socket(0x10, 0x803, 0x0) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_int(r2, 0x29, 0x1f, 0x0, 0x2d) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r4, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x6, 0x0, {0x0, 0x0, 0x0, 0x0, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r8 = socket(0x10, 0x803, 0x4) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040)=0x1c) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @remote, [], [], 'tunl0\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x7, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x16, 0xe, {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) socket$xdp(0x2c, 0x3, 0x0) r10 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'}) r11 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20) 1.427196475s ago: executing program 2 (id=1318): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f00000035c0)=[{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="b180dccc16eb676ff09b3e4ef26f701d8f128e12dbcad855d38159a05a2fd506", 0x20}, {&(0x7f0000001ac0)="185f70788926e08ce31809863a7db4d975e887eea5dcd974fef9c6ed45a821773237e5d2d329c07c7e1bb2e75ecccfb76e11781c5daab14253f6959a0400da0bf98a0ab829816250cf32206089785600f7c3ee056ab6fdd436f0c3e71740000000d5d70f35c3c55403e6a22e4560ac693ad7777ee6fa583bb090b16aa683c43622ac905f4d784acecc00c00683a9ee1b3366dd0bfbe10544fca550e261a88e69abcb8a9157800055a417f68e377afb1bcb4369605e3d1299c60f888f9c374fb68701ceb777330ee0adbdd15446384714a27a011baba5cee389b648aaacbdb37d", 0xe0}], 0x2, &(0x7f00000002c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x10}], 0x1, 0x84) recvmsg$can_raw(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}], 0x1}, 0x40) 1.40541057s ago: executing program 5 (id=1319): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(r0) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$SIOCSIFHWADDR(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) 1.013842514s ago: executing program 2 (id=1320): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0) recvmmsg(r0, 0x0, 0x0, 0x40000023, 0x0) 711.395048ms ago: executing program 1 (id=1321): r0 = socket(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x1ff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r4, 0x0, 0xd0, &(0x7f0000005900), 0x4) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x3, &(0x7f0000000640)=ANY=[@ANYRES16=r2, @ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000600)='inet_sk_error_report\x00', r5, 0x0, 0x10}, 0x18) writev(0xffffffffffffffff, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1) 672.258471ms ago: executing program 4 (id=1322): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r0, 0x27, 0x7, 0x0, &(0x7f0000000080)="f8ad48cc02cb29", 0x0, 0x4, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 550.166653ms ago: executing program 2 (id=1323): mknod(&(0x7f0000000280)='./file0\x00', 0x1ffa, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x70e, 0x0) setuid(0xffffffffffffffff) ioctl$FIONREAD(r0, 0x80206979, &(0x7f0000000080)) 510.034487ms ago: executing program 3 (id=1324): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) getpid() ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b00000000000500100004000000"], 0x30}}, 0x0) 448.771164ms ago: executing program 5 (id=1325): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0c00990000000000000000000800a000c215000008009f000d000000080026000816"], 0x40}}, 0x0) 267.657498ms ago: executing program 4 (id=1326): pipe(&(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) close(r1) 157.446135ms ago: executing program 3 (id=1327): clock_settime(0x100000000000000, &(0x7f0000000100)={0xfd1ecd02, 0xd}) 112.272967ms ago: executing program 5 (id=1328): semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200}}) r0 = socket(0x18, 0x3, 0x0) connect$unix(r0, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) getsockname$inet(r0, &(0x7f00000000c0), &(0x7f0000000000)=0xffffffffffffff35) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x3, 0x3a) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) getpeername$inet(r2, 0x0, &(0x7f0000000080)) 59.624638ms ago: executing program 2 (id=1329): r0 = socket$inet(0x2, 0x3, 0x2) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) setsockopt$inet_opts(r0, 0x0, 0x64, &(0x7f0000000240)="01000000", 0x4) 0s ago: executing program 4 (id=1330): setgid(0xffffffffffffffff) setgroups(0x0, 0x0) setuid(0xffffffffffffffff) semget(0x0, 0x0, 0x119) kernel console output (not intermixed with test programs): mode [ 113.853588][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.861024][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.887180][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.923758][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.930878][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.957136][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.003412][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.010571][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.036720][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.049157][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 114.056881][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.083803][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 114.097290][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.104273][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.130351][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.173834][ T5835] hsr_slave_0: entered promiscuous mode [ 114.181143][ T5835] hsr_slave_1: entered promiscuous mode [ 114.187629][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.195446][ T5835] Cannot create hsr debugfs directory [ 114.351006][ T5832] hsr_slave_0: entered promiscuous mode [ 114.358542][ T5832] hsr_slave_1: entered promiscuous mode [ 114.364886][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.372639][ T5832] Cannot create hsr debugfs directory [ 114.427134][ T5834] hsr_slave_0: entered promiscuous mode [ 114.433704][ T5834] hsr_slave_1: entered promiscuous mode [ 114.441429][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.450244][ T5834] Cannot create hsr debugfs directory [ 114.527507][ T5840] Bluetooth: hci4: command tx timeout [ 114.527536][ T5848] Bluetooth: hci0: command tx timeout [ 114.533032][ T5849] Bluetooth: hci1: command tx timeout [ 114.606503][ T5849] Bluetooth: hci3: command tx timeout [ 114.606867][ T5848] Bluetooth: hci2: command tx timeout [ 114.612068][ T5849] Bluetooth: hci5: command tx timeout [ 114.641148][ T5833] hsr_slave_0: entered promiscuous mode [ 114.648304][ T5833] hsr_slave_1: entered promiscuous mode [ 114.654537][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.662627][ T5833] Cannot create hsr debugfs directory [ 114.681028][ T5830] hsr_slave_0: entered promiscuous mode [ 114.688162][ T5830] hsr_slave_1: entered promiscuous mode [ 114.694386][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.702204][ T5830] Cannot create hsr debugfs directory [ 115.423307][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 115.440584][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 115.453553][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 115.476911][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 115.544199][ T5832] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 115.556864][ T5832] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 115.578018][ T5832] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 115.610043][ T5832] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 115.678867][ T5833] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 115.716146][ T5833] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 115.735113][ T5833] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 115.758019][ T5833] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 115.873327][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 115.893894][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 115.927305][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 115.940105][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 116.088286][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 116.135202][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 116.147465][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 116.163378][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 116.190732][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.210409][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.347207][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.354775][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 116.369924][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 116.382528][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 116.395262][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 116.415058][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.464748][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.472163][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.502612][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.509814][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.529214][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.536425][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.574784][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.582069][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.606718][ T5840] Bluetooth: hci1: command tx timeout [ 116.606756][ T5848] Bluetooth: hci4: command tx timeout [ 116.612231][ T5849] Bluetooth: hci0: command tx timeout [ 116.687190][ T5849] Bluetooth: hci2: command tx timeout [ 116.688956][ T5848] Bluetooth: hci3: command tx timeout [ 116.692686][ T5849] Bluetooth: hci5: command tx timeout [ 116.702630][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.840776][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.860382][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.882217][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.952775][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.960011][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.044683][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.051922][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.108461][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.130448][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.181688][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.188912][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.244594][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.255578][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.262810][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.280983][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.288533][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.352653][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.385397][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.393302][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.492175][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.499462][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.531889][ T142] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.539311][ T142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.634115][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 117.818112][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.897603][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.186762][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.278480][ T5831] veth0_vlan: entered promiscuous mode [ 118.331005][ T5831] veth1_vlan: entered promiscuous mode [ 118.507993][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.627757][ T5831] veth0_macvtap: entered promiscuous mode [ 118.690415][ T5849] Bluetooth: hci4: command tx timeout [ 118.697515][ T5840] Bluetooth: hci0: command tx timeout [ 118.701154][ T5848] Bluetooth: hci1: command tx timeout [ 118.742763][ T5831] veth1_macvtap: entered promiscuous mode [ 118.766326][ T5848] Bluetooth: hci3: command tx timeout [ 118.766995][ T5849] Bluetooth: hci2: command tx timeout [ 118.771798][ T5848] Bluetooth: hci5: command tx timeout [ 118.848940][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.884451][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.913228][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.982279][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 119.003770][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.017557][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.026961][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.035737][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.190524][ T5832] veth0_vlan: entered promiscuous mode [ 119.201523][ T5830] veth0_vlan: entered promiscuous mode [ 119.290819][ T5832] veth1_vlan: entered promiscuous mode [ 119.301953][ T5830] veth1_vlan: entered promiscuous mode [ 119.375014][ T5833] veth0_vlan: entered promiscuous mode [ 119.418309][ T5833] veth1_vlan: entered promiscuous mode [ 119.445129][ T5835] veth0_vlan: entered promiscuous mode [ 119.458271][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.468751][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.484091][ T5834] veth0_vlan: entered promiscuous mode [ 119.504338][ T5832] veth0_macvtap: entered promiscuous mode [ 119.516436][ T5835] veth1_vlan: entered promiscuous mode [ 119.550925][ T5832] veth1_macvtap: entered promiscuous mode [ 119.562413][ T5834] veth1_vlan: entered promiscuous mode [ 119.620961][ T5830] veth0_macvtap: entered promiscuous mode [ 119.639855][ T5830] veth1_macvtap: entered promiscuous mode [ 119.650355][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.658532][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.678158][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 119.694874][ T5835] veth0_macvtap: entered promiscuous mode [ 119.730697][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 119.778423][ T5832] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.789227][ T5832] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.805357][ T5832] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.815597][ T5832] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.847873][ T5834] veth0_macvtap: entered promiscuous mode [ 119.858559][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 119.862023][ T5835] veth1_macvtap: entered promiscuous mode [ 119.904446][ T5833] veth0_macvtap: entered promiscuous mode [ 119.929972][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 119.952868][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.010077][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.042623][ T5834] veth1_macvtap: entered promiscuous mode [ 120.069911][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.080199][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.092230][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.105011][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.154997][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.183878][ T5833] veth1_macvtap: entered promiscuous mode [ 120.214491][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.224107][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.233868][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.244169][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.374054][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.392876][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.410669][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.433463][ T1050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.458260][ T1050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.491660][ T5833] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.504090][ T5833] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.513669][ T5833] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.523722][ T5833] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.552382][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.615241][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.624218][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.637846][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.646682][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.662675][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.671693][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.813362][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.840692][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.868990][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.885256][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.936173][ T5981] netlink: 'syz.3.9': attribute type 10 has an invalid length. [ 121.020382][ T5981] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 121.050047][ T5982] bridge_slave_0: left allmulticast mode [ 121.059754][ T5982] bridge_slave_0: left promiscuous mode [ 121.066608][ T5982] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.084777][ T5982] bridge_slave_1: left allmulticast mode [ 121.091071][ T5982] bridge_slave_1: left promiscuous mode [ 121.097888][ T5982] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.112307][ T5982] bond0: (slave bond_slave_0): Releasing backup interface [ 121.130894][ T5982] bond0: (slave bond_slave_1): Releasing backup interface [ 121.155275][ T5982] team0: Port device team_slave_0 removed [ 121.171385][ T5982] team0: Port device team_slave_1 removed [ 121.182886][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.193398][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.211562][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.225229][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.255283][ T5982] bond0: (slave wlan1): Releasing backup interface [ 121.290261][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.323357][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.505633][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.551891][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.639557][ T5976] hid-generic 0005:04F3:FFF9.0001: item fetching failed at offset 0/1 [ 121.658220][ T5976] hid-generic 0005:04F3:FFF9.0001: probe with driver hid-generic failed with error -22 [ 121.898765][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.926019][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.067821][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.075733][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.203695][ T5999] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 122.596129][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.626301][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.977113][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.210821][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.566416][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 123.576946][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 123.673782][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 123.771388][ T6019] netdevsim netdevsim2 : renamed from netdevsim0 (while UP) [ 124.016941][ T5976] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 124.047114][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 124.196372][ T5976] usb 6-1: Using ep0 maxpacket: 8 [ 124.232948][ T5976] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 124.256441][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 124.435931][ T5976] usb 6-1: config 179 has no interface number 0 [ 124.442310][ T5976] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 124.518762][ T6028] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'. [ 124.555222][ T5976] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 124.591691][ T5976] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 124.606181][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 124.625420][ T5976] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 124.640377][ T5976] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 124.656001][ T5976] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 124.665218][ T5976] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.685726][ T6015] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 124.696710][ T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!! [ 124.722491][ T5976] xpad 6-1:179.65: probe with driver xpad failed with error -5 [ 124.747581][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 125.050256][ T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!! [ 125.061489][ T5970] usb 6-1: USB disconnect, device number 2 [ 126.071808][ T6058] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28'. [ 126.206169][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 126.258291][ T6058] warning: `syz.5.28' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 126.665691][ T6065] dvmrp0: entered allmulticast mode [ 127.118605][ T6076] netlink: 12 bytes leftover after parsing attributes in process `syz.4.35'. [ 129.159631][ T6096] [U]  [ 133.804705][ T6129] syz_tun: entered allmulticast mode [ 133.832669][ T6131] netlink: 12 bytes leftover after parsing attributes in process `syz.2.50'. [ 134.014554][ T6128] syz_tun: left allmulticast mode [ 135.879992][ T6151] [U]  [ 137.626424][ T6159] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge0 [ 137.944096][ T6173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.65'. [ 138.297995][ T6181] tipc: Started in network mode [ 138.318768][ T6181] tipc: Node identity f6772af73369, cluster identity 4711 [ 138.343159][ T6181] tipc: Enabled bearer , priority 0 [ 138.353314][ T6174] loop4: detected capacity change from 0 to 40427 [ 138.403014][ T6174] F2FS-fs (loop4): invalid crc value [ 138.571325][ T6174] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 138.600078][ T6180] tipc: Disabling bearer [ 140.372851][ T6200] [U]  [ 142.015912][ T6226] batadv1: entered promiscuous mode [ 142.467574][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.474085][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.619665][ T6225] loop0: detected capacity change from 0 to 512 [ 142.769903][ T6225] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.82: casefold flag without casefold feature [ 142.876931][ T6225] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.82: couldn't read orphan inode 15 (err -117) [ 143.057158][ T6225] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.602280][ T6236] overlayfs: failed to resolve './file1': -2 [ 143.609134][ T5976] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 144.233724][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.270538][ T6233] tipc: Enabled bearer , priority 0 [ 144.352037][ T6229] tipc: Disabling bearer [ 144.375909][ T5976] usb 3-1: Using ep0 maxpacket: 8 [ 144.397849][ T5976] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 144.426357][ T5976] usb 3-1: config 179 has no interface number 0 [ 144.462097][ T5976] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 144.500528][ T5976] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 144.534925][ T5833] syz-executor: attempt to access beyond end of device [ 144.534925][ T5833] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 144.559776][ T5976] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 144.616280][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 144.616330][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.616346][ T5833] Call Trace: [ 144.616355][ T5833] [ 144.616366][ T5833] dump_stack_lvl+0x16c/0x1f0 [ 144.616416][ T5833] f2fs_handle_critical_error+0x621/0x9f0 [ 144.616452][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.616486][ T5833] ? f2fs_build_fault_attr+0x53/0x1f0 [ 144.616522][ T5833] f2fs_write_end_io+0x785/0xc20 [ 144.616561][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 144.616601][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.616642][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 144.616677][ T5833] bio_endio+0x70d/0x850 [ 144.616726][ T5833] submit_bio_noacct+0x56d/0x1eb0 [ 144.616769][ T5833] __submit_merged_bio+0x33c/0x770 [ 144.616809][ T5833] __submit_merged_write_cond+0x319/0x3f0 [ 144.616855][ T5833] f2fs_write_cache_pages+0x2067/0x2570 [ 144.616918][ T5833] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 144.616966][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617004][ T5833] ? __kasan_check_byte+0x13/0x50 [ 144.617039][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617074][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617106][ T5833] ? rcu_is_watching+0x12/0xc0 [ 144.617140][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617175][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617222][ T5833] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 144.617307][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617339][ T5833] ? add_lock_to_list+0x9d/0x130 [ 144.617381][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617420][ T5833] f2fs_write_data_pages+0x4ad/0xd90 [ 144.617468][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 144.617508][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617549][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617586][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 144.617631][ T5833] do_writepages+0x27a/0x600 [ 144.617680][ T5833] ? __pfx_do_writepages+0x10/0x10 [ 144.617721][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 144.617752][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.617784][ T5833] ? _raw_spin_unlock+0x28/0x50 [ 144.617826][ T5833] filemap_fdatawrite_wbc+0x104/0x160 [ 144.617870][ T5833] ? __pfx_stack_trace_save+0x10/0x10 [ 144.617909][ T5833] __filemap_fdatawrite_range+0xb2/0xf0 [ 144.617943][ T5833] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 144.617976][ T5833] ? check_path.constprop.0+0x24/0x50 [ 144.618070][ T5833] ? find_held_lock+0x2b/0x80 [ 144.618104][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618137][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 144.618167][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618205][ T5833] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 144.618265][ T5833] block_operations+0x2a3/0xfd0 [ 144.618317][ T5833] ? __pfx_block_operations+0x10/0x10 [ 144.618358][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618433][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618465][ T5833] ? down_write+0x14d/0x200 [ 144.618491][ T5833] ? __pfx_down_write+0x10/0x10 [ 144.618520][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618552][ T5833] ? rcu_is_watching+0x12/0xc0 [ 144.618591][ T5833] f2fs_write_checkpoint+0x2b8/0x4c60 [ 144.618641][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618673][ T5833] ? kfree+0x2b4/0x4d0 [ 144.618714][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618747][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.618787][ T5833] ? f2fs_stop_gc_thread+0x79/0xd0 [ 144.618816][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.618857][ T5833] kill_f2fs_super+0x3c2/0x470 [ 144.618903][ T5833] ? __pfx_kill_f2fs_super+0x10/0x10 [ 144.618946][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.619007][ T5833] deactivate_locked_super+0xc1/0x1a0 [ 144.619037][ T5833] deactivate_super+0xde/0x100 [ 144.619066][ T5833] cleanup_mnt+0x225/0x450 [ 144.619099][ T5833] task_work_run+0x150/0x240 [ 144.619130][ T5833] ? __pfx_task_work_run+0x10/0x10 [ 144.619155][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.619191][ T5833] ? __pfx___x64_sys_umount+0x10/0x10 [ 144.619232][ T5833] exit_to_user_mode_loop+0xeb/0x110 [ 144.619264][ T5833] do_syscall_64+0x3f6/0x4c0 [ 144.619312][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.619339][ T5833] RIP: 0033:0x7fe008f8fc57 [ 144.619361][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 144.619388][ T5833] RSP: 002b:00007ffdd00d90c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 144.619413][ T5833] RAX: 0000000000000000 RBX: 00007fe009010925 RCX: 00007fe008f8fc57 [ 144.619430][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd00d9180 [ 144.619446][ T5833] RBP: 00007ffdd00d9180 R08: 0000000000000000 R09: 0000000000000000 [ 144.619463][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdd00da210 [ 144.619480][ T5833] R13: 00007fe009010925 R14: 0000000000021fba R15: 00007ffdd00da250 [ 144.619516][ T5833] [ 144.619526][ T5833] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 144.637937][ T5976] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 144.859927][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.86'. [ 144.867836][ T5976] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 145.210878][ T5976] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 145.220138][ T5976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.245275][ T6231] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 145.275992][ T5976] xpad 3-1:179.65: probe with driver xpad failed with error -5 [ 145.344537][ T6252] loop0: detected capacity change from 0 to 256 [ 145.371911][ T6252] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 145.415338][ T6252] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 145.466175][ T6252] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 145.619293][ T55] usb 3-1: USB disconnect, device number 2 [ 145.780774][ T6256] Zero length message leads to an empty skb [ 146.315665][ T6262] tipc: Started in network mode [ 146.321096][ T6262] tipc: Node identity 3261c683658b, cluster identity 4711 [ 146.328849][ T6262] tipc: Enabled bearer , priority 0 [ 146.340737][ T6262] syzkaller0: MTU too low for tipc bearer [ 147.216920][ T6262] tipc: Disabling bearer [ 148.654028][ T6286] loop1: detected capacity change from 0 to 128 [ 148.798977][ T6286] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 149.140826][ T6286] FAT-fs (loop1): FAT read failed (blocknr 128) [ 149.236556][ T6291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.103'. [ 149.263640][ T6289] tipc: Started in network mode [ 149.293049][ T6289] tipc: Node identity be43dab9c8db, cluster identity 4711 [ 149.336262][ T6289] tipc: Enabled bearer , priority 0 [ 149.453693][ T6288] tipc: Disabling bearer [ 149.725568][ T6299] loop1: detected capacity change from 0 to 256 [ 149.775955][ T30] audit: type=1326 audit(1750864804.921:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 149.909177][ T6299] exfat: Deprecated parameter 'utf8' [ 149.914600][ T6299] exfat: Unknown parameter 'd-k' [ 150.005929][ T30] audit: type=1326 audit(1750864804.941:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.121771][ T30] audit: type=1326 audit(1750864805.031:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.167872][ T30] audit: type=1326 audit(1750864805.031:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.352303][ T30] audit: type=1326 audit(1750864805.031:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.429018][ T30] audit: type=1326 audit(1750864805.031:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.525173][ T6315] netdevsim netdevsim1 : renamed from netdevsim0 (while UP) [ 150.558099][ T30] audit: type=1326 audit(1750864805.031:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.703816][ T30] audit: type=1326 audit(1750864805.031:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.890828][ T30] audit: type=1326 audit(1750864805.071:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 150.994703][ T30] audit: type=1326 audit(1750864805.071:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.5.