last executing test programs: 2m44.825388945s ago: executing program 4 (id=324): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102) write$bt_hci(r3, 0x0, 0x20000) 2m44.252317853s ago: executing program 4 (id=329): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000240)='tlb_flush\x00', r0}, 0x10) 2m44.056375033s ago: executing program 4 (id=332): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r0 = socket$inet6(0xa, 0x3, 0x5) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=r0], 0x108}}], 0x2, 0xc040) 2m43.822521193s ago: executing program 4 (id=337): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000cc0)={[{@user_xattr}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x58}}, {@noauto_da_alloc}, {@noauto_da_alloc}, {@grpquota}, {@usrjquota}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") chdir(&(0x7f0000000440)='./file0\x00') creat(&(0x7f0000000380)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(0x0, 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) 2m43.338460465s ago: executing program 4 (id=340): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102) write$bt_hci(r3, 0x0, 0x20000) 2m41.411708087s ago: executing program 4 (id=352): r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='fdinfo\x00') fchdir(r0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) r1 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r1, &(0x7f0000001780)={&(0x7f00000003c0)=@caif=@rfm={0x25, 0xe, "fb95785b587f23ba61bfb990191a2af1"}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001800)="a5", 0x1}], 0x1}, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_qrtr_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000180)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) ptrace(0x10, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, 0x0) ptrace$peeksig(0x4209, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x4e}, &(0x7f0000000fc0)) 2m40.802726383s ago: executing program 32 (id=352): r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='fdinfo\x00') fchdir(r0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) r1 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r1, &(0x7f0000001780)={&(0x7f00000003c0)=@caif=@rfm={0x25, 0xe, "fb95785b587f23ba61bfb990191a2af1"}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001800)="a5", 0x1}], 0x1}, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_qrtr_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000180)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) ptrace(0x10, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, 0x0) ptrace$peeksig(0x4209, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x4e}, &(0x7f0000000fc0)) 1m10.145743339s ago: executing program 3 (id=656): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa5400008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0063"], 0x3c}}, 0x0) 1m9.150994971s ago: executing program 3 (id=660): socket(0x10, 0x803, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0) syz_emit_vhci(0x0, 0x5) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000500) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x400000000000000, 0x0, 0x0) recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x0) 1m7.928517606s ago: executing program 3 (id=665): socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioperm(0x7, 0x81, 0x2) mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil) r1 = socket$kcm(0x29, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) write$cgroup_pressure(r1, &(0x7f0000000140)={'full'}, 0xfffffdef) ioctl$int_in(r1, 0x5452, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r2, &(0x7f0000000340), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9) shutdown(r2, 0x1) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f00004c4000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000818) setsockopt$sock_attach_bpf(r1, 0x1, 0x7, &(0x7f0000000340), 0x4) 1m6.201969972s ago: executing program 3 (id=671): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x28}}, 0x6, 0x2, 0x3, 0x6, 0xfffe, 0x3}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x4, 0xb9, &(0x7f0000000440)=""/185, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x1, 0x5, 0x7}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000740)=[{0x2, 0x5, 0xe, 0x1}, {0x5, 0x3}, {0x3, 0x2, 0x10, 0x3d0fad6d7b6fcb7a}, {0x4, 0x2, 0x1}, {0x3, 0x2, 0x0, 0xa}, {0x3, 0x4, 0x4, 0x6}, {0x1, 0x3, 0xc, 0x7}, {0x2, 0x5, 0x7, 0x4}], 0x10, 0x9}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000800)=ANY=[@ANYBLOB], 0x0, 0x1a, 0x0, 0x6, 0x5}, 0x28) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='map_files\x00') getdents64(r4, &(0x7f0000000080)=""/147, 0x93) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) renameat2(0xffffffffffffffff, &(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x5) lseek(0xffffffffffffffff, 0x2004, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0) getdents64(r4, &(0x7f00000005c0)=""/20, 0x14) sendmsg$NFT_BATCH(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a24000000020a01080000000000000000050000060800024000000003080002400000000014000000110001"], 0x4c}}, 0xc050) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0xa, 0x4e24, 0xf, @empty, 0x8}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000100)="cb61f9404efe384b0e7dc24ae669ae11e1e839e5f5467a9aba43a6533b3e45dcc4609ca444b8193b53d2ba21387349899044195569ef61a5e3d17c889fe150a579fbc2865955def0777a8128cff945a121a693a49922651fcc548b947c5f2658155980d9f033f5bf1e84db2c788ec6ea9c731c19f7e9ee9f85c17ba1ce07ab7088650951ddc9ed5b7e252d6f2a4d418e565debdd37e9124b8cc7b324cef250", 0x9f}, {&(0x7f00000001c0)="48b355dc6782c1988eb703fc187fb572393c8880af15b43a4c2bc2f52ad15d3222bb358cb595fa3b75eb0a3f1383583794ebdb0f23bca87f11298f006167800c20017ace02e0a55a636b17271b89b32cf41e5b508ddb3d727f123976e37cb51d725ffb5341348b526a9e15bf334a175ac5e0bbe96152036f1fd161677a6ca4ff88f3d1a123e1f2273e5b836d7581bdbbf7828085", 0x94}, {&(0x7f0000000280)="b9213d634b0c646bddf8f7426f2c406e890e22382b35e212d8b5bdb04788413a311561e98665daa8b6809066e05c31ed6d06ddea059bc1551dd929dea2c446ce956fbda0389b2791587fd958f7c27cc3dc0d21a1a86a99f2574e86d986f92d57c811", 0x62}, {&(0x7f0000000300)="3296aafabc301b632c47e59842c0321f4e41230a1cc135537bad7e13316a901ee563d865024502ef73440b8b5724627ebf918262040f31d2876eb4898835b31a28bb0518b318b2bcfcd0756f5cd440b126530f820433c62fa35157175f1827a03a4e18c90edce2e3d2ba60b053916fac25c7e9f751d34e7bd7b946b8304b0fa166dad88eb8269a47ea6c8040278c45a18011e0e4e066f774c4a4f86e674df11dcdcdf4651590cc916efea15c029278b7d86f054c0d5fb44e43a2d71cf7541c7aca00440c1803bce99296befd7cfccb989846c2e19c75d7e07a167493c1411b", 0xdf}, {&(0x7f0000000400)="21f2c21de1f7de181888b6a831eac22b6cabaee8c8b99ca64e4065ad02f14de395b5dda8dcb87770a8d9f1e073b481533c3e9e55528082f89c702dbf1f5978649aa3e30cf52b139931593fa9f8570881d6f57ff92ef18ff806872d262c0eef", 0x5f}], 0x5}, 0x11) r6 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0) syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r7, 0xc0145b0d, &(0x7f0000000040)) 1m1.377641222s ago: executing program 3 (id=683): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)={0xb8, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x37}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}]}, 0xb8}}, 0x0) openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="0c010000161001040000000000000000fc000000000000000000000000000000ac14141a0000000000000000000000000004000000000000000000000000000060f9fbec0b094a05570756f204f256768ae0b6839862336715e3ed9bd9ef17b06228006935d1b5e3b5a4ce2cd225287fca12177728171ec0a86128528b3062ca2c44d2d0480100e0c55d04d4d3b3b94f4c6aa0176bf074872ee0d7bd6a9a1fb18c206c82d3ada7eaa7eda8ed252659d3e8787c202e2a1f19a22b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000242000000033000000ac1414bb000000000000000000000000030000000000000000000000000000000500000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000feffffff0000000000000000d000000008000000ffffffff04001b0008001600400000000c0008000800080000050000"], 0x10c}}, 0x20004808) socket(0x200000000000011, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r5, @ANYBLOB="010000000000001f0000540000000e0001006e657464657673696d0000000f0002"], 0x34}}, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x4, 0x0, 0x800, 0x0, 0x10, 0x0, 0x1}, 0x0) syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xffffff35) r6 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r6, &(0x7f0000000080)={0x18, 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, 'gretap0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r6, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @remote, 'caif0\x00'}}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000003c0007010000000000000000017cfb000400fc800c00018008000600ffff00000800028004"], 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 56.877278246s ago: executing program 3 (id=693): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) readv(r1, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 41.142367197s ago: executing program 33 (id=693): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) readv(r1, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 13.167991459s ago: executing program 1 (id=804): r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xfc, 0x20000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x80879) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000001222d31ea289b040500000000000000d6272fd1b4b4174909d66001d59ae7c225b3d4e63db52d0866de28cfdc4f3b64ab9d4b8cbbebb246d1b24311e405fd720e569242e945f7bdfd4ea4f1bed19471e7574fe7"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r3 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000080)={0x0, 0x7d, 0x20f}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000002, 0x30, 0xffffffffffffffff, 0x8000000) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x24000008) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, 0x0) r7 = gettid() kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, r1, &(0x7f0000000280)={r1, r3, 0xffff}) socket$inet6(0xa, 0x3, 0xff) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) 11.707747744s ago: executing program 1 (id=810): futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, 0x0, &(0x7f00000004c0)=0x1, 0x2) 11.562945101s ago: executing program 5 (id=811): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0) write$ppp(r0, 0x0, 0x0) 10.625252532s ago: executing program 5 (id=815): mmap$IORING_OFF_SQ_RING(&(0x7f000040d000/0x4000)=nil, 0x4000, 0xd, 0x11, 0xffffffffffffffff, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x6, 0x7, 0x9, 0x0, 0x1, "100056f200"}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) openat$ttyS3(0xffffff9c, &(0x7f0000000140), 0x20040, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = syz_open_dev$evdev(0x0, 0x0, 0x200) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f0000000100)=[0x0, 0x0], 0x0, 0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, 0x0) ioctl$DRM_IOCTL_MODE_CURSOR2(r4, 0xc02464bb, &(0x7f0000000080)={0x3, r5, 0x1fa, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4040}) r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, 0x0) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)}) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet6(0xa, 0x3, 0x1) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) r7 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r7, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1}) 9.513762034s ago: executing program 1 (id=816): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa5400008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x3c}}, 0x0) 9.418532906s ago: executing program 1 (id=817): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000) sendmmsg$unix(r1, &(0x7f0000000540), 0x0, 0x4040880) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r4, &(0x7f0000000100)={0x18, 0x0, {0xfffe, @empty, 'veth1_to_bond\x00'}}, 0x1e) r5 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r5, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e) close(r4) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000140), 0x8) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[@ANYBLOB], 0x14}}, 0x0) syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0) r7 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x80402) pwrite64(r7, &(0x7f00000004c0)="2ad0f8654ad1097e98d1bbe495953836040e41cb0f6c783efd616c41a12ecc83b3c0fe64985caababc5d9d4ea437f5d1658a3435a10d038a78a8fb306d", 0x3d, 0x9) sendmsg$nl_route_sched(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a00)=@newtaction={0x7c, 0x1e, 0x109, 0x100, 0x25dfdbff, {}, [{0x68, 0x1, [@m_vlan={0x34, 0xc, 0x0, 0x0, {{0x9}, {0x4}, {0x6, 0x6, "6b05"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ctinfo={0x30, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x7c}, 0x1, 0x2b1e}, 0x408d4) 9.20569345s ago: executing program 0 (id=819): r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xfc, 0x20000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x80879) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000001222d31ea289b040500000000000000d6272fd1b4b4174909d66001d59ae7c225b3d4e63db52d0866de28cfdc4f3b64ab9d4b8cbbebb246d1b24311e405fd720e569242e945f7bdfd4ea4f1bed19471e7574fe7"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r3 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000080)={0x0, 0x7d, 0x20f}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000002, 0x30, 0xffffffffffffffff, 0x8000000) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x24000008) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, 0x0) r7 = gettid() kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, r1, &(0x7f0000000280)={r1, r3, 0xffff}) socket$inet6(0xa, 0x3, 0xff) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) 7.473640965s ago: executing program 2 (id=820): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f040000000000000000008500000005000000850000007d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x18) timer_delete(0x0) 6.980221216s ago: executing program 2 (id=821): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0xa, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b1", 0x3, 0x1, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 6.716624921s ago: executing program 0 (id=822): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$inet6(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r2}, 0x18) sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 6.253698691s ago: executing program 0 (id=823): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 5.899214846s ago: executing program 2 (id=824): openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0) syz_emit_ethernet(0x2a, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x60000000, 0x8, 0x0, 0x0, 0x0, 0x4}, 0x50) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.788246733s ago: executing program 5 (id=825): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4000001, 0x0) fanotify_init(0x200, 0x0) socket(0x1d, 0x2, 0x6) r4 = socket$tipc(0x1e, 0x5, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) sendmsg$tipc(r5, &(0x7f00000003c0)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x1, {{0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x26040885}, 0x20000040) pselect6(0x40, &(0x7f0000000040)={0xa4, 0x4000000000000000, 0x1, 0x3fc, 0x0, 0xfffffffffffffffd}, &(0x7f0000000240)={0x18, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800000000, 0x8000000000000, 0x2}, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, 0x0) 4.973697434s ago: executing program 0 (id=826): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa5400008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x3c}}, 0x0) 4.201037933s ago: executing program 5 (id=827): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() syz_open_dev$usbfs(0x0, 0x8, 0x80) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x1000080, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0xfffffffc, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0x1000, 0x1, 0xf557, 0x2, 0x5, 0x7c, 0xce, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x80000000, 0x1000000d, 0xe9c4, 0xcd8, 0x6c, 0x6, 0x7, 0xd, 0x8a, 0x3, 0x88, 0x3, 0x3, 0x3, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xfffff801, 0x5, 0xa, 0x0, 0x7, 0x8, 0x5, 0x0, 0x6, 0x8, 0x23, 0xff, 0x3, 0x10, 0x3, 0xffffffff, 0x6, 0x6000000, 0xd1, 0xf, 0x4, 0xa, 0x0, 0x400, 0x80000000, 0x9000, 0x3, 0x2000005, 0x2, 0x0, 0x5, 0x8, 0x80, 0x4, 0x2, 0x0, 0xd, 0x6, 0x3, 0x8, 0x10, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x7, 0x202, 0xbde, 0x37, 0x9, 0x4, 0x1, 0x9, 0x6, 0x7fff, 0x1, 0x704, 0x33e4, 0x401, 0x5, 0x7fff, 0x8, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x5, 0x5, 0x8, 0x3, 0x80000000, 0xfffffffa]}}) bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000500)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000057a0706c6d035f0b972e6b62f3f1ab1a6537eb74e02616cd7d7a9abddde5e179e30c59d8c8e805ab1f7e9b1f74cc24b4797270671b96cccbbfeed2f0f66c691922fbe20a1866aa0e6c5537f66504325b5953e20f80a5d18803c336c4d142409cebd12307f2b2cff8102b0e2941c62b981d4a22804204c4547ec3aedc000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0xc) 4.10868526s ago: executing program 0 (id=828): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x20002, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) syz_open_dev$vim2m(0x0, 0x2, 0x2) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x2000000, 0x33}, 0x0, @in6=@loopback, 0x0, 0x3, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0) 4.018218395s ago: executing program 2 (id=829): syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x4, 0x8, 0x79, 0x9, 0x2, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x700, 0x8f, 0x4c3b1806}}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) r7 = syz_open_dev$vim2m(0x0, 0x7f, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x40000000000001, 0x0, 0x1, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x18}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e20, 0x0, 0x4e20, 0x0, 0xa, 0x80, 0x0, 0x6c, r0}, {0x8, 0xb, 0x8, 0xd77, 0x7324, 0xcd59, 0x6, 0x401}, {0x9, 0x1, 0x8, 0xe}, 0x8000, 0x6e6bb2, 0x1, 0x1, 0x7, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0xa, @in=@multicast1, 0x3501, 0x0, 0x3, 0x9, 0x3, 0x4a6, 0x7fffffff}}, 0xe8) 2.929791847s ago: executing program 5 (id=830): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a24000000020a01080000000000000000050000060800024000000003080002400000000014000000110001"], 0x4c}}, 0xc050) 1.878297549s ago: executing program 0 (id=831): r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xfc, 0x20000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x80879) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000001222d31ea289b040500000000000000d6272fd1b4b4174909d66001d59ae7c225b3d4e63db52d0866de28cfdc4f3b64ab9d4b8cbbebb246d1b24311e405fd720e569242e945f7bdfd4ea4f1bed19471e7574fe7"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r3 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000080)={0x0, 0x7d, 0x20f}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000002, 0x30, 0xffffffffffffffff, 0x8000000) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x24000008) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, 0x0) r7 = gettid() kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, r1, &(0x7f0000000280)={r1, r3, 0xffff}) socket$inet6(0xa, 0x3, 0xff) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) 1.683267014s ago: executing program 1 (id=832): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$inet6(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 1.562293122s ago: executing program 2 (id=833): openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0) syz_emit_ethernet(0x2a, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x60000000, 0x8, 0x0, 0x0, 0x0, 0x4}, 0x50) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_io_uring_setup(0x234, 0x0, &(0x7f0000000280), &(0x7f0000000100)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.407751626s ago: executing program 5 (id=834): mmap$IORING_OFF_SQ_RING(&(0x7f000040d000/0x4000)=nil, 0x4000, 0xd, 0x11, 0xffffffffffffffff, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x6, 0x7, 0x9, 0x0, 0x1, "100056f200"}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) openat$ttyS3(0xffffff9c, &(0x7f0000000140), 0x20040, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = syz_open_dev$evdev(0x0, 0x0, 0x200) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f0000000100)=[0x0, 0x0], 0x0, 0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, 0x0) ioctl$DRM_IOCTL_MODE_CURSOR2(r4, 0xc02464bb, &(0x7f0000000080)={0x3, r5, 0x1fa, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4040}) r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, 0x0) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)}) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet6(0xa, 0x3, 0x1) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) r7 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r7, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1}) 824.901921ms ago: executing program 1 (id=835): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18) sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5) 0s ago: executing program 2 (id=836): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4000001, 0x0) fanotify_init(0x200, 0x0) socket(0x1d, 0x2, 0x6) r4 = socket$tipc(0x1e, 0x5, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) sendmsg$tipc(r5, &(0x7f00000003c0)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x1, {{0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x26040885}, 0x20000040) pselect6(0x40, &(0x7f0000000040)={0xa4, 0x4000000000000000, 0x1, 0x3fc, 0x0, 0xfffffffffffffffd}, &(0x7f0000000240)={0x18, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800000000, 0x8000000000000, 0x2}, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, 0x0) kernel console output (not intermixed with test programs): 78] bridge_slave_0: entered allmulticast mode [ 84.670291][ T5878] bridge_slave_0: entered promiscuous mode [ 84.680277][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.693581][ T5868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.704611][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.728547][ T5878] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.735878][ T5878] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.743434][ T5878] bridge_slave_1: entered allmulticast mode [ 84.750444][ T5878] bridge_slave_1: entered promiscuous mode [ 84.830799][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.858249][ T5879] team0: Port device team_slave_0 added [ 84.879550][ T5869] team0: Port device team_slave_0 added [ 84.888791][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.922853][ T5879] team0: Port device team_slave_1 added [ 84.931508][ T5878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.942930][ T5868] team0: Port device team_slave_0 added [ 84.950472][ T5869] team0: Port device team_slave_1 added [ 84.972875][ T5878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.019547][ T5868] team0: Port device team_slave_1 added [ 85.042522][ T5873] team0: Port device team_slave_0 added [ 85.062154][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.069129][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.095799][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.112056][ T5871] Bluetooth: hci0: command tx timeout [ 85.121394][ T5871] Bluetooth: hci4: command tx timeout [ 85.124016][ T5877] Bluetooth: hci1: command tx timeout [ 85.164132][ T5873] team0: Port device team_slave_1 added [ 85.170671][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.177742][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.204477][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.216467][ T5877] Bluetooth: hci3: command tx timeout [ 85.219567][ T5871] Bluetooth: hci2: command tx timeout [ 85.230231][ T5878] team0: Port device team_slave_0 added [ 85.239477][ T5878] team0: Port device team_slave_1 added [ 85.246193][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.253206][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.279253][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.291082][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.298147][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.324442][ T5868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.347408][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.354880][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.381030][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.418365][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.425636][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.451972][ T5868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.478216][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.485355][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.512676][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.525611][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.533101][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.559783][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.588202][ T5878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.595261][ T5878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.621585][ T5878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.669156][ T5878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.676304][ T5878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.702565][ T5878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.743910][ T5869] hsr_slave_0: entered promiscuous mode [ 85.750280][ T5869] hsr_slave_1: entered promiscuous mode [ 85.836536][ T5879] hsr_slave_0: entered promiscuous mode [ 85.842919][ T5879] hsr_slave_1: entered promiscuous mode [ 85.849166][ T5879] debugfs: 'hsr0' already exists in 'hsr' [ 85.855309][ T5879] Cannot create hsr debugfs directory [ 85.892913][ T5873] hsr_slave_0: entered promiscuous mode [ 85.899261][ T5873] hsr_slave_1: entered promiscuous mode [ 85.905936][ T5873] debugfs: 'hsr0' already exists in 'hsr' [ 85.911812][ T5873] Cannot create hsr debugfs directory [ 85.934629][ T5878] hsr_slave_0: entered promiscuous mode [ 85.941753][ T5878] hsr_slave_1: entered promiscuous mode [ 85.948030][ T5878] debugfs: 'hsr0' already exists in 'hsr' [ 85.954266][ T5878] Cannot create hsr debugfs directory [ 85.964135][ T5868] hsr_slave_0: entered promiscuous mode [ 85.970547][ T5868] hsr_slave_1: entered promiscuous mode [ 85.977790][ T5868] debugfs: 'hsr0' already exists in 'hsr' [ 85.983761][ T5868] Cannot create hsr debugfs directory [ 86.629677][ T5879] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.643211][ T5879] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.665338][ T5879] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.685861][ T5879] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.750527][ T5869] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.787290][ T5869] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.798128][ T5869] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.816160][ T5869] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.875132][ T982] cfg80211: failed to load regulatory.db [ 86.897665][ T5868] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 86.928828][ T5868] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 86.940728][ T5868] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 86.966420][ T5868] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 87.029152][ T5878] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.042495][ T5878] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.076799][ T5878] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.089360][ T5878] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.106035][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.179170][ T5879] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.192208][ T5871] Bluetooth: hci1: command tx timeout [ 87.192359][ T5877] Bluetooth: hci4: command tx timeout [ 87.197624][ T5184] Bluetooth: hci0: command tx timeout [ 87.218837][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.226158][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.238780][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.245963][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.271618][ T5877] Bluetooth: hci2: command tx timeout [ 87.272042][ T5871] Bluetooth: hci3: command tx timeout [ 87.329662][ T5873] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.348336][ T5873] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.362491][ T5873] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.373105][ T5873] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.444054][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.478260][ T5869] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.519077][ T5868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.544061][ T3535] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.551358][ T3535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.597290][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.604502][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.620026][ T5868] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.647158][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.654342][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.705117][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.712359][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.813029][ T5878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.945250][ T5878] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.963827][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.994155][ T3535] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.001442][ T3535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.037095][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.044833][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.066571][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.118696][ T5873] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.179370][ T3535] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.186605][ T3535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.234808][ T3535] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.242165][ T3535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.374239][ T5879] veth0_vlan: entered promiscuous mode [ 88.457187][ T5879] veth1_vlan: entered promiscuous mode [ 88.509551][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.557212][ T5868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.636421][ T5879] veth0_macvtap: entered promiscuous mode [ 88.701991][ T5879] veth1_macvtap: entered promiscuous mode [ 88.734839][ T5869] veth0_vlan: entered promiscuous mode [ 88.797597][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.835164][ T5869] veth1_vlan: entered promiscuous mode [ 88.858975][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.897405][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.919484][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.948596][ T1037] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.963597][ T1037] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.017534][ T5878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.042762][ T5869] veth0_macvtap: entered promiscuous mode [ 89.056602][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.085014][ T5869] veth1_macvtap: entered promiscuous mode [ 89.200743][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.223788][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.244590][ T5878] veth0_vlan: entered promiscuous mode [ 89.272087][ T5871] Bluetooth: hci4: command tx timeout [ 89.274034][ T5877] Bluetooth: hci1: command tx timeout [ 89.277515][ T5184] Bluetooth: hci0: command tx timeout [ 89.306125][ T1037] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.315409][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.327377][ T1037] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.330093][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.341187][ T5878] veth1_vlan: entered promiscuous mode [ 89.353157][ T5871] Bluetooth: hci3: command tx timeout [ 89.358593][ T5871] Bluetooth: hci2: command tx timeout [ 89.384373][ T1037] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.396574][ T1037] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.463000][ T5873] veth0_vlan: entered promiscuous mode [ 89.493824][ T5868] veth0_vlan: entered promiscuous mode [ 89.519412][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.533775][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.537059][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.547827][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.589256][ T5868] veth1_vlan: entered promiscuous mode [ 89.621746][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.623934][ T5873] veth1_vlan: entered promiscuous mode [ 89.637600][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.669470][ T5868] veth0_macvtap: entered promiscuous mode [ 89.680763][ T5879] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.687316][ T5878] veth0_macvtap: entered promiscuous mode [ 89.710025][ T5868] veth1_macvtap: entered promiscuous mode [ 89.727510][ T5878] veth1_macvtap: entered promiscuous mode [ 89.795406][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.825526][ T5873] veth0_macvtap: entered promiscuous mode [ 89.856382][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.894634][ T5873] veth1_macvtap: entered promiscuous mode [ 89.925191][ T5878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.957815][ T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.973088][ T5991] unsupported nla_type 52263 [ 89.979739][ T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.009754][ T5993] loop3: detected capacity change from 0 to 1024 [ 90.039828][ T5993] EXT4-fs: quotafile must be on filesystem root [ 90.047707][ T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.074540][ T5878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.099998][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.117458][ T49] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.198303][ T59] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.230383][ T59] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.276780][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.286821][ T59] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.309162][ T59] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.387948][ T3535] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.405033][ T3535] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.461289][ T3535] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.519366][ T3535] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.519487][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.546394][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.611827][ T5998] syz.3.8 uses obsolete (PF_INET,SOCK_PACKET) [ 90.653376][ T6000] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.673396][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.682703][ T6000] loop1: detected capacity change from 0 to 512 [ 90.689741][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.699026][ T6000] EXT4-fs: Ignoring removed mblk_io_submit option [ 90.765417][ T6000] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 90.779471][ T6000] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 90.834760][ T6000] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 90.839438][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.866410][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.875765][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.878886][ T1170] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.894815][ T1170] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.904260][ T6000] EXT4-fs (loop1): 1 truncate cleaned up [ 90.912652][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.920575][ T6000] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.023796][ T6004] veth0_to_team: entered promiscuous mode [ 91.142195][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.150225][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.361033][ T5184] Bluetooth: hci0: command tx timeout [ 91.361047][ T5877] Bluetooth: hci1: command tx timeout [ 91.376302][ T5871] Bluetooth: hci4: command tx timeout [ 91.431871][ T5871] Bluetooth: hci2: command tx timeout [ 91.437311][ T5871] Bluetooth: hci3: command tx timeout [ 91.567887][ T30] audit: type=1326 audit(1754728734.903:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 91.687625][ T6023] loop2: detected capacity change from 0 to 128 [ 91.715882][ T30] audit: type=1326 audit(1754728734.943:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 91.849600][ T30] audit: type=1326 audit(1754728734.943:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 91.901321][ T30] audit: type=1326 audit(1754728734.943:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 91.994577][ T30] audit: type=1326 audit(1754728734.943:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d8ad8d550 code=0x7ffc0000 [ 92.095254][ T6023] syz.2.12 (6023): attempted to duplicate a private mapping with mremap. This is not supported. [ 92.121378][ T30] audit: type=1326 audit(1754728734.943:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4d8ad90417 code=0x7ffc0000 [ 92.667814][ T30] audit: type=1326 audit(1754728734.943:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 92.689902][ T30] audit: type=1326 audit(1754728734.943:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4d8ad90417 code=0x7ffc0000 [ 92.714646][ T30] audit: type=1326 audit(1754728734.943:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4d8ad8d84a code=0x7ffc0000 [ 92.736976][ T30] audit: type=1326 audit(1754728734.943:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.2.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 92.794915][ T6023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12'. [ 92.986757][ T6046] netlink: 224 bytes leftover after parsing attributes in process `syz.0.20'. [ 93.006391][ T6046] ksmbd: Unknown IPC event: 4, ignore. [ 93.268107][ T6051] loop0: detected capacity change from 0 to 512 [ 93.305963][ T6051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.333307][ T6051] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 93.419788][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.481951][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.862944][ T6062] netlink: 76 bytes leftover after parsing attributes in process `syz.4.25'. [ 94.281318][ T6074] Zero length message leads to an empty skb [ 96.265168][ T6124] loop2: detected capacity change from 0 to 512 [ 97.309282][ T6140] loop0: detected capacity change from 0 to 512 [ 97.806203][ T6140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.841046][ T6140] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.985774][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.583935][ T6149] loop2: detected capacity change from 0 to 512 [ 98.605475][ T6110] Falling back ldisc for ttyS3. [ 98.608853][ T6149] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 98.764995][ T6149] EXT4-fs (loop2): 1 orphan inode deleted [ 98.770773][ T6149] EXT4-fs (loop2): 1 truncate cleaned up [ 98.863565][ T6149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.903611][ T6163] loop0: detected capacity change from 0 to 512 [ 98.928349][ T6163] __quota_error: 5 callbacks suppressed [ 98.928367][ T6163] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6). [ 98.946119][ T6163] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 98.999733][ T6163] EXT4-fs (loop0): mount failed [ 99.093864][ T6149] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 99.188734][ T6149] EXT4-fs (loop2): Remounting filesystem read-only [ 99.243212][ T6149] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 99.281682][ T6174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.66'. [ 99.553669][ T6183] netlink: 52 bytes leftover after parsing attributes in process `syz.3.69'. [ 99.663121][ T6184] syzkaller0: entered promiscuous mode [ 99.679541][ T6184] syzkaller0: entered allmulticast mode [ 99.778849][ T30] audit: type=1326 audit(1754728743.113:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 99.807000][ T30] audit: type=1326 audit(1754728743.113:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 99.896461][ T30] audit: type=1326 audit(1754728743.113:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 99.968660][ T30] audit: type=1326 audit(1754728743.113:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 100.056156][ T30] audit: type=1326 audit(1754728743.123:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 100.138274][ T30] audit: type=1326 audit(1754728743.123:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 100.198908][ T30] audit: type=1326 audit(1754728743.123:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 100.257792][ T30] audit: type=1326 audit(1754728743.123:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 100.343577][ T30] audit: type=1326 audit(1754728743.123:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6192 comm="syz.4.73" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 102.067257][ T6218] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 102.111715][ T6218] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 102.136348][ T6218] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 102.376634][ T5878] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.514128][ T6250] loop4: detected capacity change from 0 to 1024 [ 102.549129][ T6250] ======================================================= [ 102.549129][ T6250] WARNING: The mand mount option has been deprecated and [ 102.549129][ T6250] and is ignored by this kernel. Remove the mand [ 102.549129][ T6250] option from the mount to silence this warning. [ 102.549129][ T6250] ======================================================= [ 102.786211][ T6250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.800888][ T6250] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.006867][ T5868] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.017068][ T6271] capability: warning: `syz.3.103' uses deprecated v2 capabilities in a way that may be insecure [ 103.971518][ T6306] netlink: 'syz.3.120': attribute type 5 has an invalid length. [ 104.291060][ T6325] loop4: detected capacity change from 0 to 1024 [ 104.453058][ T6325] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.564806][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 104.564825][ T30] audit: type=1800 audit(1754728747.903:59): pid=6325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.128" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 104.636564][ T6339] loop2: detected capacity change from 0 to 512 [ 104.666236][ T6343] loop0: detected capacity change from 0 to 512 [ 104.758895][ T30] audit: type=1326 audit(1754728748.093:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 104.832803][ T30] audit: type=1326 audit(1754728748.143:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 104.856461][ T30] audit: type=1326 audit(1754728748.143:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 104.868342][ T6339] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.891806][ T6343] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.136: corrupted in-inode xattr: invalid ea_ino [ 104.907825][ T6339] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 104.912101][ T6343] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.136: couldn't read orphan inode 15 (err -117) [ 104.951036][ T30] audit: type=1326 audit(1754728748.143:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 104.976246][ T30] audit: type=1326 audit(1754728748.143:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 105.009625][ T6343] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.023020][ T30] audit: type=1326 audit(1754728748.143:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 105.045960][ T30] audit: type=1326 audit(1754728748.143:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 105.069109][ T30] audit: type=1326 audit(1754728748.143:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.3.