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f147af8e929 code=0x7ffc0000 [ 151.576194][ T6332] batadv1: entered promiscuous mode [ 152.613983][ T6344] loop3: detected capacity change from 0 to 256 [ 153.166266][ T6344] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 153.354079][ T6344] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 153.508517][ T6344] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 153.640113][ T6349] syzkaller0: entered promiscuous mode [ 153.780938][ T6349] syzkaller0: entered allmulticast mode [ 153.813830][ T6356] loop5: detected capacity change from 0 to 512 [ 154.761962][ T6356] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.125: casefold flag without casefold feature [ 154.849030][ T6356] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.125: couldn't read orphan inode 15 (err -117) [ 154.932409][ T6356] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.351576][ T6369] overlayfs: failed to resolve './file1': -2 [ 155.963208][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.567732][ T6386] batadv1: entered promiscuous mode [ 161.690319][ T6413] loop5: detected capacity change from 0 to 256 [ 161.746590][ T6413] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 161.770830][ T6406] syzkaller0: entered promiscuous mode [ 161.784509][ T6413] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 161.824470][ T6413] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 161.869521][ T6406] syzkaller0: entered allmulticast mode [ 164.209895][ T6440] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 164.652805][ T6447] loop5: detected capacity change from 0 to 4096 [ 164.710915][ T6447] NILFS (loop5): invalid segment: Checksum error in segment payload [ 164.723110][ T6447] NILFS (loop5): trying rollback from an earlier position [ 164.806318][ T6447] NILFS (loop5): recovery complete [ 164.873548][ T6455] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 164.971178][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 164.971205][ T30] audit: type=1800 audit(1750864820.131:24): pid=6447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.156" name="file1" dev="loop5" ino=12 res=0 errno=0 [ 165.051299][ T30] audit: type=1800 audit(1750864820.181:25): pid=6461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.156" name="file1" dev="loop5" ino=12 res=0 errno=0 [ 166.128471][ T5848] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 166.137818][ T5848] Bluetooth: hci3: Injecting HCI hardware error event [ 166.146266][ T5849] Bluetooth: hci3: hardware error 0x00 [ 167.444002][ T6480] loop1: detected capacity change from 0 to 16 [ 167.499778][ T6480] erofs (device loop1): mounted with root inode @ nid 36. [ 167.613128][ T6480] evm: overlay not supported [ 168.207254][ T5849] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 168.270329][ T6435] batadv1: entered promiscuous mode [ 168.656207][ T6489] netlink: 24 bytes leftover after parsing attributes in process `syz.3.165'. [ 168.985967][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 169.146491][ T6502] netlink: 12 bytes leftover after parsing attributes in process `syz.4.170'. [ 169.255891][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 169.301152][ T43] IPVS: starting estimator thread 0... [ 169.306847][ T6504] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 169.332369][ T24] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 169.361509][ T24] usb 1-1: config 179 has no interface number 0 [ 169.368142][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 169.379530][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 169.455814][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 169.476026][ T6509] IPVS: using max 21 ests per chain, 50400 per kthread [ 169.539730][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 169.598606][ T24] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 169.664222][ T24] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 169.664584][ T6511] loop2: detected capacity change from 0 to 256 [ 169.696194][ T6513] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 169.717743][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.742543][ T6515] pimreg3: entered allmulticast mode [ 169.750342][ T6513] netlink: 16 bytes leftover after parsing attributes in process `syz.3.176'. [ 169.775931][ T6511] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 169.806070][ T6492] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 169.817796][ T6519] netlink: 16 bytes leftover after parsing attributes in process `syz.3.176'. [ 169.847731][ T6511] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 169.848010][ T24] xpad 1-1:179.65: probe with driver xpad failed with error -5 [ 169.931484][ T6511] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 170.134862][ T24] usb 1-1: USB disconnect, device number 2 [ 170.143043][ T6526] loop4: detected capacity change from 0 to 512 [ 171.124222][ T6531] batadv1: entered promiscuous mode [ 171.166071][ T6526] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.180: casefold flag without casefold feature [ 171.413178][ T6526] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.180: couldn't read orphan inode 15 (err -117) [ 171.514745][ T6526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.006851][ T6543] overlayfs: failed to resolve './file1': -2 [ 172.544054][ T6544] netlink: 12 bytes leftover after parsing attributes in process `syz.0.185'. [ 172.787260][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.784914][ T6555] netlink: 12 bytes leftover after parsing attributes in process `syz.0.190'. [ 174.345045][ T6559] netlink: 12 bytes leftover after parsing attributes in process `syz.3.191'. [ 174.720403][ T6569] netlink: 16 bytes leftover after parsing attributes in process `syz.1.194'. [ 174.831529][ T6569] netlink: 16 bytes leftover after parsing attributes in process `syz.1.194'. [ 175.379126][ T6579] batadv1: entered promiscuous mode [ 175.836398][ T6571] platform regulatory.0: loading /lib/firmware/regulatory.db.p7s failed with error -4 [ 175.856072][ T30] audit: type=1800 audit(1750864831.001:26): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.195" name="regulatory.db.p7s" dev="sda1" ino=449 res=0 errno=0 [ 175.954563][ T6571] platform regulatory.0: Direct firmware load for regulatory.db.p7s failed with error -4 [ 176.011460][ T6571] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db.p7s [ 176.163398][ T6586] loop3: detected capacity change from 0 to 512 [ 176.256186][ T6589] netlink: 12 bytes leftover after parsing attributes in process `syz.5.202'. [ 176.282681][ T6586] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.200: casefold flag without casefold feature [ 176.354319][ T6571] syz.0.195 (6571) used greatest stack depth: 17784 bytes left [ 176.398540][ T6586] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.200: couldn't read orphan inode 15 (err -117) [ 176.425049][ T6586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.994654][ T6604] overlayfs: failed to resolve './file1': -2 [ 177.968678][ T6599] usb usb8: usbfs: process 6599 (syz.0.204) did not claim interface 0 before use [ 177.978560][ T6599] capability: warning: `syz.0.204' uses deprecated v2 capabilities in a way that may be insecure [ 178.000909][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.406836][ T6612] input: syz1 as /devices/virtual/input/input5 [ 178.440114][ T6614] netlink: 12 bytes leftover after parsing attributes in process `syz.3.208'. [ 178.895976][ T6625] netlink: 16 bytes leftover after parsing attributes in process `syz.4.213'. [ 179.024749][ T6629] loop0: detected capacity change from 0 to 256 [ 179.074341][ T6629] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.121277][ T6629] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 179.164592][ T6629] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 180.823042][ T6642] loop4: detected capacity change from 0 to 32768 [ 180.899194][ T6642] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 180.907728][ T6642] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 180.944393][ T6642] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 180.956205][ T5842] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 180.963136][ T5842] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 181.154133][ T5842] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 190ms [ 181.345312][ T5842] gfs2: fsid=syz:syz.0: jid=0: Done [ 181.378853][ T6642] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 181.538023][ T6642] gfs2: fsid=syz:syz.0: found 1 quota changes [ 181.653719][ T6649] loop3: detected capacity change from 0 to 8192 [ 181.754961][ T6656] netlink: 'syz.1.222': attribute type 1 has an invalid length. [ 181.823237][ T6656] netlink: 'syz.1.222': attribute type 4 has an invalid length. [ 181.903713][ T6656] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.222'. [ 182.061904][ T6660] IPVS: set_ctl: invalid protocol: 137 127.0.0.1:20003 [ 184.118654][ T6680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.224'. [ 185.408030][ T6689] netlink: 52 bytes leftover after parsing attributes in process `syz.5.232'. [ 185.515879][ T6689] netlink: 52 bytes leftover after parsing attributes in process `syz.5.232'. [ 185.537323][ T6693] netlink: 36 bytes leftover after parsing attributes in process `syz.3.234'. [ 185.580495][ T6695] netlink: 24 bytes leftover after parsing attributes in process `syz.4.235'. [ 185.792287][ T6687] loop5: detected capacity change from 0 to 40427 [ 185.880192][ T6687] F2FS-fs (loop5): invalid crc value [ 186.026028][ T6700] usb usb8: usbfs: process 6700 (syz.2.233) did not claim interface 0 before use [ 186.092549][ T6687] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 186.828095][ T5832] syz-executor: attempt to access beyond end of device [ 186.828095][ T5832] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 186.990355][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 186.990407][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.990429][ T5832] Call Trace: [ 186.990441][ T5832] [ 186.990454][ T5832] dump_stack_lvl+0x16c/0x1f0 [ 186.990518][ T5832] f2fs_handle_critical_error+0x621/0x9f0 [ 186.990566][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.990611][ T5832] ? f2fs_build_fault_attr+0x53/0x1f0 [ 186.990659][ T5832] f2fs_write_end_io+0x785/0xc20 [ 186.990711][ T5832] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 186.990766][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.990822][ T5832] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 186.990870][ T5832] bio_endio+0x70d/0x850 [ 186.990937][ T5832] submit_bio_noacct+0x56d/0x1eb0 [ 186.990995][ T5832] __submit_merged_bio+0x33c/0x770 [ 186.991050][ T5832] __submit_merged_write_cond+0x319/0x3f0 [ 186.991112][ T5832] f2fs_write_cache_pages+0x2067/0x2570 [ 186.991198][ T5832] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 186.991270][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991315][ T5832] ? __lock_acquire+0x622/0x1c90 [ 186.991384][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991473][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991556][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991602][ T5832] ? mod_memcg_lruvec_state+0x394/0x610 [ 186.991671][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991724][ T5832] f2fs_write_data_pages+0x4ad/0xd90 [ 186.991791][ T5832] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 186.991846][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991903][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.991954][ T5832] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 186.992013][ T5832] do_writepages+0x27a/0x600 [ 186.992080][ T5832] ? __pfx_do_writepages+0x10/0x10 [ 186.992137][ T5832] ? do_raw_spin_unlock+0x172/0x230 [ 186.992178][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.992222][ T5832] ? _raw_spin_unlock+0x28/0x50 [ 186.992293][ T5832] filemap_fdatawrite_wbc+0x104/0x160 [ 186.992359][ T5832] __filemap_fdatawrite_range+0xb2/0xf0 [ 186.992405][ T5832] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 186.992508][ T5832] ? find_held_lock+0x2b/0x80 [ 186.992555][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.992601][ T5832] ? do_raw_spin_unlock+0x172/0x230 [ 186.992641][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.992692][ T5832] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 186.992772][ T5832] block_operations+0x2a3/0xfd0 [ 186.992835][ T5832] ? __pfx___schedule+0x10/0x10 [ 186.992890][ T5832] ? __pfx_block_operations+0x10/0x10 [ 186.993004][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993048][ T5832] ? down_write+0x14d/0x200 [ 186.993082][ T5832] ? __pfx_down_write+0x10/0x10 [ 186.993121][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993165][ T5832] ? rcu_is_watching+0x12/0xc0 [ 186.993217][ T5832] f2fs_write_checkpoint+0x2b8/0x4c60 [ 186.993292][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993336][ T5832] ? kfree+0x2b4/0x4d0 [ 186.993392][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993440][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993484][ T5832] ? rcu_is_watching+0x12/0xc0 [ 186.993528][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.993573][ T5832] ? kthread_stop+0x273/0x650 [ 186.993636][ T5832] kill_f2fs_super+0x3c2/0x470 [ 186.993698][ T5832] ? __pfx_kill_f2fs_super+0x10/0x10 [ 186.993758][ T5832] ? lockdep_hardirqs_on+0x7c/0x110 [ 186.993834][ T5832] deactivate_locked_super+0xc1/0x1a0 [ 186.993875][ T5832] deactivate_super+0xde/0x100 [ 186.993915][ T5832] cleanup_mnt+0x225/0x450 [ 186.993959][ T5832] task_work_run+0x150/0x240 [ 186.993999][ T5832] ? __pfx_task_work_run+0x10/0x10 [ 186.994034][ T5832] ? srso_alias_return_thunk+0x5/0xfbef5 [ 186.994081][ T5832] ? __pfx___x64_sys_umount+0x10/0x10 [ 186.994137][ T5832] exit_to_user_mode_loop+0xeb/0x110 [ 186.994179][ T5832] do_syscall_64+0x3f6/0x4c0 [ 186.994243][ T5832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.994286][ T5832] RIP: 0033:0x7f147af8fc57 [ 186.994315][ T5832] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 186.994351][ T5832] RSP: 002b:00007ffd96eb39a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 186.994385][ T5832] RAX: 0000000000000000 RBX: 00007f147b010925 RCX: 00007f147af8fc57 [ 186.994409][ T5832] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd96eb3a60 [ 186.994432][ T5832] RBP: 00007ffd96eb3a60 R08: 0000000000000000 R09: 0000000000000000 [ 186.994455][ T5832] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd96eb4af0 [ 186.994479][ T5832] R13: 00007f147b010925 R14: 000000000002d8f4 R15: 00007ffd96eb4b30 [ 186.994528][ T5832] [ 187.505200][ T5832] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 188.558195][ T43] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 189.087758][ T43] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 189.133102][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.178621][ T6727] [U]  [ 189.179757][ T43] usb 3-1: config 0 descriptor?? [ 189.195575][ T43] cp210x 3-1:0.0: cp210x converter detected [ 189.684099][ T6740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.250'. [ 189.708493][ T43] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -71 [ 189.755179][ T43] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 189.780880][ T6743] loop4: detected capacity change from 0 to 128 [ 189.843925][ T43] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 189.863631][ T6743] ufs: You didn't specify the type of your ufs filesystem [ 189.863631][ T6743] [ 189.863631][ T6743] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 189.863631][ T6743] [ 189.863631][ T6743] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 189.894722][ C0] vkms_vblank_simulate: vblank timer overrun [ 189.921364][ T43] usb 3-1: cp210x converter now attached to ttyUSB0 [ 189.961309][ T6743] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 189.997173][ T43] usb 3-1: USB disconnect, device number 3 [ 190.166214][ T43] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 190.176841][ T5808] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 190.216883][ T43] cp210x 3-1:0.0: device disconnected [ 190.235554][ T6752] netlink: 24 bytes leftover after parsing attributes in process `syz.1.254'. [ 190.265861][ T6059] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 190.370361][ T5808] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 4 [ 190.403860][ T5808] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 65535, setting to 64 [ 190.421259][ T5808] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 190.465974][ T6059] usb 5-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 