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 105.116016][ T6339] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.134: corrupted inode contents [ 105.120500][ T6350] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 105.134476][ T6350] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 105.158578][ T5868] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.168794][ T6339] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.134: mark_inode_dirty error [ 105.172577][ T6350] vhci_hcd vhci_hcd.0: Device attached [ 105.201957][ T6339] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.134: corrupted inode contents [ 105.225820][ T6351] vhci_hcd: connection closed [ 105.227872][ T59] vhci_hcd: stop threads [ 105.265891][ T59] vhci_hcd: release socket [ 105.270371][ T59] vhci_hcd: disconnect device [ 105.456159][ T5878] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.530932][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.490114][ T30] audit: type=1326 audit(1754728749.823:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6372 comm="syz.2.147" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4d8ad8ebe9 code=0x0 [ 106.504722][ T6379] loop1: detected capacity change from 0 to 1024 [ 106.542296][ T6379] EXT4-fs: Ignoring removed bh option [ 106.611092][ T6379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.890208][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.775370][ T6425] netlink: 8 bytes leftover after parsing attributes in process `syz.0.166'. [ 111.667461][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 111.667479][ T30] audit: type=1326 audit(1754728755.003:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 111.727477][ T30] audit: type=1326 audit(1754728755.043:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 111.782134][ T30] audit: type=1326 audit(1754728755.043:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 111.819058][ T30] audit: type=1326 audit(1754728755.043:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 111.920484][ T30] audit: type=1326 audit(1754728755.093:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.008381][ T30] audit: type=1326 audit(1754728755.093:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.031159][ T30] audit: type=1326 audit(1754728755.093:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.053501][ T30] audit: type=1326 audit(1754728755.093:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.762322][ T30] audit: type=1326 audit(1754728756.083:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.907751][ T30] audit: type=1326 audit(1754728756.093:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 112.952240][ T6449] mmap: syz.3.177 (6449) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 114.550595][ T6510] loop1: detected capacity change from 0 to 512 [ 114.596011][ T6510] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 114.775107][ T6510] EXT4-fs (loop1): 1 orphan inode deleted [ 114.828051][ T6510] EXT4-fs (loop1): 1 truncate cleaned up [ 114.839055][ T6510] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.889790][ T6517] loop0: detected capacity change from 0 to 2048 [ 114.969950][ T6510] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 115.061415][ T6510] EXT4-fs (loop1): Remounting filesystem read-only [ 115.086217][ T6510] EXT4-fs (loop1): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 115.118746][ T6517] EXT4-fs (loop0): failed to initialize system zone (-117) [ 115.192053][ T6529] netlink: 68 bytes leftover after parsing attributes in process `syz.3.205'. [ 115.684746][ T6517] EXT4-fs (loop0): mount failed [ 115.924702][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.694221][ T6561] sch_tbf: burst 4393 is lower than device lo mtu (65550) ! [ 116.719825][ T6563] loop2: detected capacity change from 0 to 512 [ 116.752345][ T6563] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 116.810438][ T6563] EXT4-fs (loop2): 1 orphan inode deleted [ 116.826424][ T6563] EXT4-fs (loop2): 1 truncate cleaned up [ 116.848735][ T6563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.052625][ T6563] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 117.093133][ T6563] EXT4-fs (loop2): Remounting filesystem read-only [ 117.117247][ T6563] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 117.306655][ T5878] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.100601][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 118.301867][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 118.301886][ T30] audit: type=1326 audit(1754728761.633:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 118.425410][ T30] audit: type=1326 audit(1754728761.633:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 118.464088][ T30] audit: type=1326 audit(1754728761.693:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 118.486692][ T30] audit: type=1326 audit(1754728761.693:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 118.561463][ T30] audit: type=1326 audit(1754728761.713:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 118.591319][ T30] audit: type=1326 audit(1754728761.713:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 119.622721][ T30] audit: type=1326 audit(1754728761.713:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 119.859723][ T30] audit: type=1326 audit(1754728761.713:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 119.981748][ T30] audit: type=1326 audit(1754728761.713:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6588 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 120.105807][ T30] audit: type=1326 audit(1754728763.443:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.3.237" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f086f18ebe9 code=0x0 [ 120.127379][ C1] vkms_vblank_simulate: vblank timer overrun [ 120.441883][ T6618] netlink: 4 bytes leftover after parsing attributes in process `syz.4.239'. [ 120.964024][ T6625] loop1: detected capacity change from 0 to 512 [ 121.739403][ T6625] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 121.986664][ T6625] EXT4-fs (loop1): 1 truncate cleaned up [ 122.005296][ T6625] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.313017][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 123.332724][ T6635] random: crng reseeded on system resumption [ 123.516376][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.525938][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 123.535430][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 123.843038][ T6640] loop0: detected capacity change from 0 to 512 [ 123.862664][ T6640] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 123.956877][ T6640] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.991713][ T6640] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 124.083819][ T30] audit: type=1326 audit(1754728767.403:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 124.130709][ T6640] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.245: iget: bad i_size value: 2533274857506816 [ 124.148194][ T30] audit: type=1326 audit(1754728767.403:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb0e98d550 code=0x7ffc0000 [ 124.183050][ T6653] hub 9-0:1.0: USB hub found [ 124.203082][ T6653] hub 9-0:1.0: 1 port detected [ 124.260271][ T30] audit: type=1326 audit(1754728767.423:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 124.351593][ T6658] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 124.351975][ T30] audit: type=1326 audit(1754728767.423:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 124.369971][ T6657] loop3: detected capacity change from 0 to 512 [ 124.419767][ T6659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.251'. [ 124.440920][ T30] audit: type=1326 audit(1754728767.443:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 124.463149][ C1] vkms_vblank_simulate: vblank timer overrun [ 124.631602][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 124.756513][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 124.932804][ T30] audit: type=1326 audit(1754728767.443:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 124.964185][ T6657] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 125.021398][ T30] audit: type=1326 audit(1754728767.453:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 125.043674][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.050267][ T30] audit: type=1326 audit(1754728767.453:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 125.075042][ T30] audit: type=1326 audit(1754728767.453:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 125.085541][ T6657] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 125.097292][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.150958][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 125.221895][ T6657] EXT4-fs (loop3): mount failed [ 125.225753][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.272519][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 125.281094][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 125.291383][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.222395][ T6697] netlink: 96 bytes leftover after parsing attributes in process `syz.0.263'. [ 127.088493][ T6712] loop3: detected capacity change from 0 to 512 [ 127.242359][ T6712] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 127.338969][ T6712] EXT4-fs (loop3): mount failed [ 128.253578][ T6735] netlink: 96 bytes leftover after parsing attributes in process `syz.2.275'. [ 131.101982][ T5938] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 131.278069][ T6793] netlink: 4 bytes leftover after parsing attributes in process `syz.1.298'. [ 131.578985][ T5938] usb 5-1: config 0 has no interfaces? [ 131.598475][ T5938] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 131.607869][ T6802] netlink: 5 bytes leftover after parsing attributes in process `syz.3.301'. [ 131.621813][ T6802] 0ªî{X¹¦: renamed from gretap0 (while UP) [ 131.630282][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.726131][ T6802] 0ªî{X¹¦: entered allmulticast mode [ 131.754840][ T6802] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 131.779588][ T5938] usb 5-1: Product: syz [ 131.898312][ T5938] usb 5-1: Manufacturer: syz [ 131.978842][ T5938] usb 5-1: SerialNumber: syz [ 132.036918][ T5938] usb 5-1: config 0 descriptor?? [ 132.407553][ T6777] : entered promiscuous mode [ 132.994991][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.853181][ T6818] netlink: 'syz.0.306': attribute type 24 has an invalid length. [ 134.389009][ T5938] usb 5-1: USB disconnect, device number 2 [ 135.024386][ T6826] : entered promiscuous mode [ 135.040671][ T6832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.312'. [ 135.115316][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 135.115328][ T30] audit: type=1326 audit(1754728778.453:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 135.240527][ T30] audit: type=1326 audit(1754728778.493:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f438ebe9 code=0x7ffc0000 [ 135.337753][ T30] audit: type=1326 audit(1754728778.673:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6833 comm="syz.0.314" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdb0e98ebe9 code=0x0 [ 135.992414][ T6858] Device name cannot be null; rc = [-22] [ 136.706114][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.326'. [ 137.261430][ T30] audit: type=1326 audit(1754728780.593:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6884 comm="syz.1.335" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f95ac58ebe9 code=0x0 [ 137.278667][ T6889] loop4: detected capacity change from 0 to 512 [ 137.365519][ T6889] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.337: corrupted in-inode xattr: invalid ea_ino [ 137.484880][ T6889] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.337: couldn't read orphan inode 15 (err -117) [ 137.528226][ T6889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.682612][ T5868] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 137.766035][ T5868] EXT4-fs error (device loop4): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 15 [ 137.835509][ T5868] EXT4-fs error (device loop4): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 15 [ 138.732607][ T30] audit: type=1326 audit(1754728782.053:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.2.334" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x0 [ 138.801173][ T6906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.342'. [ 138.909335][ T6482] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.636410][ T6925] loop2: detected capacity change from 0 to 512 [ 139.705539][ T6925] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 139.775808][ T6925] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 139.856301][ T6925] EXT4-fs (loop2): mount failed [ 140.296235][ T6935] netlink: 4 bytes leftover after parsing attributes in process `syz.3.356'. [ 141.932564][ T6960] : renamed from bridge_slave_0 (while UP) [ 141.988179][ T5877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.002418][ T5877] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.027406][ T5877] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.101366][ T5877] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.131500][ T5877] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.323241][ T6967] loop3: detected capacity change from 0 to 512 [ 142.725329][ T5877] Bluetooth: hci4: command 0x0405 tx timeout [ 142.747967][ T6967] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 143.061783][ T6967] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 143.251683][ T6967] EXT4-fs (loop3): mount failed [ 143.288823][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.367'. [ 144.246040][ T5877] Bluetooth: hci0: command tx timeout [ 145.796603][ T30] audit: type=1326 audit(1754728789.133:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 145.951006][ T30] audit: type=1326 audit(1754728789.143:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 145.981467][ T30] audit: type=1326 audit(1754728789.143:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 146.004442][ T30] audit: type=1326 audit(1754728789.143:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 146.027125][ T30] audit: type=1326 audit(1754728789.143:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 146.079050][ T30] audit: type=1326 audit(1754728789.143:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 146.135946][ T30] audit: type=1326 audit(1754728789.143:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 146.166910][ T6959] chnl_net:caif_netlink_parms(): no params data found [ 146.272506][ T7009] netlink: 28 bytes leftover after parsing attributes in process `syz.2.374'. [ 146.329206][ T5877] Bluetooth: hci0: command tx timeout [ 146.758806][ T30] audit: type=1326 audit(1754728789.153:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 147.731572][ T6959] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.779137][ T6959] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.810728][ T7042] loop2: detected capacity change from 0 to 512 [ 147.811625][ T6959] bridge_slave_0: entered allmulticast mode [ 147.861497][ T6959] bridge_slave_0: entered promiscuous mode [ 147.921051][ T6959] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.943610][ T7042] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 147.958900][ T7042] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 147.980089][ T6959] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.003846][ T7042] EXT4-fs (loop2): mount failed [ 148.036263][ T6959] bridge_slave_1: entered allmulticast mode [ 148.277137][ T6959] bridge_slave_1: entered promiscuous mode [ 148.430427][ T7059] netlink: 'syz.3.383': attribute type 1 has an invalid length. [ 148.438365][ T7059] netlink: 224 bytes leftover after parsing attributes in process `syz.3.383'. [ 148.457595][ T5877] Bluetooth: hci0: command tx timeout [ 149.144098][ T6959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 149.206839][ T6959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 149.362441][ T7066] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input5 [ 149.746473][ T7073] vxfs: WRONG superblock magic 00000000 at 1 [ 149.755703][ T7073] vxfs: WRONG superblock magic 00000000 at 8 [ 149.761806][ T7073] vxfs: can't find superblock. [ 150.000414][ T5953] libceph: connect (1)[c::]:6789 error -101 [ 150.062734][ T7072] ceph: No mds server is up or the cluster is laggy [ 150.081200][ T5953] libceph: mon0 (1)[c::]:6789 connect error [ 150.243402][ T6959] team0: Port device team_slave_0 added [ 150.305810][ T6959] team0: Port device team_slave_1 added [ 150.471438][ T5877] Bluetooth: hci0: command tx timeout [ 150.476988][ T30] audit: type=1326 audit(1754728793.793:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 150.510020][ T30] audit: type=1326 audit(1754728793.793:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 150.588191][ T30] audit: type=1326 audit(1754728793.793:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f95ac590b07 code=0x7ffc0000 [ 150.711583][ T30] audit: type=1326 audit(1754728793.793:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f95ac590a7c code=0x7ffc0000 [ 150.768847][ T7089] netlink: 96 bytes leftover after parsing attributes in process `syz.2.391'. [ 150.811396][ T30] audit: type=1326 audit(1754728793.793:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f95ac5909b4 code=0x7ffc0000 [ 150.837164][ T7097] loop3: detected capacity change from 0 to 512 [ 150.912281][ T6959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 150.919266][ T6959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.964009][ T30] audit: type=1326 audit(1754728793.793:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f95ac5909b4 code=0x7ffc0000 [ 150.992928][ T30] audit: type=1326 audit(1754728793.793:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f95ac58d84a code=0x7ffc0000 [ 151.019302][ T30] audit: type=1326 audit(1754728793.793:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 151.041500][ C1] vkms_vblank_simulate: vblank timer overrun [ 151.088911][ T6959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.374579][ T7097] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 151.571637][ T7097] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 151.614982][ T6959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.778128][ T7097] EXT4-fs (loop3): mount failed [ 151.807009][ T6959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.167760][ T7111] 9pnet_fd: Insufficient options for proto=fd [ 152.201423][ T6959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.574665][ T6959] hsr_slave_0: entered promiscuous mode [ 152.582589][ T6959] hsr_slave_1: entered promiscuous mode [ 152.589289][ T6959] debugfs: 'hsr0' already exists in 'hsr' [ 152.595141][ T6959] Cannot create hsr debugfs directory [ 153.581635][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 153.581653][ T30] audit: type=1326 audit(1754728796.913:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 153.610913][ T30] audit: type=1326 audit(1754728796.913:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f95ac590b07 code=0x7ffc0000 [ 153.634878][ T30] audit: type=1326 audit(1754728796.913:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f95ac590a7c code=0x7ffc0000 [ 153.909309][ T30] audit: type=1326 audit(1754728797.223:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f95ac5909b4 code=0x7ffc0000 [ 154.578333][ T30] audit: type=1326 audit(1754728797.223:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f95ac5909b4 code=0x7ffc0000 [ 154.704227][ T30] audit: type=1326 audit(1754728797.223:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f95ac58d84a code=0x7ffc0000 [ 154.738361][ T30] audit: type=1326 audit(1754728797.223:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 154.761840][ T30] audit: type=1326 audit(1754728797.223:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.1.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ac58ebe9 code=0x7ffc0000 [ 154.952383][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebe800: rx timeout, send abort [ 155.083560][ T6959] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 155.096466][ T6959] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 155.453106][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebec00: rx timeout, send abort [ 155.461814][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebe800: abort rx timeout. Force session deactivation [ 155.675320][ T6959] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 155.730092][ T6959] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 155.961467][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebec00: abort rx timeout. Force session deactivation [ 156.742014][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebf000: rx timeout, send abort [ 156.765996][ T7167] loop2: detected capacity change from 0 to 512 [ 157.109005][ T7167] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 157.164699][ T7167] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 157.250392][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888053ebf000: abort rx timeout. Force session deactivation [ 157.332584][ T5987] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 157.430497][ T7167] EXT4-fs (loop2): mount failed [ 157.551297][ T5987] usb 1-1: Using ep0 maxpacket: 32 [ 157.573853][ T5987] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 157.611197][ T5987] usb 1-1: config 0 has no interface number 0 [ 157.678113][ T6959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.685728][ T5987] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 157.695115][ T5987] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.718987][ T5987] usb 1-1: Product: syz [ 157.731188][ T5987] usb 1-1: Manufacturer: syz [ 157.743962][ T5987] usb 1-1: SerialNumber: syz [ 157.749111][ T6959] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.769122][ T5987] usb 1-1: config 0 descriptor?? [ 157.774893][ T7183] loop2: detected capacity change from 0 to 512 [ 157.825081][ T6038] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.832309][ T6038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.841494][ T7183] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 157.871620][ T6038] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.879699][ T6038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.964377][ T5987] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 158.260934][ T7183] EXT4-fs (loop2): 1 orphan inode deleted [ 158.631562][ T5987] usb 1-1: selecting invalid altsetting 1 [ 158.637348][ T5987] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 158.700552][ T5987] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 158.712123][ T7183] EXT4-fs (loop2): 1 truncate cleaned up [ 158.719597][ T7183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.851486][ T5987] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 158.875531][ T7183] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 158.902275][ T5987] usb 1-1: media controller created [ 158.915182][ T7183] EXT4-fs (loop2): Remounting filesystem read-only [ 158.924211][ T7183] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 158.982747][ T5987] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 159.052624][ T5987] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 159.071356][ T5987] zl10353_read_register: readreg error (reg=127, ret==-71) [ 159.090306][ T5987] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 159.133664][ T5953] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 159.198254][ T5878] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.270844][ T5987] usb 1-1: USB disconnect, device number 2 [ 159.302578][ T5953] usb 4-1: Using ep0 maxpacket: 16 [ 159.369958][ T5953] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 159.411340][ T5953] usb 4-1: config 0 has no interfaces? [ 159.426025][ T6959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 159.429981][ T5953] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 159.468824][ T5953] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 159.468852][ T5953] usb 4-1: Product: syz [ 159.468868][ T5953] usb 4-1: Manufacturer: syz [ 159.468883][ T5953] usb 4-1: SerialNumber: syz [ 159.494515][ T5953] usb 4-1: config 0 descriptor?? [ 159.700623][ T7191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 159.701065][ T7191] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 159.704395][ T5953] usb 4-1: USB disconnect, device number 2 [ 159.713278][ T7202] binder_alloc: 7201: binder_alloc_buf, no vma [ 160.116124][ T7206] loop8: detected capacity change from 0 to 79 [ 160.297009][ T7208] loop8: detected capacity change from 79 to 78 [ 160.388694][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.395510][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.402111][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.408643][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.415355][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.421884][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.428363][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.434854][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.441388][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.447884][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.454397][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.460869][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.467410][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.473897][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.480359][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.486868][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.493345][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.499825][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.506771][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.513279][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.519772][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.526271][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.532791][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.539285][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.545765][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.552274][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.558727][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.565206][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.571694][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.578153][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.584643][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.591097][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.597616][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.604111][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.610581][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.617075][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.623551][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.630106][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.636594][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.643102][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.649584][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.656059][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.662541][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.669022][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.675658][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.682329][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.688837][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.695332][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.701925][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.708435][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.715051][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.721576][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.728064][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.734572][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.741129][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.747688][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.754324][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.760786][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.767295][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.773800][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.780268][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.786786][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.793393][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.799862][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.806910][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.813422][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.819882][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.826375][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.832853][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.839328][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.845906][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.852388][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.858971][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.865465][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.871964][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.878425][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.884904][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.891378][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.897849][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.904339][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.910784][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.917257][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.923722][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.930188][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.936712][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.943248][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.949876][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.956453][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.963018][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.969500][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.976008][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.982482][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.988918][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 