190.500505][ T5808] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.510572][ T6059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 190.545598][ T6748] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 190.566104][ T6059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 12160, setting to 64 [ 190.636910][ T5808] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 190.653157][ T6059] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 190.673822][ T5808] usb 1-1: invalid MIDI in EP 0 [ 190.713825][ T6059] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 190.749383][ T6762] netlink: 12 bytes leftover after parsing attributes in process `syz.3.258'. [ 190.763463][ T6059] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 190.792859][ T6059] usb 5-1: Manufacturer: syz [ 190.836549][ T43] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 190.852245][ T6059] usb 5-1: config 0 descriptor?? [ 190.985465][ T5906] udevd[5906]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 191.039871][ T43] usb 3-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac [ 191.063562][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.125302][ T5808] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 191.126002][ T43] usb 3-1: Product: syz [ 191.199626][ T5808] usb 1-1: USB disconnect, device number 3 [ 191.210986][ T43] usb 3-1: Manufacturer: syz [ 191.215680][ T43] usb 3-1: SerialNumber: syz [ 191.240939][ T43] usb 3-1: config 0 descriptor?? [ 191.288449][ T43] usb 3-1: interface 1 not found [ 191.308040][ T6059] rc_core: IR keymap rc-hauppauge not found [ 191.338145][ T6059] Registered IR keymap rc-empty [ 191.352798][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.379109][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.417927][ T6059] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 191.472109][ T43] usb 3-1: USB disconnect, device number 4 [ 191.691913][ T6059] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input6 [ 191.751112][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.784393][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.817427][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.836353][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.866338][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.896383][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.926331][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.966336][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 191.996374][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 192.019256][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 192.088702][ T6059] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 192.111631][ T6059] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1c [ 192.125878][ T6059] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 192.244657][ T6059] usb 5-1: USB disconnect, device number 2 [ 192.343132][ T6787] netlink: 52 bytes leftover after parsing attributes in process `syz.2.266'. [ 192.405654][ T6787] netlink: 52 bytes leftover after parsing attributes in process `syz.2.266'. [ 192.754269][ T6791] netlink: 24 bytes leftover after parsing attributes in process `syz.1.269'. [ 193.036214][ T6059] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 193.246107][ T6059] usb 3-1: not running at top speed; connect to a high speed hub [ 193.262510][ T6059] usb 3-1: config 9 has an invalid interface number: 211 but max is 0 [ 193.281403][ T6059] usb 3-1: config 9 has no interface number 0 [ 193.291537][ T6059] usb 3-1: config 9 interface 211 has no altsetting 0 [ 193.823427][ T6059] usb 3-1: New USB device found, idVendor=0a5c, idProduct=bd17, bcdDevice=c6.87 [ 193.852042][ T6059] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.877241][ T6059] usb 3-1: Product: syz [ 193.891732][ T6059] usb 3-1: Manufacturer: syz [ 193.921529][ T6059] usb 3-1: SerialNumber: syz [ 194.207506][ T6059] usb 3-1: USB disconnect, device number 5 [ 194.516402][ T5808] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 194.591628][ T6822] loop4: detected capacity change from 0 to 1024 [ 194.688625][ T5808] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 194.701008][ T5808] usb 6-1: config 0 has no interface number 0 [ 194.725691][ T5808] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 194.758910][ T6822] hfsplus: can't free extent [ 194.795993][ T5808] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.827356][ T5808] usb 6-1: config 0 descriptor?? [ 194.866734][ T5808] usb 6-1: selecting invalid altsetting 1 [ 194.908964][ T5808] dvb_ttusb_budget: ttusb_init_controller: error [ 194.939501][ T5808] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 195.124217][ T6829] fuse: Bad value for 'fd' [ 195.379593][ T6833] netlink: 24 bytes leftover after parsing attributes in process `syz.2.285'. [ 196.010720][ T6839] syz.4.284 uses obsolete (PF_INET,SOCK_PACKET) [ 196.752068][ T5808] DVB: Unable to find symbol cx22700_attach() [ 197.099346][ T5808] DVB: Unable to find symbol tda10046_attach() [ 197.105571][ T5808] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 197.158479][ T5808] usb 6-1: USB disconnect, device number 3 [ 197.194364][ T6853] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.223560][ T6853] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.308275][ T6020] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 197.516438][ T6020] usb 1-1: Using ep0 maxpacket: 8 [ 197.534312][ T6020] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 197.543670][ T6020] usb 1-1: config 179 has no interface number 0 [ 197.573292][ T6020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 197.616931][ T6020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 197.655855][ T6020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 197.707416][ T6020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 197.760091][ T6020] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 197.818297][ T6020] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 197.874133][ T6020] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.891664][ T6869] usb usb8: usbfs: process 6869 (syz.2.296) did not claim interface 0 before use [ 198.345881][ T6858] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 198.462315][ T6020] xpad 1-1:179.65: probe with driver xpad failed with error -5 [ 198.788031][ T5808] usb 1-1: USB disconnect, device number 4 [ 202.650560][ T6933] netlink: 36 bytes leftover after parsing attributes in process `syz.1.316'. [ 202.946816][ T6943] veth1_to_bond: entered allmulticast mode [ 203.047566][ T6945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.321'. [ 203.073459][ T6941] veth1_to_bond: left allmulticast mode [ 203.662350][ T6942] loop5: detected capacity change from 0 to 4096 [ 203.715975][ T6942] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 203.891105][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.897700][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.116885][ T6942] ntfs3(loop5): Failed to load $Extend (-22). [ 204.169232][ T6942] ntfs3(loop5): Failed to initialize $Extend. [ 205.139244][ T6974] usb usb8: usbfs: process 6974 (syz.3.332) did not claim interface 0 before use [ 205.613835][ T6976] netlink: 24 bytes leftover after parsing attributes in process `syz.5.331'. [ 206.277756][ T6979] sch_tbf: burst 88 is lower than device veth3 mtu (1514) ! [ 211.259099][ T7032] syzkaller0: entered promiscuous mode [ 211.264644][ T7032] syzkaller0: entered allmulticast mode [ 214.626537][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.5.362'. [ 216.617394][ T7073] netlink: 'syz.5.362': attribute type 1 has an invalid length. [ 216.625248][ T7073] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.362'. [ 217.467066][ T7100] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5 [ 217.502438][ T7102] netlink: 'syz.2.371': attribute type 1 has an invalid length. [ 217.535372][ T7098] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.552485][ T7098] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.753471][ T7116] netlink: 4 bytes leftover after parsing attributes in process `syz.4.374'. [ 218.860693][ T7102] 8021q: adding VLAN 0 to HW filter on device bond1 [ 220.011381][ T7105] bond1: (slave gretap1): making interface the new active one [ 220.056477][ T7105] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 220.168708][ T7129] xt_hashlimit: size too large, truncated to 1048576 [ 220.258629][ T7130] netlink: 4 bytes leftover after parsing attributes in process `syz.5.377'. [ 220.468215][ T7133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.378'. [ 223.685133][ T7168] netlink: 56 bytes leftover after parsing attributes in process `syz.0.389'. [ 223.733309][ T7168] Bluetooth: MGMT ver 1.23 [ 224.924873][ T7152] Bluetooth: MGMT ver 1.23 [ 225.964541][ T7202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.399'. [ 227.205318][ T7215] netlink: 16 bytes leftover after parsing attributes in process `syz.1.402'. [ 227.235351][ T7215] netlink: 16 bytes leftover after parsing attributes in process `syz.1.402'. [ 227.271622][ T7218] netlink: 20 bytes leftover after parsing attributes in process `syz.3.403'. [ 229.506097][ T5842] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 229.665889][ T5842] usb 6-1: device descriptor read/64, error -71 [ 229.956000][ T5842] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 230.146007][ T5842] usb 6-1: device descriptor read/64, error -71 [ 230.167232][ T7265] loop2: detected capacity change from 0 to 256 [ 230.229406][ T7265] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 230.244625][ T7265] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 230.256500][ T5842] usb usb6-port1: attempt power cycle [ 230.336976][ T7265] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 230.777127][ T5842] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 231.028400][ T5842] usb 6-1: device descriptor read/8, error -71 [ 231.277770][ T5842] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 231.358861][ T5842] usb 6-1: device descriptor read/8, error -71 [ 231.496319][ T5842] usb usb6-port1: unable to enumerate USB device [ 231.661448][ T7282] atomic_op ffff88807decb198 conn xmit_atomic 0000000000000000 [ 232.216344][ T7292] usb usb8: usbfs: process 7292 (syz.1.431) did not claim interface 0 before use [ 233.358696][ T7297] tipc: Started in network mode [ 233.365433][ T7297] tipc: Node identity 9e3ebe6c54ce, cluster identity 4711 [ 233.394492][ T7297] tipc: Enabled bearer , priority 0 [ 233.518168][ T7296] tipc: Disabling bearer [ 233.685833][ T7310] loop4: detected capacity change from 0 to 256 [ 233.799527][ T7310] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 233.887138][ T7310] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 233.941125][ T7310] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 235.516873][ T43] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 235.756590][ T43] usb 1-1: device descriptor read/64, error -71 [ 236.026122][ T43] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 236.057356][ T7347] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.118959][ T7347] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.205952][ T43] usb 1-1: device descriptor read/64, error -71 [ 236.367545][ T43] usb usb1-port1: attempt power cycle [ 236.696305][ T5846] Bluetooth: hci1: command 0x0406 tx timeout [ 236.702975][ T5144] Bluetooth: hci4: command 0x0406 tx timeout [ 236.705931][ T5855] Bluetooth: hci0: command 0x0406 tx timeout [ 236.709178][ T5854] Bluetooth: hci5: command 0x0406 tx timeout [ 236.715347][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 236.727573][ T43] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 236.765991][ T43] usb 1-1: device descriptor read/8, error -71 [ 236.981934][ T7361] netdevsim netdevsim5 : renamed from netdevsim0 (while UP) [ 237.009812][ T7360] tipc: Started in network mode [ 237.014763][ T7360] tipc: Node identity 1675d9e8235c, cluster identity 4711 [ 237.026445][ T43] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 237.047171][ T7360] tipc: Enabled bearer , priority 0 [ 237.067117][ T43] usb 1-1: device descriptor read/8, error -71 [ 237.191746][ T7358] tipc: Disabling bearer [ 237.212434][ T43] usb usb1-port1: unable to enumerate USB device [ 237.221239][ T7366] netlink: 44 bytes leftover after parsing attributes in process `syz.4.457'. [ 237.511135][ T7373] loop4: detected capacity change from 0 to 256 [ 237.569324][ T7373] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 237.617537][ T7373] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 237.683966][ T7373] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 239.379827][ T7396] netlink: 60 bytes leftover after parsing attributes in process `syz.2.467'. [ 239.783138][ T7404] netlink: 44 bytes leftover after parsing attributes in process `syz.1.471'. [ 240.072949][ T7409] usb usb8: usbfs: process 7409 (syz.2.472) did not claim interface 0 before use [ 242.408972][ T7448] netlink: 44 bytes leftover after parsing attributes in process `syz.3.487'. [ 242.502850][ T7450] veth1_to_bond: entered allmulticast mode [ 242.512800][ T7450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.488'. [ 242.547206][ T7449] veth1_to_bond: left allmulticast mode [ 243.646450][ T6059] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 243.825935][ T6059] usb 5-1: device descriptor read/64, error -71 [ 244.106367][ T6059] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 244.265893][ T6059] usb 5-1: device descriptor read/64, error -71 [ 244.402123][ T6059] usb usb5-port1: attempt power cycle [ 244.826004][ T6059] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 244.886648][ T6059] usb 5-1: device descriptor read/8, error -71 [ 244.907526][ T7504] veth1_to_bond: entered allmulticast mode [ 244.952713][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.506'. [ 244.996542][ T7502] veth1_to_bond: left allmulticast mode [ 245.145873][ T6059] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 245.197157][ T6059] usb 5-1: device descriptor read/8, error -71 [ 245.316911][ T6059] usb usb5-port1: unable to enumerate USB device [ 246.991695][ T7548] veth1_to_bond: entered allmulticast mode [ 247.054542][ T7551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.523'. [ 247.155421][ T7547] veth1_to_bond: left allmulticast mode [ 247.300493][ T7554] usb usb8: usbfs: process 7554 (syz.2.525) did not claim interface 0 before use [ 247.800159][ T7556] netlink: 20 bytes leftover after parsing attributes in process `syz.3.526'. [ 248.736050][ T5808] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 249.695842][ T5808] usb 1-1: device descriptor read/64, error -71 [ 249.696893][ T7579] loop2: detected capacity change from 0 to 512 [ 249.821885][ T7579] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.535: casefold flag without casefold feature [ 249.980161][ T7579] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.535: couldn't read orphan inode 15 (err -117) [ 249.980611][ T5808] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 250.052644][ T7579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.087995][ T7589] tipc: Enabling of bearer rejected, failed to enable media [ 250.251118][ T5808] usb 1-1: device descriptor read/64, error -71 [ 250.364662][ T7593] veth1_to_bond: entered allmulticast mode [ 250.410040][ T5808] usb usb1-port1: attempt power cycle [ 250.416349][ T7593] netlink: 4 bytes leftover after parsing attributes in process `syz.3.540'. [ 250.734994][ T7592] veth1_to_bond: left allmulticast mode [ 251.284668][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.485895][ T5808] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 251.573485][ T5808] usb 1-1: device descriptor read/8, error -71 [ 253.177166][ T7640] tipc: Enabling of bearer rejected, failed to enable media [ 253.608415][ T7654] netlink: 'syz.0.560': attribute type 1 has an invalid length. [ 253.754523][ T7654] 8021q: adding VLAN 0 to HW filter