160.995454][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.002015][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.008572][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.015107][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.021614][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.028146][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.034737][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.041279][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.047766][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.054260][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.060709][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.067186][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.073666][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.080097][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.086661][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.093209][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.099691][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.106215][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.112893][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.119386][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.125984][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.132487][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.138953][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.145529][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.152009][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.158460][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.164923][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.171495][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.177928][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.184421][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.190869][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.197339][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.203813][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.210270][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.217033][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.224899][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.231486][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.238017][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.244578][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.251197][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.257777][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.264407][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.271024][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 161.317120][ T7214] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_1, syncid = 1, id = 0 [ 161.479897][ T7218] loop2: detected capacity change from 0 to 512 [ 161.524198][ T7218] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 161.558250][ T7218] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 161.631658][ T7218] EXT4-fs (loop2): mount failed [ 161.634601][ C1] vxcan1: j1939_tp_rxtimer: 0xffff8880568c4000: rx timeout, send abort [ 161.794113][ T6959] veth0_vlan: entered promiscuous mode [ 161.830486][ T6959] veth1_vlan: entered promiscuous mode [ 161.948089][ T6959] veth0_macvtap: entered promiscuous mode [ 161.958551][ T6959] veth1_macvtap: entered promiscuous mode [ 161.983588][ T6959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.027522][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807e297000: rx timeout, send abort [ 162.069791][ T5953] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 162.084258][ T6959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.118815][ T1147] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.130550][ T1147] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.134677][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888021b04000: rx timeout, send abort [ 162.147596][ C1] vxcan1: j1939_tp_rxtimer: 0xffff8880568c4000: abort rx timeout. Force session deactivation [ 162.194448][ T1147] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.204258][ T1147] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.246356][ T5953] usb 2-1: unable to get BOS descriptor or descriptor too short [ 162.388667][ T5953] usb 2-1: config 7 has an invalid interface number: 3 but max is 0 [ 162.521886][ T5953] usb 2-1: config 7 has no interface number 0 [ 162.535790][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807e297000: abort rx timeout. Force session deactivation [ 162.558296][ T5953] usb 2-1: config 7 interface 3 has no altsetting 0 [ 162.581670][ T5953] usb 2-1: New USB device found, idVendor=1410, idProduct=a005, bcdDevice=6f.b0 [ 162.590901][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.599095][ T5953] usb 2-1: Product: syz [ 162.603514][ T5953] usb 2-1: Manufacturer: syz [ 162.608115][ T5953] usb 2-1: SerialNumber: syz [ 162.647557][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888021b04000: abort rx timeout. Force session deactivation [ 163.246303][ T5953] usb 2-1: USB disconnect, device number 2 [ 163.424092][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888021b05400: rx timeout, send abort [ 163.679690][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.710119][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.710191][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.750662][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.932477][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888021b05400: abort rx timeout. Force session deactivation [ 165.691875][ T7264] loop3: detected capacity change from 0 to 512 [ 165.787876][ T7264] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 165.855897][ T7264] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 166.100008][ T7264] EXT4-fs (loop3): mount failed [ 166.324763][ T7280] netlink: 12 bytes leftover after parsing attributes in process `syz.5.443'. [ 167.253035][ T7274] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 167.281971][ T7274] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 167.383856][ T7274] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 167.493591][ T7274] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 167.510373][ T7274] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 167.540794][ T7274] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 167.634889][ T7274] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 167.677827][ T7274] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 167.710512][ T7274] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 167.742331][ T7274] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 167.748419][ T7274] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 167.769024][ T7274] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 167.801666][ T7274] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 167.816413][ T7274] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 167.850613][ T7274] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 167.989507][ C1] vxcan1: j1939_tp_rxtimer: 0xffff8880562d9400: rx timeout, send abort [ 168.489640][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888031ff3c00: rx timeout, send abort [ 168.506256][ C1] vxcan1: j1939_tp_rxtimer: 0xffff8880562d9400: abort rx timeout. Force session deactivation [ 168.721685][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.810500][ T5924] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 168.991903][ T5924] usb 4-1: Using ep0 maxpacket: 8 [ 168.998053][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888031ff3c00: abort rx timeout. Force session deactivation [ 169.023157][ T5924] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03 [ 169.784698][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888031ff3800: rx timeout, send abort [ 169.929569][ T5871] Bluetooth: hci3: command 0x0c1a tx timeout [ 169.935887][ T5877] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.177493][ T5877] Bluetooth: hci4: command 0x0405 tx timeout [ 170.177496][ T5871] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.177681][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.277912][ T5924] usb 4-1: Product: syz [ 170.293156][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888031ff3800: abort rx timeout. Force session deactivation [ 170.317020][ T5924] usb 4-1: Manufacturer: syz [ 170.335914][ T5924] usb 4-1: SerialNumber: syz [ 170.871374][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.959452][ T5924] usb 4-1: config 0 descriptor?? [ 171.151637][ T5924] usb 4-1: can't set config #0, error -71 [ 171.209421][ T5924] usb 4-1: USB disconnect, device number 3 [ 172.173389][ T7316] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 172.231358][ T5877] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.246878][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout [ 172.253400][ T5877] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.311410][ T5184] Bluetooth: hci4: command 0x0405 tx timeout [ 172.417245][ T7313] loop3: detected capacity change from 0 to 512 [ 172.516780][ T7313] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 172.601360][ T982] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 172.761070][ T7313] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 172.808904][ T7331] : renamed from bridge_slave_0 (while UP) [ 172.864567][ T982] usb 1-1: Using ep0 maxpacket: 8 [ 172.873566][ T982] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 172.908226][ T7313] EXT4-fs (loop3): mount failed [ 172.908884][ T982] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 172.952382][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.032483][ T5987] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 173.053631][ T982] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 173.132631][ T982] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 173.186483][ T982] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 173.229907][ T982] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.467049][ T5987] usb 2-1: config 0 has no interfaces? [ 173.646529][ T982] usb 1-1: GET_CAPABILITIES returned 0 [ 173.659743][ T5987] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 173.749281][ T982] usbtmc 1-1:16.0: can't read capabilities [ 173.767374][ T5987] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.946154][ T5987] usb 2-1: Product: syz [ 173.980982][ T5987] usb 2-1: Manufacturer: syz [ 174.009019][ T5987] usb 2-1: SerialNumber: syz [ 174.062424][ T5987] usb 2-1: config 0 descriptor?? [ 174.326483][ T5184] Bluetooth: hci2: command 0x0c1a tx timeout [ 174.332705][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 174.333091][ T5877] Bluetooth: hci0: command 0x0c1a tx timeout [ 174.391350][ T5877] Bluetooth: hci4: command 0x0405 tx timeout [ 174.922053][ T24] usb 1-1: USB disconnect, device number 3 [ 178.410149][ T5953] libceph: connect (1)[c::]:6789 error -101 [ 178.422437][ T5953] libceph: mon0 (1)[c::]:6789 connect error [ 178.520047][ T5987] usb 2-1: USB disconnect, device number 3 [ 178.525187][ T7384] ceph: No mds server is up or the cluster is laggy [ 178.822376][ T7401] loop0: detected capacity change from 0 to 512 [ 179.577993][ T7401] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6). [ 179.701529][ T7401] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 179.723055][ T7403] : entered promiscuous mode [ 179.810864][ T7401] EXT4-fs (loop0): mount failed [ 180.538483][ T7426] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 181.149561][ T7428] netlink: 'syz.0.477': attribute type 20 has an invalid length. [ 181.271971][ T7430] sd 0:0:1:0: device reset [ 181.429410][ T7428] dvmrp17: entered allmulticast mode [ 185.329042][ T5987] libceph: connect (1)[c::]:6789 error -101 [ 185.362307][ T5987] libceph: mon0 (1)[c::]:6789 connect error [ 185.951169][ T982] libceph: connect (1)[c::]:6789 error -101 [ 185.973635][ T982] libceph: mon0 (1)[c::]:6789 connect error [ 185.997802][ T7469] loop0: detected capacity change from 0 to 512 [ 186.031517][ T982] IPVS: starting estimator thread 0... [ 186.071076][ T7452] ceph: No mds server is up or the cluster is laggy [ 186.072554][ T7469] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6). [ 186.094959][ T7469] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 186.118869][ T7469] EXT4-fs (loop0): mount failed [ 186.164387][ T7471] IPVS: using max 33 ests per chain, 79200 per kthread [ 187.019402][ T7486] netlink: 84 bytes leftover after parsing attributes in process `syz.1.492'. [ 188.146852][ T7502] netlink: 16 bytes leftover after parsing attributes in process `syz.0.497'. [ 188.353670][ T5987] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 188.522761][ T5987] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 188.583620][ T5987] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.627991][ T5987] usb 2-1: config 0 descriptor?? [ 189.401981][ T7523] warning: `syz.3.504' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 192.084518][ T7530] 9pnet_fd: Insufficient options for proto=fd [ 192.226341][ T7529] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.234789][ T7529] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.306147][ T7529] bridge0: entered promiscuous mode [ 192.311559][ T7529] bridge0: entered allmulticast mode [ 192.322675][ T7539] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.329861][ T7539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.338491][ T7539] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.345694][ T7539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.470027][ T5987] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 192.491956][ T5987] asix 2-1:0.0: probe with driver asix failed with error -71 [ 192.503773][ T5987] usb 2-1: USB disconnect, device number 4 [ 193.108399][ T30] audit: type=1326 audit(1754728836.443:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 193.775765][ T30] audit: type=1326 audit(1754728836.443:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 193.891798][ T30] audit: type=1326 audit(1754728836.443:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d8ad8ec23 code=0x7ffc0000 [ 194.041724][ T7567] wg1 speed is unknown, defaulting to 1000 [ 194.049222][ T7567] wg1 speed is unknown, defaulting to 1000 [ 194.159934][ T30] audit: type=1326 audit(1754728836.443:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d8ad8ec23 code=0x7ffc0000 [ 194.177212][ T7567] wg1 speed is unknown, defaulting to 1000 [ 194.422296][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.524976][ T30] audit: type=1326 audit(1754728836.443:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 194.573954][ T7567] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 194.624529][ T30] audit: type=1326 audit(1754728836.483:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 194.725132][ T30] audit: type=1326 audit(1754728836.483:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 194.771592][ T30] audit: type=1326 audit(1754728836.483:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 194.805326][ T24] libceph: connect (1)[c::]:6789 error -101 [ 194.831510][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 194.845669][ T30] audit: type=1326 audit(1754728836.483:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7554 comm="syz.2.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 194.891467][ T7567] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 195.185194][ T24] libceph: connect (1)[c::]:6789 error -101 [ 195.261446][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 195.467532][ T7567] wg1 speed is unknown, defaulting to 1000 [ 195.579907][ T7573] ceph: No mds server is up or the cluster is laggy [ 195.701591][ T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 196.366823][ T5953] libceph: connect (1)[c::]:6789 error -101 [ 196.374997][ T5953] libceph: mon0 (1)[c::]:6789 connect error [ 196.405260][ T7567] wg1 speed is unknown, defaulting to 1000 [ 196.469557][ T7567] wg1 speed is unknown, defaulting to 1000 [ 196.507030][ T7567] wg1 speed is unknown, defaulting to 1000 [ 196.519115][ T7567] wg1 speed is unknown, defaulting to 1000 [ 196.528923][ T7567] wg1 speed is unknown, defaulting to 1000 [ 196.534849][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 196.557494][ T24] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 196.574879][ T24] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 196.596554][ T24] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 196.644735][ T24] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 196.669983][ T24] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 196.690250][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.870433][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.5.530'. [ 196.980379][ T24] usb 4-1: GET_CAPABILITIES returned 0 [ 197.031316][ T24] usbtmc 4-1:16.0: can't read capabilities [ 197.204596][ T30] audit: type=1326 audit(1754728840.543:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.0.