on device bond1 [ 253.879058][ T7661] bond1: (slave gretap1): making interface the new active one [ 253.915822][ T5842] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 253.937602][ T7661] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 254.077616][ T5842] usb 6-1: device descriptor read/64, error -71 [ 254.326017][ T5842] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 254.515869][ T5842] usb 6-1: device descriptor read/64, error -71 [ 254.627377][ T5842] usb usb6-port1: attempt power cycle [ 254.997031][ T5842] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 255.082580][ T5842] usb 6-1: device descriptor read/8, error -71 [ 255.395933][ T5842] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 255.491103][ T5842] usb 6-1: device descriptor read/8, error -71 [ 255.646717][ T5842] usb usb6-port1: unable to enumerate USB device [ 255.845847][ T7706] tipc: Enabling of bearer rejected, failed to enable media [ 256.075166][ T5808] IPVS: starting estimator thread 0... [ 256.196380][ T7716] IPVS: using max 21 ests per chain, 50400 per kthread [ 256.295788][ T7723] netlink: 40 bytes leftover after parsing attributes in process `syz.1.583'. [ 256.527789][ T7726] netlink: 116 bytes leftover after parsing attributes in process `syz.2.584'. [ 258.317339][ T7750] syzkaller0: entered promiscuous mode [ 258.323480][ T7750] syzkaller0: entered allmulticast mode [ 258.668492][ T7770] netlink: 4 bytes leftover after parsing attributes in process `syz.4.600'. [ 258.876563][ T5808] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 259.016337][ T5808] usb 4-1: device descriptor read/64, error -71 [ 259.269246][ T5808] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 259.417188][ T5808] usb 4-1: device descriptor read/64, error -71 [ 259.548711][ T5808] usb usb4-port1: attempt power cycle [ 259.906087][ T5808] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 259.958840][ T5808] usb 4-1: device descriptor read/8, error -71 [ 260.226843][ T5808] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 260.258788][ T5808] usb 4-1: device descriptor read/8, error -71 [ 260.383834][ T5808] usb usb4-port1: unable to enumerate USB device [ 260.896552][ T7790] bridge0: port 3(syz_tun) entered blocking state [ 260.912581][ T7790] bridge0: port 3(syz_tun) entered disabled state [ 260.921033][ T7790] syz_tun: entered allmulticast mode [ 260.949605][ T7790] syz_tun: entered promiscuous mode [ 261.633736][ T7814] netlink: 'syz.5.613': attribute type 1 has an invalid length. [ 261.719289][ T7814] 8021q: adding VLAN 0 to HW filter on device bond1 [ 263.949057][ T7833] syzkaller0: entered promiscuous mode [ 263.970113][ T7833] syzkaller0: entered allmulticast mode [ 264.014089][ T7840] batadv1: entered promiscuous mode [ 265.331609][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.345107][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.726049][ T5808] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 265.885916][ T5808] usb 5-1: device descriptor read/64, error -71 [ 266.156135][ T5808] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 266.305881][ T5808] usb 5-1: device descriptor read/64, error -71 [ 266.416331][ T5808] usb usb5-port1: attempt power cycle [ 266.777380][ T5808] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 266.851362][ T5808] usb 5-1: device descriptor read/8, error -71 [ 266.878074][ T7892] netlink: 40 bytes leftover after parsing attributes in process `syz.5.634'. [ 267.046836][ T7898] netlink: 'syz.0.635': attribute type 1 has an invalid length. [ 267.128309][ T5808] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 267.176470][ T5808] usb 5-1: device descriptor read/8, error -71 [ 267.181415][ T7904] netlink: 'syz.0.635': attribute type 2 has an invalid length. [ 267.193465][ T7898] 8021q: adding VLAN 0 to HW filter on device bond2 [ 267.235469][ T7898] netlink: 24 bytes leftover after parsing attributes in process `syz.0.635'. [ 267.296171][ T5808] usb usb5-port1: unable to enumerate USB device [ 268.697374][ T7939] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.645'. [ 270.086238][ T7962] batadv1: entered promiscuous mode [ 271.402463][ T7977] loop1: detected capacity change from 0 to 256 [ 271.477801][ T7977] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 271.586684][ T7977] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 271.591672][ T7988] netlink: 'syz.5.663': attribute type 1 has an invalid length. [ 271.638147][ T7977] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 271.649832][ T7991] loop4: detected capacity change from 0 to 256 [ 271.682239][ T7991] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 271.800486][ T7991] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 271.817472][ T7988] 8021q: adding VLAN 0 to HW filter on device bond2 [ 271.918623][ T7991] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 273.592620][ T8014] batadv1: entered promiscuous mode [ 275.816021][ T8043] netlink: 'syz.4.678': attribute type 1 has an invalid length. [ 276.029464][ T8043] 8021q: adding VLAN 0 to HW filter on device bond1 [ 276.256184][ T8050] netlink: 36 bytes leftover after parsing attributes in process `syz.2.680'. [ 276.439139][ T8056] netlink: 88 bytes leftover after parsing attributes in process `syz.1.683'. [ 276.486248][ T8056] netlink: 88 bytes leftover after parsing attributes in process `syz.1.683'. [ 276.507361][ T8049] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.515198][ T8049] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.840047][ T8064] netlink: 40 bytes leftover after parsing attributes in process `syz.1.686'. [ 276.902431][ T8065] ieee802154 phy0 wpan0: encryption failed: -22 [ 277.075594][ T8049] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 277.134033][ T8049] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 277.373214][ T8049] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.391290][ T8049] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.403264][ T8049] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.419827][ T8049] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.406208][ T8107] netlink: 88 bytes leftover after parsing attributes in process `syz.0.699'. [ 279.686185][ T8107] netlink: 88 bytes leftover after parsing attributes in process `syz.0.699'. [ 279.732340][ T8110] netlink: 32 bytes leftover after parsing attributes in process `syz.4.698'. [ 280.339532][ T8120] netlink: 36 bytes leftover after parsing attributes in process `syz.1.704'. [ 280.924579][ T8121] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.962650][ T8127] netlink: 40 bytes leftover after parsing attributes in process `syz.0.705'. [ 282.779659][ T8158] netlink: 88 bytes leftover after parsing attributes in process `syz.3.717'. [ 282.884477][ T8158] netlink: 88 bytes leftover after parsing attributes in process `syz.3.717'. [ 282.926539][ T8160] netlink: 16 bytes leftover after parsing attributes in process `syz.5.718'. [ 282.961266][ T8163] netlink: 36 bytes leftover after parsing attributes in process `syz.2.720'. [ 283.399714][ T8171] loop5: detected capacity change from 0 to 512 [ 283.457133][ T8171] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.723: casefold flag without casefold feature [ 283.476287][ T8171] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.723: couldn't read orphan inode 15 (err -117) [ 283.619289][ T8171] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.271460][ T8195] loop3: detected capacity change from 0 to 128 [ 284.324499][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.335635][ T8195] ufs: You didn't specify the type of your ufs filesystem [ 284.335635][ T8195] [ 284.335635][ T8195] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 284.335635][ T8195] [ 284.335635][ T8195] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 284.398493][ T8195] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 285.132451][ T8202] bridge_slave_0: left allmulticast mode [ 285.155840][ T8202] bridge_slave_0: left promiscuous mode [ 285.211264][ T8202] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.285691][ T8202] bridge_slave_1: left allmulticast mode [ 285.304010][ T8202] bridge_slave_1: left promiscuous mode [ 285.322403][ T8202] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.375196][ T8202] bond0: (slave bond_slave_0): Releasing backup interface [ 285.407218][ T8212] netlink: 36 bytes leftover after parsing attributes in process `syz.5.737'. [ 285.417606][ T8202] bond0: (slave bond_slave_1): Releasing backup interface [ 285.437609][ T8202] team0: Port device team_slave_0 removed [ 285.461059][ T8202] team0: Port device team_slave_1 removed [ 285.482809][ T8202] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.493574][ T8202] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.510687][ T8202] bond1: (slave gretap1): Releasing active interface [ 287.448025][ T8228] veth1_to_bond: entered allmulticast mode [ 287.462883][ T8228] netlink: 4 bytes leftover after parsing attributes in process `syz.5.743'. [ 287.725087][ T8228] bond0: (slave bond_slave_1): Releasing backup interface [ 287.851534][ T8228] veth1_to_bond (unregistering): left allmulticast mode [ 288.273382][ T8252] netlink: 24 bytes leftover after parsing attributes in process `syz.5.752'. [ 288.302399][ T8255] netlink: 24 bytes leftover after parsing attributes in process `syz.0.751'. [ 288.465972][ T10] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 289.048213][ T10] usb 2-1: config 27 has an invalid descriptor of length 255, skipping remainder of the config [ 289.088517][ T8263] bond_slave_0: entered promiscuous mode [ 289.123214][ T10] usb 2-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 289.172010][ T8263] vlan2: entered promiscuous mode [ 289.185919][ T8263] bond0: entered promiscuous mode [ 289.210951][ T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 289.248575][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.329284][ T10] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 289.363645][ T8267] loop3: detected capacity change from 0 to 256 [ 289.445990][ T8267] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 289.525838][ T8267] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 289.530047][ T10] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 289.590738][ T5906] udevd[5906]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 289.662634][ T8267] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 289.692622][ T10] usb 2-1: USB disconnect, device number 2 [ 289.760103][ T8271] netlink: 60 bytes leftover after parsing attributes in process `syz.0.757'. [ 289.824855][ T8270] netlink: 60 bytes leftover after parsing attributes in process `syz.0.757'. [ 291.263775][ T8298] netlink: 24 bytes leftover after parsing attributes in process `syz.2.766'. [ 292.031074][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'. [ 292.095883][ T8305] netlink: 48 bytes leftover after parsing attributes in process `syz.0.767'. [ 292.115386][ T8305] netlink: 48 bytes leftover after parsing attributes in process `syz.0.767'. [ 294.739004][ T8352] netlink: 24 bytes leftover after parsing attributes in process `syz.0.781'. [ 294.759633][ T8352] netlink: 24 bytes leftover after parsing attributes in process `syz.0.781'. [ 294.797934][ T8352] netlink: 12 bytes leftover after parsing attributes in process `syz.0.781'. [ 294.872001][ T8358] netlink: 24 bytes leftover after parsing attributes in process `syz.2.783'. [ 295.520362][ T8369] usb usb8: usbfs: process 8369 (syz.0.787) did not claim interface 0 before use [ 297.110851][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.794'. [ 297.520506][ T8396] netlink: 24 bytes leftover after parsing attributes in process `syz.4.798'. [ 297.520811][ T8389] bond0: (slave bond_slave_1): Releasing backup interface [ 298.092309][ T8410] netlink: 24 bytes leftover after parsing attributes in process `syz.1.804'. [ 298.446225][ T8416] usb usb8: usbfs: process 8416 (syz.3.805) did not claim interface 0 before use [ 299.622245][ T5842] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 300.078144][ T5842] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 300.166611][ T8439] netlink: 24 bytes leftover after parsing attributes in process `syz.1.813'. [ 300.188349][ T5842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 300.265806][ T5842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 300.365837][ T5842] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 300.369281][ T8442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.817'. [ 300.451170][ T5842] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 300.478228][ T5842] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 300.495790][ T5842] usb 3-1: Manufacturer: syz [ 300.557295][ T5842] usb 3-1: config 0 descriptor?? [ 300.980146][ T8460] netlink: 24 bytes leftover after parsing attributes in process `syz.0.821'. [ 301.033799][ T5842] rc_core: IR keymap rc-hauppauge not found [ 301.054044][ T5842] Registered IR keymap rc-empty [ 301.074742][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.108304][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.149043][ T5842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 301.210650][ T5842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7 [ 301.335229][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.425526][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.466164][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.486167][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.511453][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.538420][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.634000][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.719290][ T8473] usb usb8: usbfs: process 8473 (syz.1.824) did not claim interface 0 before use [ 301.727651][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.868658][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 301.993214][ T5842] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 302.204144][ T5842] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 302.231223][ T5842] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 302.512367][ T5842] usb 3-1: USB disconnect, device number 6 [ 302.654951][ T8487] netlink: 12 bytes leftover after parsing attributes in process `syz.1.831'. [ 302.839579][ T8492] netlink: 52 bytes leftover after parsing attributes in process `syz.5.833'. [ 302.912251][ T8492] netlink: 52 bytes leftover after parsing attributes in process `syz.5.833'. [ 304.122717][ T8498] batadv1: entered promiscuous mode [ 304.616892][ T8507] netlink: 24 bytes leftover after parsing attributes in process `syz.1.838'. [ 304.696813][ T8509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'. [ 305.126921][ T43] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 305.370541][ T8523] usb usb8: usbfs: process 8523 (syz.5.844) did not claim interface 0 before use [ 305.691580][ T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 305.706222][ T8526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.845'. [ 305.736253][ T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 305.787217][ T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 305.826986][ T43] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 305.873375][ T43] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 305.917849][ T43] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 305.947611][ T43] usb 1-1: Manufacturer: syz [ 305.969469][ T43] usb 1-1: config 0 descriptor?? [ 306.168988][ T8534] tipc: Enabling of bearer rejected, failed to enable media [ 306.251701][ T8539] netlink: 'syz.2.850': attribute type 4 has an invalid length. [ 306.585809][ T43] rc_core: IR keymap rc-hauppauge not found [ 306.591984][ T43] Registered IR keymap rc-empty [ 306.597112][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 306.827038][ T8548] batadv1: entered promiscuous mode [ 306.918370][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.187187][ T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 307.251359][ T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input8 [ 307.318443][ T8551] netlink: 52 bytes leftover after parsing attributes in process `syz.2.854'. [ 307.329178][ T8551] netlink: 52 bytes leftover after parsing attributes in process `syz.2.854'. [ 307.401793][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.446522][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.475675][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.556257][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.586049][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.758600][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.791190][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.822266][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.857411][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.916766][ T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 307.992080][ T43] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 308.039662][ T43] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 308.086234][ T43] usb 1-1: USB disconnect, device number 13 [ 308.215043][ T8570] netlink: 36 bytes leftover after parsing attributes in process `syz.3.863'. [ 308.272360][ T8571] netlink: 36 bytes leftover after parsing attributes in process `syz.3.863'. [ 308.481450][ T8567] netlink: 'syz.4.861': attribute type 3 has an invalid length. [ 308.787351][ T8581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.868'. [ 308.806423][ T24] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 308.898274][ T8586] tipc: Enabling of bearer rejected, failed to enable media [ 308.979274][ T24] usb 2-1: config 27 has an invalid descriptor of length 255, skipping remainder of the config [ 309.021448][ T24] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 4 [ 309.094630][ T24] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 309.177149][ T24] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 309.218066][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.306677][ T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 309.510881][ T24] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 309.527902][ T5906] udevd[5906]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 309.640093][ T24] usb 2-1: USB disconnect, device number 3 [ 310.510962][ T8618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.878'. [ 310.563133][ T8624] netlink: 'syz.5.879': attribute type 3 has an invalid length. [ 310.697299][ T8627] netlink: 24 bytes leftover after parsing attributes in process `syz.3.880'. [ 310.752679][ T8627] netlink: 24 bytes leftover after parsing attributes in process `syz.3.880'. [ 311.424232][ T8639] netlink: 12 bytes leftover after parsing attributes in process `syz.4.883'. [ 311.453799][ T8638] netlink: 20 bytes leftover after parsing attributes in process `syz.3.882'. [ 312.023335][ T8650] tipc: Enabling of bearer rejected, failed to enable media [ 312.464431][ T8662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.891'. [ 312.699950][ T8672] netlink: 8 bytes leftover after parsing attributes in process `syz.0.893'. [ 312.834869][ T8676] netlink: 40 bytes leftover after parsing attributes in process `syz.1.895'. [ 313.291430][ T8684] netlink: 12 bytes leftover after parsing attributes in process `syz.0.898'. [ 315.380287][ T8724] netlink: 40 bytes leftover after parsing attributes in process `syz.4.913'. [ 316.475962][ T8737] netlink: 12 bytes leftover after parsing attributes in process `syz.0.916'. [ 318.419144][ T8774] netlink: 'syz.5.929': attribute type 10 has an invalid length. [ 318.754085][ T8774] 8021q: adding VLAN 0 to HW filter on device team0 [ 319.079860][ T8774] team0: entered promiscuous mode [ 319.107259][ T8774] team_slave_0: entered promiscuous mode [ 319.134547][ T8774] team_slave_1: entered promiscuous mode [ 319.151654][ T8774] bond0: (slave team0): Enslaving as an active interface with an up link [ 319.342474][ T30] audit: type=1107 audit(1750864974.501:27): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='1d]:xJP@cd$JnyO^D#z' [ 323.608871][ T8821] batadv1: entered promiscuous mode [ 325.730673][ T8877] netlink: 892 bytes leftover after parsing attributes in process `syz.3.959'. [ 325.783037][ T8880] sock: sock_set_timeout: `syz.1.960' (pid 8880) tries to set negative timeout [ 326.147162][ T8889] netlink: 4 bytes leftover after parsing attributes in process `syz.5.963'. [ 326.326965][ T8896] netlink: 16 bytes leftover after parsing attributes in process `syz.1.965'. [ 326.392882][ T8896] netlink: 16 bytes leftover after parsing attributes in process `syz.1.965'. [ 326.772680][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.781919][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.028070][ T8910] sch_fq: defrate 0 ignored. [ 327.382299][ T8921] netlink: 16 bytes leftover after parsing attributes in process `syz.4.974'. [ 329.363355][ T8931] netlink: 36 bytes leftover after parsing attributes in process `syz.2.977'. [ 329.567973][ T8937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.980'. [ 329.585428][ T8937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.980'. [ 329.800614][ T8946] usb usb8: usbfs: process 8946 (syz.0.982) did not claim interface 0 before use [ 330.379720][ T8948] netlink: 'syz.3.981': attribute type 3 has an invalid length. [ 330.564191][ T8948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.981'. [ 331.032112][ T8967] Set syz1 is full, maxelem 0 reached [ 331.076897][ T8963] hsr0: entered promiscuous mode [ 331.848292][ T8980] loop4: detected capacity change from 0 to 256 [ 332.098503][ T8980] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 332.145883][ T8980] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 332.222079][ T8980] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 332.430037][ T8987] netlink: 4 bytes leftover after parsing attributes in process `syz.0.996'. [ 332.654985][ T8993] netlink: 16 bytes leftover after parsing attributes in process `syz.3.999'. [ 332.765883][ T51] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 332.816257][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 332.838283][ T8995] usb usb8: usbfs: process 8995 (syz.1.998) did not claim interface 0 before use [ 333.219106][ T8993] netlink: 16 bytes leftover after parsing attributes in process `syz.3.999'. [ 333.642982][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1005'. [ 333.677250][ T9009] IPVS: Error joining to the multicast group [ 334.373959][ T9029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1014'. [ 334.598139][ T9036] veth1_to_bond: entered allmulticast mode [ 334.614090][ T9036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1016'. [ 334.864208][ T9036] bond0: (slave bond_slave_1): Releasing backup interface [ 335.115524][ T9036] veth1_to_bond (unregistering): left allmulticast mode [ 335.580493][ T9043] macvlan0: entered allmulticast mode [ 335.620071][ T9043] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1021'. [ 335.761897][ T9059] loop2: detected capacity change from 0 to 128 [ 335.789115][ T9059] ufs: You didn't specify the type of your ufs filesystem [ 335.789115][ T9059] [ 335.789115][ T9059] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 335.789115][ T9059] [ 335.789115][ T9059] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 335.865972][ T9059] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 336.216191][ T5842] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 336.365862][ T5842] usb 3-1: device descriptor read/64, error -71 [ 336.382274][ T9077] netlink: 'syz.1.1030': attribute type 1 has an invalid length. [ 336.434627][ T9077] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1030'. [ 336.683724][ T5842] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 336.856231][ T5842] usb 3-1: device descriptor read/64, error -71 [ 337.039894][ T5842] usb usb3-port1: attempt power cycle [ 338.085853][ T5842] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 338.157596][ T5842] usb 3-1: device descriptor read/8, error -71 [ 338.416466][ T5842] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 338.476588][ T5842] usb 3-1: device descriptor read/8, error -71 [ 338.525619][ T9118] loop0: detected capacity change from 0 to 512 [ 338.564324][ T9119] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1039'. [ 338.647013][ T5842] usb usb3-port1: unable to enumerate USB device [ 338.675955][ T9118] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1040: casefold flag without casefold feature [ 338.706804][ T9118] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1040: couldn't read orphan inode 15 (err -117) [ 338.805075][ T9118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 338.969947][ T9128] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1044'. [ 339.025284][ T9128] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1044'. [ 339.117635][ T9133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1045'. [ 339.363983][ T9136] loop2: detected capacity change from 0 to 256 [ 339.378326][ T9136] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 339.485895][ T9136] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 339.613422][ T9136] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 339.637047][ T9145] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1049'. [ 339.678775][ T9147] netlink: 868 bytes leftover after parsing attributes in process `syz.5.1047'. [ 339.701522][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.074923][ T9158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1051'. [ 340.232414][ T9158] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 340.428863][ T9158] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 341.030245][ T9179] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1058'. [ 341.352070][ T9185] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1059'. [ 342.555074][ T9206] netlink: 860 bytes leftover after parsing attributes in process `syz.3.1068'. [ 343.651265][ T9222] bridge_slave_1: left allmulticast mode [ 343.666781][ T9234] __nla_validate_parse: 2 callbacks suppressed [ 343.666804][ T9234] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1075'. [ 343.733116][ T9222] bridge_slave_1: left promiscuous mode [ 343.770478][ T9222] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.880034][ T9241] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1077'. [ 343.934187][ T9222] bridge_slave_0: left allmulticast mode [ 343.966553][ T9242] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 344.047460][ T9222] bridge_slave_0: left promiscuous mode [ 344.128415][ T9222] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.512368][ T9242] syz_tun: left allmulticast mode [ 344.526542][ T9242] syz_tun: left promiscuous mode [ 344.531958][ T9242] bridge0: port 3(syz_tun) entered disabled state [ 344.630114][ T9242] bridge_slave_0: left allmulticast mode [ 344.648411][ T9242] bridge_slave_0: left promiscuous mode [ 344.662524][ T9242] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.730674][ T9242] bridge_slave_1: left allmulticast mode [ 344.744993][ T9242] bridge_slave_1: left promiscuous mode [ 344.763417][ T9242] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.785346][ T9242] bond0: (slave bond_slave_0): Releasing backup interface [ 344.824381][ T9242] team0: Port device team_slave_0 removed [ 344.863620][ T9242] team0: Port device team_slave_1 removed [ 344.872862][ T9242] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.889288][ T9242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.908500][ T9242] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.917853][ T9242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 345.376075][ T9269] netlink: 860 bytes leftover after parsing attributes in process `syz.0.1084'. [ 345.500606][ T9273] netlink: 'syz.3.1085': attribute type 1 has an invalid length. [ 345.619105][ T9279] loop5: detected capacity change from 0 to 256 [ 345.663651][ T9279] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 345.707084][ T9279] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 345.744675][ T9273] 8021q: adding VLAN 0 to HW filter on device bond1 [ 345.809862][ T9279] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 345.912413][ T9280] bond1: (slave gretap1): making interface the new active one [ 345.952088][ T9280] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 346.178957][ T9288] loop2: detected capacity change from 0 to 512 [ 346.226183][ T9288] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1090: casefold flag without casefold feature [ 346.321098][ T9288] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1090: couldn't read orphan inode 15 (err -117) [ 346.426623][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1092'. [ 346.468748][ T9288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 346.542790][ T9300] netlink: 'syz.3.1093': attribute type 1 has an invalid length. [ 347.702546][ T9303] batadv1: entered promiscuous mode [ 348.315124][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1095'. [ 348.381850][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1095'. [ 348.564573][ T9316] vlan2: entered promiscuous mode [ 348.605928][ T9316] syz_tun: entered promiscuous mode [ 348.828063][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.292119][ T9340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1103'. [ 349.567949][ T9346] netlink: 'syz.0.1106': attribute type 1 has an invalid length. [ 349.817833][ T9346] 8021q: adding VLAN 0 to HW filter on device bond3 [ 349.929596][ T9355] xt_hashlimit: size too large, truncated to 1048576 [ 350.046540][ T24] af_packet: tpacket_rcv: packet too big, clamped from 94 to 4294967286. macoff=82 [ 350.155093][ T9365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1110'. [ 351.814982][ T9386] loop0: detected capacity change from 0 to 256 [ 351.915817][ T9386] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 352.026789][ T9386] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 352.115934][ T9386] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 352.821742][ T9400] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1121'. [ 352.832516][ T9408] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1122'. [ 353.083990][ T9413] usb usb8: usbfs: process 9413 (syz.4.1123) did not claim interface 0 before use [ 353.624567][ T9418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1125'. [ 354.969568][ T9439] netlink: 'syz.4.1133': attribute type 1 has an invalid length. [ 355.414151][ T9446] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1137'. [ 355.459640][ T9446] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1137'. [ 355.789194][ T9452] netdevsim netdevsim4 : renamed from netdevsim0 (while UP) [ 355.932798][ T9457] netlink: 300 bytes leftover after parsing attributes in process `syz.1.1141'. [ 356.091658][ T9460] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'. [ 356.145534][ T9460] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'. [ 356.936029][ T9475] RDS: rds_bind could not find a transport for fc02::1, load rds_tcp or rds_rdma? [ 357.174203][ T9480] netlink: 'syz.2.1150': attribute type 1 has an invalid length. [ 357.308361][ T9485] netlink: 'syz.1.1153': attribute type 10 has an invalid length. [ 357.331379][ T9485] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1153'. [ 357.366984][ T9485] bridge0: port 1(dummy0) entered blocking state [ 357.405217][ T9485] bridge0: port 1(dummy0) entered disabled state [ 357.464721][ T9485] dummy0: entered allmulticast mode [ 357.521128][ T9485] dummy0: entered promiscuous mode [ 359.294352][ T9545] netlink: 87 bytes leftover after parsing attributes in process `syz.2.1167'. [ 360.191843][ T9564] netlink: 'syz.2.1172': attribute type 1 has an invalid length. [ 360.252759][ T9566] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1171'. [ 360.264156][ T9566] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1171'. [ 360.281570][ T9566] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1171'. [ 360.608740][ T9564] 8021q: adding VLAN 0 to HW filter on device bond2 [ 363.867386][ T9591] batadv1: entered promiscuous mode [ 364.292533][ T9604] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 364.689922][ T9617] __nla_validate_parse: 1 callbacks suppressed [ 364.689948][ T9617] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1188'. [ 364.950984][ T9624] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1192'. [ 367.672959][ T9636] batadv1: entered promiscuous mode [ 368.984850][ T9663] syzkaller0: entered promiscuous mode [ 369.010363][ T9663] syzkaller0: entered allmulticast mode [ 372.719203][ T9706] netdevsim netdevsim0 : renamed from netdevsim0 [ 372.739916][ T9714] batadv1: entered promiscuous mode [ 373.196667][ T9718] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1216'. [ 373.694894][ T9733] veth1_to_bond: entered allmulticast mode [ 373.748561][ T9731] veth1_to_bond: left allmulticast mode [ 374.593452][ T9756] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1228'. [ 374.626751][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1230'. [ 375.283795][ T9779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1235'. [ 376.172632][ T9792] usb usb8: usbfs: process 9792 (syz.3.1236) did not claim interface 0 before use [ 377.118174][ T9817] netlink: 'syz.1.1244': attribute type 4 has an invalid length. [ 378.174304][ T9833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1248'. [ 378.399154][ T9837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1251'. [ 379.994062][ T9851] batadv1: entered promiscuous mode [ 380.548354][ T9871] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1259'. [ 380.602043][ T9871] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1259'. [ 380.983459][ T9877] netlink: 'syz.3.1261': attribute type 4 has an invalid length. [ 381.113720][ T9883] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1263'. [ 381.680463][ T9891] loop0: detected capacity change from 0 to 256 [ 381.687403][ T9893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 381.706694][ T9891] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 381.719452][ T9892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1266'. [ 381.733284][ T9891] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 381.780566][ T9891] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 382.741183][ T9901] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1271'. [ 383.760065][ T9913] batadv1: entered promiscuous mode [ 384.378003][ T9917] loop5: detected capacity change from 0 to 128 [ 384.457379][ T9917] ufs: You didn't specify the type of your ufs filesystem [ 384.457379][ T9917] [ 384.457379][ T9917] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 384.457379][ T9917] [ 384.457379][ T9917] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 384.572901][ T9917] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 384.610410][ T9921] netlink: 'syz.4.1277': attribute type 1 has an invalid length. [ 384.896375][ T43] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 385.090078][ T43] usb 6-1: config 0 has an invalid descriptor of length 128, skipping remainder of the config [ 385.106275][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 63494, setting to 64 [ 385.136924][ T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 385.165137][ T43] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 385.176831][ T43] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 385.193987][ T43] usb 6-1: Manufacturer: syz [ 385.212750][ T43] usb 6-1: config 0 descriptor?? [ 386.057932][ T9941] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1285'. [ 386.490928][ T9954] netdevsim netdevsim3 : renamed from netdevsim0 (while UP) [ 387.205628][ T9965] netlink: 'syz.3.1293': attribute type 1 has an invalid length. [ 387.577588][ T5808] usb 6-1: USB disconnect, device number 12 [ 387.601271][ T9972] usb usb8: usbfs: process 9972 (syz.3.1294) did not claim interface 0 before use [ 388.064533][ T9973] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1295'. [ 388.215570][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.388893][ T9977] loop3: detected capacity change from 0 to 256 [ 388.462681][ T9977] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 388.540164][ T9983] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1300'. [ 388.543620][ T9977] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 388.629634][ T9977] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 389.295915][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1301'. [ 389.323528][ T9989] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1302'. [ 389.708629][ T9996] netlink: 'syz.5.1306': attribute type 1 has an invalid length. [ 389.835806][T10002] netlink: 'syz.4.1307': attribute type 1 has an invalid length. [ 389.846160][T10002] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1307'. [ 389.904486][T10002] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 390.001101][T10002] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1307'. [ 390.103939][T10008] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1311'. [ 390.949961][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'. [ 391.965592][T10049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1321'. [ 497.255621][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 497.262632][ C0] rcu: 1-...!: (0 ticks this GP) idle=a884/1/0x4000000000000000 softirq=40692/40692 fqs=1 [ 497.273867][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P10059/1:b..l [ 497.281913][ C0] rcu: (detected by 0, t=10502 jiffies, g=38313, q=148 ncpus=2) [ 497.289654][ C0] Sending NMI from CPU 0 to CPUs 1: [ 497.289693][ C1] NMI backtrace for cpu 1 [ 497.289713][ C1] CPU: 1 UID: 0 PID: 10062 Comm: syz.3.1327 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 497.289754][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 497.289774][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 497.289819][ C1] Code: e9 2d df 5a 00 be 03 00 00 00 5b e9 32 9f 1d 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 18 53 10 12 65 8b 05 29 53 10 12 a9 00 01 ff 00 74 1d [ 497.289852][ C1] RSP: 0018:ffffc90000a08d88 EFLAGS: 00000002 [ 497.289877][ C1] RAX: ffffed100a9c5aa6 RBX: ffff88806b0fa340 RCX: 1ffff1100a9c5aa6 [ 497.289900][ C1] RDX: ffff888033ae1e00 RSI: ffffffff8990a25a RDI: 0000000000000005 [ 497.289921][ C1] RBP: ffff888054e2d400 R08: 0000000000000005 R09: 0000000000000000 [ 497.289942][ C1] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000002 [ 497.289962][ C1] R13: 0000000000000002 R14: 0000000000000000 R15: ffff888054ce6c00 [ 497.289986][ C1] FS: 00007f8f3e4aa6c0(0000) GS:ffff888124859000(0000) knlGS:0000000000000000 [ 497.290015][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 497.290037][ C1] CR2: 00007f8f3e4a9f98 CR3: 0000000048e63000 CR4: 0000000000350ef0 [ 497.290059][ C1] Call Trace: [ 497.290070][ C1] [ 497.290081][ C1] advance_sched+0x3ea/0xc80 [ 497.290142][ C1] ? __pfx_advance_sched+0x10/0x10 [ 497.290194][ C1] __hrtimer_run_queues+0x202/0xad0 [ 497.290239][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 497.290275][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.290324][ C1] hrtimer_interrupt+0x397/0x8e0 [ 497.290373][ C1] __sysvec_apic_timer_interrupt+0x10b/0x3f0 [ 497.290432][ C1] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 497.290483][ C1] [ 497.290494][ C1] [ 497.290505][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 497.290542][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 [ 497.290592][ C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 36 d0 17 f6 48 89 df e8 1e 24 18 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 01 00 00 00 e8 55 44 08 f6 65 8b 05 4e ca 4b 08 85 c0 74 16 5b [ 497.290624][ C1] RSP: 0018:ffffc9001ddc7ca8 EFLAGS: 00000246 [ 497.290649][ C1] RAX: 0000000000000006 RBX: ffff8880b8427c80 RCX: 0000000000000007 [ 497.290670][ C1] RDX: 0000000000000000 RSI: ffffffff8de15801 RDI: ffffffff8c1567e0 [ 497.290691][ C1] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000001 [ 497.290711][ C1] R10: ffffffff90a82f57 R11: 0000000000000001 R12: 0000000000000000 [ 497.290732][ C1] R13: 3aef2525c4c74d0b R14: dffffc0000000000 R15: ffff8880b8427c80 [ 497.290770][ C1] clock_was_set+0x599/0x870 [ 497.290811][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.290852][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 497.290890][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.290929][ C1] ? rcu_is_watching+0x12/0xc0 [ 497.290969][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 497.291019][ C1] do_settimeofday64+0x323/0x4d0 [ 497.291068][ C1] ? __pfx_do_settimeofday64+0x10/0x10 [ 497.291113][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.291155][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.291200][ C1] ? capable+0xd4/0x110 [ 497.291237][ C1] do_sys_settimeofday64+0x1dc/0x260 [ 497.291293][ C1] __x64_sys_clock_settime+0x1c1/0x2a0 [ 497.291330][ C1] ? __pfx___x64_sys_clock_settime+0x10/0x10 [ 497.291363][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.291411][ C1] do_syscall_64+0xcd/0x4c0 [ 497.291466][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.291499][ C1] RIP: 0033:0x7f8f3d58e929 [ 497.291524][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 497.291556][ C1] RSP: 002b:00007f8f3e4aa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3 [ 497.291585][ C1] RAX: ffffffffffffffda RBX: 00007f8f3d7b5fa0 RCX: 00007f8f3d58e929 [ 497.291607][ C1] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0100000000000000 [ 497.291628][ C1] RBP: 00007f8f3d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 497.291648][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 497.291669][ C1] R13: 0000000000000001 R14: 00007f8f3d7b5fa0 R15: 00007ffc0d86a288 [ 497.291703][ C1] [ 497.292684][ C0] task:modprobe state:R running task stack:25512 pid:10059 tgid:10059 ppid:1050 task_flags:0x400000 flags:0x00004000 [ 497.730759][ C0] Call Trace: [ 497.734052][ C0] [ 497.737005][ C0] __schedule+0x116a/0x5de0 [ 497.741559][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.747262][ C0] ? __pfx___schedule+0x10/0x10 [ 497.752170][ C0] ? __lock_acquire+0x622/0x1c90 [ 497.757171][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.762857][ C0] preempt_schedule_irq+0x51/0x90 [ 497.767934][ C0] irqentry_exit+0x36/0x90 [ 497.772459][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 497.778484][ C0] RIP: 0010:is_bpf_text_address+0xb4/0x1a0 [ 497.784335][ C0] Code: e8 b1 2f cc ff e8 4c e5 d5 ff 89 e8 5b 5d e9 be fa 43 ff e8 9e d6 ef ff e8 99 16 d5 ff 31 ff 89 c3 89 c6 e8 6e d1 ef ff 84 db <75> 95 e8 85 d6 ef ff e8 20 bb b1 09 31 ff 89 c3 89 c6 e8 b5 d1 ef [ 497.803979][ C0] RSP: 0018:ffffc9001d457910 EFLAGS: 00000202 [ 497.810168][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81cc4662 [ 497.818161][ C0] RDX: ffff888030373c00 RSI: 0000000000000000 RDI: 0000000000000001 [ 497.826159][ C0] RBP: 00007f2bafab3eaa R08: 0000000000000001 R09: 0000000000000000 [ 497.834154][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff81a78010 [ 497.842149][ C0] R13: ffffc9001d457a28 R14: 0000000000000000 R15: ffff888030373c00 [ 497.850202][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 497.856422][ C0] ? is_bpf_text_address+0xb2/0x1a0 [ 497.861662][ C0] kernel_text_address+0x8d/0x100 [ 497.866808][ C0] ? __pfx_step_into+0x10/0x10 [ 497.871606][ C0] __kernel_text_address+0xd/0x40 [ 497.876728][ C0] unwind_get_return_address+0x59/0xa0 [ 497.882244][ C0] arch_stack_walk+0xa6/0x100 [ 497.886968][ C0] stack_trace_save+0x8e/0xc0 [ 497.891695][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 497.897113][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 497.902786][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 497.907779][ C0] kasan_save_stack+0x33/0x60 [ 497.912494][ C0] ? kasan_save_stack+0x33/0x60 [ 497.917375][ C0] ? kasan_save_track+0x14/0x30 [ 497.922257][ C0] ? kasan_save_free_info+0x3b/0x60 [ 497.927520][ C0] ? __kasan_slab_free+0x51/0x70 [ 497.932493][ C0] ? kmem_cache_free+0x2d1/0x4d0 [ 497.937457][ C0] ? putname+0x154/0x1a0 [ 497.941734][ C0] ? vfs_fstatat+0x85/0xf0 [ 497.946193][ C0] ? __do_sys_newfstatat+0x97/0x120 [ 497.951430][ C0] ? do_syscall_64+0xcd/0x4c0 [ 497.956159][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.962326][ C0] kasan_save_track+0x14/0x30 [ 497.967035][ C0] kasan_save_free_info+0x3b/0x60 [ 497.972112][ C0] __kasan_slab_free+0x51/0x70 [ 497.976915][ C0] kmem_cache_free+0x2d1/0x4d0 [ 497.981706][ C0] ? __pfx_vfs_statx+0x10/0x10 [ 497.986511][ C0] ? putname+0x154/0x1a0 [ 497.990806][ C0] putname+0x154/0x1a0 [ 497.994918][ C0] vfs_fstatat+0x85/0xf0 [ 497.999239][ C0] __do_sys_newfstatat+0x97/0x120 [ 498.004307][ C0] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 498.009987][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 498.015274][ C0] do_syscall_64+0xcd/0x4c0 [ 498.019831][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.025750][ C0] RIP: 0033:0x7f2bafab3eaa [ 498.030222][ C0] RSP: 002b:00007ffc2f930e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 498.038675][ C0] RAX: ffffffffffffffda RBX: 00007ffc2f930e8b RCX: 00007f2bafab3eaa [ 498.046755][ C0] RDX: 00007ffc2f930f30 RSI: 00007ffc2f930e80 RDI: 00000000ffffff9c [ 498.054747][ C0] RBP: 00007ffc2f930ff0 R08: 00007ffc2f931077 R09: 0000000000000000 [ 498.062736][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022 [ 498.070730][ C0] R13: 00007f2bafa88050 R14: 0000000000000000 R15: 0000000000000000 [ 498.078752][ C0] [ 498.081783][ C0] rcu: rcu_preempt kthread starved for 10495 jiffies! g38313 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 498.093009][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 498.102991][ C0] rcu: RCU grace-period kthread stack dump: [ 498.108887][ C0] task:rcu_preempt state:R running task stack:27672 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 498.122475][ C0] Call Trace: [ 498.125764][ C0] [ 498.128715][ C0] __schedule+0x116a/0x5de0 [ 498.133267][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.138949][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.144791][ C0] ? __lock_acquire+0x622/0x1c90 [ 498.149788][ C0] ? __pfx___schedule+0x10/0x10 [ 498.154781][ C0] ? find_held_lock+0x2b/0x80 [ 498.159495][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.165195][ C0] schedule+0xe7/0x3a0 [ 498.169318][ C0] schedule_timeout+0x123/0x290 [ 498.174213][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 498.179625][ C0] ? __pfx_process_timeout+0x10/0x10 [ 498.184957][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.190627][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 498.196477][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.202144][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 498.207685][ C0] rcu_gp_fqs_loop+0x1ea/0xb00 [ 498.212506][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.218179][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 498.223541][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 498.228790][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 498.233792][ C0] ? rcu_gp_cleanup+0x7c1/0xd90 [ 498.238699][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 498.244555][ C0] rcu_gp_kthread+0x270/0x380 [ 498.249291][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 498.254536][ C0] ? rcu_is_watching+0x12/0xc0 [ 498.259337][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 498.264584][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.270255][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.275920][ C0] ? __kthread_parkme+0x19e/0x250 [ 498.280993][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 498.286238][ C0] kthread+0x3c5/0x780 [ 498.290331][ C0] ? __pfx_kthread+0x10/0x10 [ 498.294945][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.300611][ C0] ? rcu_is_watching+0x12/0xc0 [ 498.305414][ C0] ? __pfx_kthread+0x10/0x10 [ 498.310030][ C0] ret_from_fork+0x5d7/0x6f0 [ 498.314664][ C0] ? __pfx_kthread+0x10/0x10 [ 498.319278][ C0] ret_from_fork_asm+0x1a/0x30 [ 498.324092][ C0] [ 498.327124][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 498.333462][ C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 498.345469][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 498.355544][ C0] Workqueue: events_unbound toggle_allocation_gate [ 498.362110][ C0] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510 [ 498.368875][ C0] Code: e8 ba 17 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 57 1c 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff [ 498.388525][ C0] RSP: 0018:ffffc900001178a0 EFLAGS: 00000293 [ 498.394625][ C0] RAX: 0000000000000000 RBX: ffff8880b853ff60 RCX: ffffffff81b000bd [ 498.402623][ C0] RDX: ffff88801e285a00 RSI: ffffffff81b00099 RDI: 0000000000000005 [ 498.410619][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 498.418616][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 498.426608][ C0] R13: 0000000000000003 R14: ffffed10170a7fed R15: ffff8880b843b6c0 [ 498.434602][ C0] FS: 0000000000000000(0000) GS:ffff888124759000(0000) knlGS:0000000000000000 [ 498.443556][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 498.450163][ C0] CR2: 00007fe009ce56c0 CR3: 000000000e382000 CR4: 0000000000350ef0 [ 498.458162][ C0] Call Trace: [ 498.461458][ C0] [ 498.464405][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 498.469472][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 498.475850][ C0] ? __pfx___text_poke+0x10/0x10 [ 498.480816][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 498.485869][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 498.491021][ C0] ? __kmalloc_node_track_caller_noprof+0xeb/0x510 [ 498.497566][ C0] smp_text_poke_batch_finish+0x27b/0xdb0 [ 498.503328][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 498.508409][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 498.514691][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.520357][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 498.526643][ C0] ? find_held_lock+0x2b/0x80 [ 498.531370][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 498.537389][ C0] jump_label_update+0x376/0x550 [ 498.542375][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 498.548302][ C0] static_key_enable+0x1a/0x20 [ 498.553091][ C0] toggle_allocation_gate+0xfa/0x280 [ 498.558414][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 498.564342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.570014][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 498.575430][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.581101][ C0] process_one_work+0x9cf/0x1b70 [ 498.586080][ C0] ? __pfx_bond_alb_monitor+0x10/0x10 [ 498.591482][ C0] ? __pfx_process_one_work+0x10/0x10 [ 498.596899][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.602577][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.608246][ C0] ? assign_work+0x1a0/0x250 [ 498.612892][ C0] worker_thread+0x6c8/0xf10 [ 498.617530][ C0] ? __pfx_worker_thread+0x10/0x10 [ 498.622669][ C0] kthread+0x3c5/0x780 [ 498.626769][ C0] ? __pfx_kthread+0x10/0x10 [ 498.631386][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 498.637054][ C0] ? rcu_is_watching+0x12/0xc0 [ 498.641858][ C0] ? __pfx_kthread+0x10/0x10 [ 498.646476][ C0] ret_from_fork+0x5d7/0x6f0 [ 498.651113][ C0] ? __pfx_kthread+0x10/0x10 [ 498.655730][ C0] ret_from_fork_asm+0x1a/0x30 [ 498.660547][ C0] [ 639.838403][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 245s! [kworker/u8:0:12] [ 639.838438][ C0] Modules linked in: [ 639.838455][ C0] irq event stamp: 4711194 [ 639.838467][ C0] hardirqs last enabled at (4711193): [] irqentry_exit+0x3b/0x90 [ 639.838537][ C0] hardirqs last disabled at (4711194): [] sysvec_apic_timer_interrupt+0xe/0xc0 [ 639.838598][ C0] softirqs last enabled at (4711184): [] handle_softirqs+0x5be/0x8e0 [ 639.838647][ C0] softirqs last disabled at (4711093): [] __irq_exit_rcu+0x109/0x170 [ 639.838701][ C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 639.838747][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 639.838772][ C0] Workqueue: events_unbound toggle_allocation_gate [ 639.838813][ C0] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510 [ 639.838863][ C0] Code: e8 ba 17 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 57 1c 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff [ 639.838899][ C0] RSP: 0018:ffffc900001178a0 EFLAGS: 00000293 [ 639.838926][ C0] RAX: 0000000000000000 RBX: ffff8880b853ff60 RCX: ffffffff81b000bd [ 639.838950][ C0] RDX: ffff88801e285a00 RSI: ffffffff81b00099 RDI: 0000000000000005 [ 639.838973][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 639.838995][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 639.839018][ C0] R13: 0000000000000003 R14: ffffed10170a7fed R15: ffff8880b843b6c0 [ 639.839044][ C0] FS: 0000000000000000(0000) GS:ffff888124759000(0000) knlGS:0000000000000000 [ 639.839075][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 639.839100][ C0] CR2: 00007fe009ce56c0 CR3: 000000000e382000 CR4: 0000000000350ef0 [ 639.839123][ C0] Call Trace: [ 639.839135][ C0] [ 639.839151][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 639.839200][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 639.839264][ C0] ? __pfx___text_poke+0x10/0x10 [ 639.839301][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 639.839335][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 639.839383][ C0] ? __kmalloc_node_track_caller_noprof+0xeb/0x510 [ 639.839427][ C0] smp_text_poke_batch_finish+0x27b/0xdb0 [ 639.839472][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 639.839533][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 639.839583][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.839627][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 639.839671][ C0] ? find_held_lock+0x2b/0x80 [ 639.839727][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 639.839771][ C0] jump_label_update+0x376/0x550 [ 639.839810][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 639.839848][ C0] static_key_enable+0x1a/0x20 [ 639.839881][ C0] toggle_allocation_gate+0xfa/0x280 [ 639.839923][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 639.839968][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.840013][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 639.840065][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.840111][ C0] process_one_work+0x9cf/0x1b70 [ 639.840161][ C0] ? __pfx_bond_alb_monitor+0x10/0x10 [ 639.840198][ C0] ? __pfx_process_one_work+0x10/0x10 [ 639.840234][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.840293][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.840336][ C0] ? assign_work+0x1a0/0x250 [ 639.840402][ C0] worker_thread+0x6c8/0xf10 [ 639.840459][ C0] ? __pfx_worker_thread+0x10/0x10 [ 639.840496][ C0] kthread+0x3c5/0x780 [ 639.840529][ C0] ? __pfx_kthread+0x10/0x10 [ 639.840562][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 639.840605][ C0] ? rcu_is_watching+0x12/0xc0 [ 639.840651][ C0] ? __pfx_kthread+0x10/0x10 [ 639.840685][ C0] ret_from_fork+0x5d7/0x6f0 [ 639.840736][ C0] ? __pfx_kthread+0x10/0x10 [ 639.840769][ C0] ret_from_fork_asm+0x1a/0x30 [ 639.840829][ C0] [ 639.840842][ C0] Sending NMI from CPU 0 to CPUs 1: [ 640.229479][ C1] NMI backtrace for cpu 1 [ 640.229502][ C1] CPU: 1 UID: 0 PID: 10062 Comm: syz.3.1327 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 640.229545][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 640.229564][ C1] RIP: 0010:lock_is_held_type+0x8b/0x150 [ 640.229621][ C1] Code: ac 24 f0 0a 00 00 45 31 ff e8 61 14 00 00 65 ff 05 22 b1 4e 08 41 8b 84 24 e8 0a 00 00 85 c0 7f 17 e9 92 00 00 00 41 83 c7 01 <45> 3b bc 24 e8 0a 00 00 0f 8d 80 00 00 00 49 63 c7 48 89 ee 48 8d [ 640.229654][ C1] RSP: 0018:ffffc90000a08e00 EFLAGS: 00000002 [ 640.229680][ C1] RAX: 0000000000000000 RBX: ffff888033ae28f0 RCX: 0000000000000001 [ 640.229700][ C1] RDX: 0000000000000000 RSI: ffff8880b8527c98 RDI: ffff888033ae28f0 [ 640.229722][ C1] RBP: ffff8880b8527c98 R08: 0000000000000005 R09: 0000000000000000 [ 640.229742][ C1] R10: 0000000000000001 R11: ffffffff9af65e40 R12: ffff888033ae1e00 [ 640.229763][ C1] R13: ffff888033ae28f0 R14: 00000000ffffffff R15: 0000000000000001 [ 640.229788][ C1] FS: 00007f8f3e4aa6c0(0000) GS:ffff888124859000(0000) knlGS:0000000000000000 [ 640.229817][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 640.229839][ C1] CR2: 00007f8f3e4a9f98 CR3: 0000000048e63000 CR4: 0000000000350ef0 [ 640.229860][ C1] Call Trace: [ 640.229873][ C1] [ 640.229889][ C1] __hrtimer_run_queues+0x86a/0xad0 [ 640.229934][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 640.229970][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.230018][ C1] hrtimer_interrupt+0x397/0x8e0 [ 640.230067][ C1] __sysvec_apic_timer_interrupt+0x10b/0x3f0 [ 640.230122][ C1] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 640.230169][ C1] [ 640.230180][ C1] [ 640.230191][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 640.230227][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 [ 640.230282][ C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 36 d0 17 f6 48 89 df e8 1e 24 18 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 01 00 00 00 e8 55 44 08 f6 65 8b 05 4e ca 4b 08 85 c0 74 16 5b [ 640.230314][ C1] RSP: 0018:ffffc9001ddc7ca8 EFLAGS: 00000246 [ 640.230339][ C1] RAX: 0000000000000006 RBX: ffff8880b8427c80 RCX: 0000000000000007 [ 640.230360][ C1] RDX: 0000000000000000 RSI: ffffffff8de15801 RDI: ffffffff8c1567e0 [ 640.230381][ C1] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000001 [ 640.230401][ C1] R10: ffffffff90a82f57 R11: 0000000000000001 R12: 0000000000000000 [ 640.230422][ C1] R13: 3aef2525c4c74d0b R14: dffffc0000000000 R15: ffff8880b8427c80 [ 640.230458][ C1] clock_was_set+0x599/0x870 [ 640.230498][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.230538][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 640.230576][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.230614][ C1] ? rcu_is_watching+0x12/0xc0 [ 640.230654][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 640.230704][ C1] do_settimeofday64+0x323/0x4d0 [ 640.230752][ C1] ? __pfx_do_settimeofday64+0x10/0x10 [ 640.230796][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.230839][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.230877][ C1] ? capable+0xd4/0x110 [ 640.230914][ C1] do_sys_settimeofday64+0x1dc/0x260 [ 640.230968][ C1] __x64_sys_clock_settime+0x1c1/0x2a0 [ 640.231004][ C1] ? __pfx___x64_sys_clock_settime+0x10/0x10 [ 640.231038][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.231084][ C1] do_syscall_64+0xcd/0x4c0 [ 640.231138][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.231171][ C1] RIP: 0033:0x7f8f3d58e929 [ 640.231195][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.231227][ C1] RSP: 002b:00007f8f3e4aa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3 [ 640.231263][ C1] RAX: ffffffffffffffda RBX: 00007f8f3d7b5fa0 RCX: 00007f8f3d58e929 [ 640.231285][ C1] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0100000000000000 [ 640.231306][ C1] RBP: 00007f8f3d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 640.231327][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.231347][ C1] R13: 0000000000000001 R14: 00007f8f3d7b5fa0 R15: 00007ffc0d86a288 [ 640.231379][ C1] [ 640.231471][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 640.647237][ C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G L 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) [ 640.660820][ C0] Tainted: [L]=SOFTLOCKUP [ 640.665155][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 640.675234][ C0] Workqueue: events_unbound toggle_allocation_gate [ 640.681786][ C0] Call Trace: [ 640.685099][ C0] [ 640.687962][ C0] dump_stack_lvl+0x3d/0x1f0 [ 640.692611][ C0] panic+0x71c/0x800 [ 640.696555][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.702229][ C0] ? __pfx_panic+0x10/0x10 [ 640.706718][ C0] ? __pfx__printk+0x10/0x10 [ 640.711366][ C0] ? nmi_backtrace_stall_check+0x6e/0x540 [ 640.717135][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.722800][ C0] ? irq_work_queue+0xce/0x100 [ 640.727604][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.733270][ C0] ? watchdog_timer_fn+0x5f9/0x7d0 [ 640.738418][ C0] ? watchdog_timer_fn+0x5ec/0x7d0 [ 640.743569][ C0] watchdog_timer_fn+0x60a/0x7d0 [ 640.748547][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 640.754039][ C0] __hrtimer_run_queues+0x5ed/0xad0 [ 640.759278][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 640.765029][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.770759][ C0] hrtimer_interrupt+0x397/0x8e0 [ 640.775794][ C0] __sysvec_apic_timer_interrupt+0x10b/0x3f0 [ 640.781863][ C0] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 640.787555][ C0] [ 640.790503][ C0] [ 640.793451][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 640.799470][ C0] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510 [ 640.806195][ C0] Code: e8 ba 17 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 57 1c 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff [ 640.825862][ C0] RSP: 0018:ffffc900001178a0 EFLAGS: 00000293 [ 640.831961][ C0] RAX: 0000000000000000 RBX: ffff8880b853ff60 RCX: ffffffff81b000bd [ 640.839951][ C0] RDX: ffff88801e285a00 RSI: ffffffff81b00099 RDI: 0000000000000005 [ 640.848032][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 640.856023][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 640.864110][ C0] R13: 0000000000000003 R14: ffffed10170a7fed R15: ffff8880b843b6c0 [ 640.872119][ C0] ? smp_call_function_many_cond+0xd9d/0x1510 [ 640.878227][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 640.884350][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 640.889418][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 640.895797][ C0] ? __pfx___text_poke+0x10/0x10 [ 640.900763][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 640.905810][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 640.910961][ C0] ? __kmalloc_node_track_caller_noprof+0xeb/0x510 [ 640.917504][ C0] smp_text_poke_batch_finish+0x27b/0xdb0 [ 640.923263][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 640.928345][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 640.934630][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.940296][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 640.946574][ C0] ? find_held_lock+0x2b/0x80 [ 640.951331][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 640.957350][ C0] jump_label_update+0x376/0x550 [ 640.962317][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 640.968250][ C0] static_key_enable+0x1a/0x20 [ 640.973038][ C0] toggle_allocation_gate+0xfa/0x280 [ 640.978358][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 640.984282][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.989951][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 640.995363][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 641.001039][ C0] process_one_work+0x9cf/0x1b70 [ 641.006024][ C0] ? __pfx_bond_alb_monitor+0x10/0x10 [ 641.011422][ C0] ? __pfx_process_one_work+0x10/0x10 [ 641.016826][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 641.022506][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 641.028174][ C0] ? assign_work+0x1a0/0x250 [ 641.032850][ C0] worker_thread+0x6c8/0xf10 [ 641.037509][ C0] ? __pfx_worker_thread+0x10/0x10 [ 641.042688][ C0] kthread+0x3c5/0x780 [ 641.046790][ C0] ? __pfx_kthread+0x10/0x10 [ 641.051409][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 641.057082][ C0] ? rcu_is_watching+0x12/0xc0 [ 641.061889][ C0] ? __pfx_kthread+0x10/0x10 [ 641.066510][ C0] ret_from_fork+0x5d7/0x6f0 [ 641.071145][ C0] ? __pfx_kthread+0x10/0x10 [ 641.075770][ C0] ret_from_fork_asm+0x1a/0x30 [ 641.080595][ C0] [ 642.247758][ C0] Shutting down cpus with NMI [ 642.252752][ C0] Kernel Offset: disabled [ 642.257087][ C0] Rebooting in 86400 seconds..