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0e98ebe9 code=0x7ffc0000 [ 197.269468][ T24] usb 4-1: USB disconnect, device number 4 [ 198.817523][ T7631] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 198.911070][ T7631] netlink: 4 bytes leftover after parsing attributes in process `syz.0.541'. [ 198.976408][ T7635] netlink: 4 bytes leftover after parsing attributes in process `syz.5.542'. [ 203.799859][ T7677] netlink: 36 bytes leftover after parsing attributes in process `syz.0.554'. [ 203.913848][ T30] kauditd_printk_skb: 46 callbacks suppressed [ 203.913866][ T30] audit: type=1326 audit(1754728847.243:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.024904][ T30] audit: type=1326 audit(1754728847.243:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.079523][ T30] audit: type=1326 audit(1754728847.253:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.127151][ T30] audit: type=1326 audit(1754728847.253:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d8ad8ec23 code=0x7ffc0000 [ 204.194864][ T30] audit: type=1326 audit(1754728847.253:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d8ad8ec23 code=0x7ffc0000 [ 204.224395][ T30] audit: type=1326 audit(1754728847.253:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.253888][ T30] audit: type=1326 audit(1754728847.283:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.261387][ T982] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 204.277473][ T30] audit: type=1326 audit(1754728847.283:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.307519][ T30] audit: type=1326 audit(1754728847.283:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.359964][ T30] audit: type=1326 audit(1754728847.453:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8ad8ebe9 code=0x7ffc0000 [ 204.519393][ T982] usb 2-1: Using ep0 maxpacket: 16 [ 204.592620][ T982] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 204.621291][ T982] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 204.672391][ T982] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 204.733195][ T982] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 204.763986][ T982] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.257325][ T982] usb 2-1: Product: syz [ 205.267471][ T982] usb 2-1: Manufacturer: syz [ 205.273152][ T982] usb 2-1: SerialNumber: syz [ 205.739868][ T982] usb 2-1: 0:2 : does not exist [ 206.552085][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 206.680002][ T982] usb 2-1: USB disconnect, device number 5 [ 206.711881][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 207.157432][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 207.186688][ T9] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 207.222412][ T9] usb 3-1: can't read configurations, error -71 [ 208.784977][ T7742] netlink: 4 bytes leftover after parsing attributes in process `syz.0.570'. [ 209.420382][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 209.420401][ T30] audit: type=1326 audit(1754728852.753:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 209.501675][ T30] audit: type=1326 audit(1754728852.753:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 209.581647][ T30] audit: type=1326 audit(1754728852.823:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f086f12add9 code=0x7ffc0000 [ 209.631569][ T30] audit: type=1326 audit(1754728852.823:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 209.657325][ T30] audit: type=1326 audit(1754728852.823:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f086f18ec23 code=0x7ffc0000 [ 209.685716][ T30] audit: type=1326 audit(1754728852.823:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f086f18ec23 code=0x7ffc0000 [ 210.000034][ T30] audit: type=1326 audit(1754728852.823:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 210.042051][ T30] audit: type=1326 audit(1754728852.823:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 210.085001][ T30] audit: type=1326 audit(1754728852.833:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 210.634353][ T30] audit: type=1326 audit(1754728852.833:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.3.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f086f18ebe9 code=0x7ffc0000 [ 212.101690][ T979] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 212.679980][ T979] usb 4-1: unable to get BOS descriptor or descriptor too short [ 212.722164][ T979] usb 4-1: config 7 has an invalid interface number: 3 but max is 0 [ 212.730199][ T979] usb 4-1: config 7 has no interface number 0 [ 212.749555][ T979] usb 4-1: config 7 interface 3 has no altsetting 0 [ 212.779569][ T979] usb 4-1: New USB device found, idVendor=1410, idProduct=a005, bcdDevice=6f.b0 [ 212.819287][ T979] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.953019][ T979] usb 4-1: Product: syz [ 212.957657][ T979] usb 4-1: Manufacturer: syz [ 212.968410][ T979] usb 4-1: SerialNumber: syz [ 213.259329][ T979] usb 4-1: USB disconnect, device number 5 [ 213.426131][ T7808] netlink: 96 bytes leftover after parsing attributes in process `syz.1.592'. [ 213.550080][ T7810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.593'. [ 214.476475][ T7833] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 219.504043][ T7891] random: crng reseeded on system resumption [ 223.395802][ T7922] Device name cannot be null; rc = [-22] [ 223.797695][ T7927] loop0: detected capacity change from 0 to 512 [ 223.919919][ T7927] __quota_error: 77 callbacks suppressed [ 223.919939][ T7927] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6). [ 224.048534][ T7927] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 224.064693][ T7927] EXT4-fs (loop0): mount failed [ 224.146391][ T7933] netlink: 'syz.3.632': attribute type 1 has an invalid length. [ 224.154298][ T7933] netlink: 224 bytes leftover after parsing attributes in process `syz.3.632'. [ 230.569868][ T7986] loop8: detected capacity change from 0 to 79 [ 230.631591][ T7986] loop8: detected capacity change from 79 to 78 [ 230.649762][ T7998] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_1, syncid = 1, id = 0 [ 231.480821][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz.5.657'. [ 232.581383][ T8024] netlink: 96 bytes leftover after parsing attributes in process `syz.1.661'. [ 232.853791][ T30] audit: type=1800 audit(1754728876.173:401): pid=8025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.659" name="bus" dev="overlay" ino=696 res=0 errno=0 [ 233.861152][ T8041] vlan0: entered promiscuous mode [ 234.476497][ T8041] team0: Port device vlan0 added [ 234.804263][ T8047] netlink: 4 bytes leftover after parsing attributes in process `syz.5.668'. [ 235.037668][ T8052] vxfs: WRONG superblock magic 00000000 at 1 [ 235.046171][ T8052] vxfs: WRONG superblock magic 00000000 at 8 [ 235.052969][ T8052] vxfs: can't find superblock. [ 235.292792][ T8051] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 235.668214][ T8057] ubi31: attaching mtd0 [ 235.688979][ T8057] ubi31: scanning is finished [ 235.695180][ T8057] ubi31: empty MTD device detected [ 236.421213][ T8057] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 236.429060][ T8057] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 236.436424][ T8057] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 236.445233][ T8057] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 236.452980][ T8057] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 236.459879][ T8057] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 236.468044][ T8057] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2538550485 [ 236.475063][ T982] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 236.479763][ T8057] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 236.497879][ T8071] ubi31: background thread "ubi_bgt31d" started, PID 8071 [ 236.555017][ T5953] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 236.721375][ T5953] usb 4-1: Using ep0 maxpacket: 8 [ 236.746218][ T982] usb 6-1: config 0 has an invalid interface number: 18 but max is 0 [ 236.772902][ T5953] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 236.798852][ T982] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 236.818322][ T5953] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 236.840332][ T982] usb 6-1: config 0 has no interface number 0 [ 236.869306][ T5953] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 236.889239][ T982] usb 6-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 236.911828][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.675'. [ 236.916836][ T982] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.929153][ T5953] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 236.979361][ T5953] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 236.985536][ T982] usb 6-1: config 0 descriptor?? [ 237.037863][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.054794][ T982] usb 6-1: bad CDC descriptors [ 237.277872][ T979] usb 6-1: USB disconnect, device number 2 [ 237.319199][ T5953] usb 4-1: GET_CAPABILITIES returned 0 [ 237.342238][ T5953] usbtmc 4-1:16.0: can't read capabilities [ 238.620041][ T9] usb 4-1: USB disconnect, device number 6 [ 239.623436][ T8094] vxfs: WRONG superblock magic 00000000 at 1 [ 239.631160][ T8094] vxfs: WRONG superblock magic 00000000 at 8 [ 239.637496][ T8094] vxfs: can't find superblock. [ 240.264209][ T8093] ceph: No mds server is up or the cluster is laggy [ 240.697533][ T5953] libceph: connect (1)[c::]:6789 error -101 [ 240.712653][ T5953] libceph: mon0 (1)[c::]:6789 connect error [ 240.993667][ T8108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.684'. [ 241.473102][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 242.850765][ T9] usb 4-1: config 0 has no interfaces? [ 243.169279][ T9] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 243.179060][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 243.187172][ T9] usb 4-1: Product: syz [ 243.191459][ T9] usb 4-1: Manufacturer: syz [ 243.196167][ T9] usb 4-1: SerialNumber: syz [ 243.217161][ T9] usb 4-1: config 0 descriptor?? [ 244.042582][ T5987] usb 4-1: USB disconnect, device number 7 [ 244.783806][ T8144] vxfs: WRONG superblock magic 00000000 at 1 [ 244.792170][ T8144] vxfs: WRONG superblock magic 00000000 at 8 [ 244.798327][ T8144] vxfs: can't find superblock. [ 245.204824][ T8143] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 246.334527][ T5953] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 246.731372][ T5953] usb 2-1: Using ep0 maxpacket: 16 [ 247.403231][ T5953] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 247.417029][ T5953] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 247.520969][ T5953] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 247.562771][ T5953] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 247.592494][ T5953] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 247.613918][ T5953] usb 2-1: config 0 has no interface number 0 [ 247.620050][ T5953] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 247.683455][ T5953] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 247.696221][ T5953] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 247.706945][ T5953] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 247.721701][ T5953] usb 2-1: config 0 interface 125 has no altsetting 0 [ 247.728496][ T5953] usb 2-1: config 0 interface 125 has no altsetting 2 [ 247.783279][ T5953] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 247.969034][ T8165] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 248.014119][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.027899][ T8164] netlink: 148 bytes leftover after parsing attributes in process `syz.2.699'. [ 248.071327][ T5953] usb 2-1: Product: syz [ 248.095861][ T5953] usb 2-1: Manufacturer: syz [ 248.110673][ T5953] usb 2-1: SerialNumber: syz [ 248.150934][ T5953] usb 2-1: config 0 descriptor?? [ 248.253801][ T5953] usb 2-1: selecting invalid altsetting 2 [ 248.761987][ C1] usb 2-1: async_complete: urb error -71 [ 248.767778][ C1] usb 2-1: async_complete: urb error -71 [ 248.773531][ C1] usb 2-1: async_complete: urb error -71 [ 248.779310][ C1] usb 2-1: async_complete: urb error -71 [ 248.786720][ C1] vkms_vblank_simulate: vblank timer overrun [ 248.842634][ T5953] get_1284_register: usb error -71 [ 248.850583][ T5953] uss720 2-1:0.125: probe with driver uss720 failed with error -71 [ 248.993760][ T5953] usb 2-1: USB disconnect, device number 6 [ 250.721561][ T5953] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 250.926696][ T5953] usb 2-1: Using ep0 maxpacket: 32 [ 250.971679][ T5953] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 251.047343][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.202239][ T5953] usb 2-1: Product: syz [ 251.206457][ T5953] usb 2-1: Manufacturer: syz [ 251.211376][ T5953] usb 2-1: SerialNumber: syz [ 251.226278][ T5953] usb 2-1: config 0 descriptor?? [ 251.238421][ T5953] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 251.405858][ T8192] vxfs: WRONG superblock magic 00000000 at 1 [ 251.413595][ T8192] vxfs: WRONG superblock magic 00000000 at 8 [ 251.419647][ T8192] vxfs: can't find superblock. [ 251.778417][ T8164] syz.2.699 (8164): drop_caches: 2 [ 251.886512][ T8190] ceph: No mds server is up or the cluster is laggy [ 251.914533][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 251.962491][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 253.226776][ T5953] gspca_stk1135: reg_w 0xd err -110 [ 253.252355][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.272191][ T5953] gspca_stk1135: Sensor write failed [ 253.277638][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.286977][ T5953] gspca_stk1135: Sensor write failed [ 253.348109][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.357968][ T5953] gspca_stk1135: Sensor read failed [ 253.363507][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.371375][ T5953] gspca_stk1135: Sensor read failed [ 253.376611][ T5953] gspca_stk1135: Detected sensor type unknown (0x0) [ 253.383648][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.394410][ T5953] gspca_stk1135: Sensor read failed [ 253.399932][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.410552][ T5953] gspca_stk1135: Sensor read failed [ 253.440161][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.466185][ T5953] gspca_stk1135: Sensor write failed [ 253.690553][ T5953] gspca_stk1135: serial bus timeout: status=0x00 [ 253.891426][ T5953] gspca_stk1135: Sensor write failed [ 253.933032][ T5953] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110 [ 254.309907][ T8211] netlink: 12 bytes leftover after parsing attributes in process `syz.0.712'. [ 254.580109][ T5953] usb 2-1: USB disconnect, device number 7 [ 256.762196][ T8237] vxfs: WRONG superblock magic 00000000 at 1 [ 256.769898][ T8237] vxfs: WRONG superblock magic 00000000 at 8 [ 256.776124][ T8237] vxfs: can't find superblock. [ 257.049944][ T8234] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 258.170071][ T8244] input: syz1 as /devices/virtual/input/input7 [ 260.244603][ T8273] 8021q: VLANs not supported on vcan0 [ 261.113498][ T5871] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 261.123631][ T5871] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 261.131900][ T5871] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 261.142505][ T5871] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 261.150080][ T5871] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 261.411964][ T8277] wg1 speed is unknown, defaulting to 1000 [ 261.633630][ T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 261.891332][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 261.899270][ T24] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 261.911297][ T24] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 261.921582][ T24] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 261.934342][ T24] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 262.129749][ T8300] vxfs: WRONG superblock magic 00000000 at 1 [ 262.137454][ T8300] vxfs: WRONG superblock magic 00000000 at 8 [ 262.143591][ T8300] vxfs: can't find superblock. [ 262.554560][ T8299] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 262.621463][ T24] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 262.735008][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.091420][ T24] usb 2-1: GET_CAPABILITIES returned 0 [ 263.096986][ T24] usbtmc 2-1:16.0: can't read capabilities [ 263.173866][ T8277] chnl_net:caif_netlink_parms(): no params data found [ 263.201898][ T5877] Bluetooth: hci5: command tx timeout [ 263.960024][ T24] usb 2-1: USB disconnect, device number 8 [ 264.426487][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.472647][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.480313][ T8277] bridge_slave_0: entered allmulticast mode [ 264.491730][ T8277] bridge_slave_0: entered promiscuous mode [ 264.596059][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.618707][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.656172][ T8277] bridge_slave_1: entered allmulticast mode [ 264.812925][ T8327] loop8: detected capacity change from 0 to 79 [ 264.897810][ T8277] bridge_slave_1: entered promiscuous mode [ 265.141571][ T8327] loop8: detected capacity change from 79 to 78 [ 265.281632][ T5877] Bluetooth: hci5: command tx timeout [ 265.294178][ T8332] netlink: 12 bytes leftover after parsing attributes in process `syz.1.745'. [ 267.395649][ T5877] Bluetooth: hci5: command tx timeout [ 267.802142][ T8277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.181897][ T8396] netlink: 'syz.2.753': attribute type 1 has an invalid length. [ 268.189632][ T8396] netlink: 224 bytes leftover after parsing attributes in process `syz.2.753'. [ 268.560178][ T8396] workqueue: Failed to create a rescuer kthread for wq "phy3": -EINTR [ 269.036546][ T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.426551][ T8277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 269.435795][ T5877] Bluetooth: hci5: command tx timeout [ 269.715422][ T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.775047][ T8277] team0: Port device team_slave_0 added [ 269.797631][ T8277] team0: Port device team_slave_1 added [ 269.902751][ T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.121473][ T8419] loop8: detected capacity change from 0 to 79 [ 270.299873][ T5987] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 270.404765][ T8419] loop8: detected capacity change from 79 to 78 [ 270.472603][ T5987] usb 6-1: Using ep0 maxpacket: 16 [ 270.494162][ T5987] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 270.503556][ T5987] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 270.511873][ T5987] usb 6-1: Product: syz [ 270.564108][ T5987] usb 6-1: Manufacturer: syz [ 270.568917][ T5987] usb 6-1: SerialNumber: syz [ 270.727556][ T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.743653][ T5987] usb 6-1: config 0 descriptor?? [ 270.837075][ T8424] netlink: 96 bytes leftover after parsing attributes in process `syz.0.761'. [ 270.856721][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 270.885306][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.828420][ T8277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 271.844712][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 271.851794][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.877804][ T8277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.331684][ T5938] usb 6-1: USB disconnect, device number 3 [ 274.762768][ T8474] vxfs: WRONG superblock magic 00000000 at 1 [ 274.770435][ T8474] vxfs: WRONG superblock magic 00000000 at 8 [ 274.777304][ T8474] vxfs: can't find superblock. [ 275.164940][ T8473] ceph: No mds server is up or the cluster is laggy [ 275.172224][ T24] libceph: connect (1)[c::]:6789 error -101 [ 275.190967][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 275.323223][ T8277] hsr_slave_0: entered promiscuous mode [ 275.329985][ T8277] hsr_slave_1: entered promiscuous mode [ 275.360497][ T8277] debugfs: 'hsr0' already exists in 'hsr' [ 275.371703][ T8277] Cannot create hsr debugfs directory [ 277.159935][ T36] bridge_slave_1: left allmulticast mode [ 277.166235][ T36] bridge_slave_1: left promiscuous mode [ 277.174468][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.186380][ T36] bridge_slave_0: left allmulticast mode [ 277.192169][ T36] bridge_slave_0: left promiscuous mode [ 277.198567][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.333530][ T8505] ubi: mtd0 is already attached to ubi31 [ 278.824422][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 278.837473][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 278.847872][ T36] bond0 (unregistering): Released all slaves [ 278.862626][ T8499] netlink: 96 bytes leftover after parsing attributes in process `syz.2.773'. [ 279.443484][ T8528] vxfs: WRONG superblock magic 00000000 at 1 [ 279.450795][ T8528] vxfs: WRONG superblock magic 00000000 at 8 [ 279.456910][ T8528] vxfs: can't find superblock. [ 279.907725][ T8527] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 282.189107][ T8549] netlink: 96 bytes leftover after parsing attributes in process `syz.1.788'. [ 282.434291][ T36] hsr_slave_0: left promiscuous mode [ 282.450510][ T36] hsr_slave_1: left promiscuous mode [ 282.529108][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 282.616654][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 282.690960][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 282.845867][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 283.045271][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 283.047784][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 283.094703][ T8578] vxfs: WRONG superblock magic 00000000 at 1 [ 283.102291][ T8578] vxfs: WRONG superblock magic 00000000 at 8 [ 283.108425][ T8578] vxfs: can't find superblock. [ 283.316963][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 283.565258][ T8575] ceph: No mds server is up or the cluster is laggy [ 283.614928][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 283.743491][ T36] veth1_macvtap: left promiscuous mode [ 283.758455][ T36] veth0_macvtap: left promiscuous mode [ 283.771810][ T36] veth1_vlan: left promiscuous mode [ 283.778715][ T36] veth0_vlan: left promiscuous mode [ 284.701587][ T5987] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 285.159316][ T5987] usb 2-1: Using ep0 maxpacket: 32 [ 285.172617][ T5987] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 285.382602][ T5987] usb 2-1: config 0 has no interface number 0 [ 285.398635][ T5987] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 285.414568][ T5987] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.430420][ T5987] usb 2-1: Product: syz [ 285.434905][ T5987] usb 2-1: Manufacturer: syz [ 285.439518][ T5987] usb 2-1: SerialNumber: syz [ 285.957292][ T5987] usb 2-1: config 0 descriptor?? [ 285.994483][ T5987] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 286.119823][ T5987] usb 2-1: selecting invalid altsetting 1 [ 286.126046][ T5987] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 286.150355][ T5987] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 286.173506][ T5987] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 286.206649][ T5987] usb 2-1: media controller created [ 286.359508][ T5987] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 286.941087][ T36] team0 (unregistering): Port device team_slave_1 removed [ 286.941735][ T5987] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 286.963645][ T5987] zl10353_read_register: readreg error (reg=127, ret==-71) [ 286.988157][ T5987] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 287.007092][ T36] team0 (unregistering): Port device team_slave_0 removed [ 287.080774][ T5987] usb 2-1: USB disconnect, device number 9 [ 287.096639][ T6594] udevd[6594]: setting owner of /dev/bus/usb/002/009 to uid=0, gid=0 failed: No such file or directory [ 287.695768][ T8601] netlink: 96 bytes leftover after parsing attributes in process `syz.0.799'. [ 287.718241][ T8608] ip6erspan0: entered promiscuous mode [ 287.962206][ T8277] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 287.998475][ T8616] netlink: 'syz.2.802': attribute type 1 has an invalid length. [ 288.006254][ T8616] netlink: 224 bytes leftover after parsing attributes in process `syz.2.802'. [ 288.192397][ T8277] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 288.434973][ T8277] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 289.003776][ T8277] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 290.101998][ T8277] 8021q: adding VLAN 0 to HW filter on device bond0 [ 290.161177][ T8657] netlink: 96 bytes leftover after parsing attributes in process `syz.2.812'. [ 290.244097][ T8277] 8021q: adding VLAN 0 to HW filter on device team0 [ 290.306378][ T8383] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.313590][ T8383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.374124][ T8383] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.381369][ T8383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.803602][ T8672] vxfs: WRONG superblock magic 00000000 at 1 [ 290.811192][ T8672] vxfs: WRONG superblock magic 00000000 at 8 [ 290.817380][ T8672] vxfs: can't find superblock. [ 294.151400][ T5987] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 294.470159][ T8277] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.514400][ T5987] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 294.528461][ T5987] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 294.562447][ T8742] netlink: 96 bytes leftover after parsing attributes in process `syz.0.822'. [ 294.563048][ T5987] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 294.596737][ T5987] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.699798][ T5987] usb 2-1: config 0 descriptor?? [ 294.926914][ T5987] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 294.969659][ T5987] dvb-usb: bulk message failed: -22 (3/0) [ 295.029762][ T5987] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 295.068269][ T5987] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 295.147980][ T5987] usb 2-1: media controller created [ 295.246246][ T5987] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 295.950670][ T5987] dvb-usb: bulk message failed: -22 (6/0) [ 296.609800][ T5987] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 296.650118][ T5987] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8 [ 296.808383][ T5987] dvb-usb: schedule remote query interval to 150 msecs. [ 296.822632][ T5987] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 296.983161][ T982] dvb-usb: bulk message failed: -22 (1/0) [ 296.989107][ T982] dvb-usb: error while querying for an remote control event. [ 297.298606][ T8777] vxfs: WRONG superblock magic 00000000 at 1 [ 297.306862][ T8777] vxfs: WRONG superblock magic 00000000 at 8 [ 297.313542][ T8777] vxfs: can't find superblock. [ 298.085213][ T5987] dvb-usb: bulk message failed: -22 (1/0) [ 298.091034][ T5987] dvb-usb: error while querying for an remote control event. [ 299.120360][ T8277] veth0_vlan: entered promiscuous mode [ 299.141363][ T982] dvb-usb: bulk message failed: -22 (1/0) [ 299.191413][ T982] dvb-usb: error while querying for an remote control event. [ 299.282990][ T8277] veth1_vlan: entered promiscuous mode [ 299.302957][ T43] usb 2-1: USB disconnect, device number 10 [ 299.441532][ T982] dvb-usb: bulk message failed: -22 (1/0) [ 299.447406][ T982] dvb-usb: error while querying for an remote control event. [ 299.726313][ T8277] veth0_macvtap: entered promiscuous mode [ 300.079144][ T8277] veth1_macvtap: entered promiscuous mode [ 300.133757][ T43] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 300.150908][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 300.966118][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 301.005163][ T8828] ------------[ cut here ]------------ [ 301.010890][ T8828] WARNING: drivers/gpu/drm/vkms/vkms_crtc.c:97 at vkms_get_vblank_timestamp+0x137/0x160, CPU#1: syz.5.834/8828 [ 301.023237][ T8828] Modules linked in: [ 301.027445][ T8828] CPU: 1 UID: 0 PID: 8828 Comm: syz.5.834 Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) [ 301.038545][ T8828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 301.048656][ T8828] RIP: 0010:vkms_get_vblank_timestamp+0x137/0x160 [ 301.055172][ T8828] Code: 42 80 3c 28 00 74 08 48 89 df e8 d4 c7 28 fc 4c 89 33 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 8a 5a c5 fb 90 <0f> 0b 90 eb e3 44 89 e1 80 e1 07 38 c1 0f 8c ff fe ff ff 4c 89 e7 [ 301.075037][ T8828] RSP: 0018:ffffc900036476c8 EFLAGS: 00010293 [ 301.081101][ T8828] RAX: ffffffff85fa5936 RBX: ffffc90003647840 RCX: ffff888025ab8000 [ 301.090027][ T8828] RDX: 0000000000000000 RSI: 0000004611d405fe RDI: 0000004611d405fe [ 301.098496][ T8828] RBP: 1ffff920006c8f08 R08: ffffc90003779000 R09: 0000000000000000 [ 301.106838][ T8828] R10: ffffc90003779000 R11: ffffffff85fa5800 R12: 0000004611d405fe [ 301.114931][ T8828] R13: dffffc0000000000 R14: ffff888024650028 R15: 0000004611d405fe [ 301.123013][ T8828] FS: 000055556c77d500(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000 [ 301.129965][ T59] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.132008][ T8828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 301.147429][ T8828] CR2: 000055556f94e5c8 CR3: 00000000295ec000 CR4: 00000000003526f0 [ 301.155476][ T8828] Call Trace: [ 301.158745][ T8828] [ 301.161725][ T8828] ? __pfx_vkms_get_vblank_timestamp+0x10/0x10 [ 301.167914][ T8828] drm_crtc_next_vblank_start+0x223/0x470 [ 301.173690][ T8828] ? __pfx_drm_crtc_next_vblank_start+0x10/0x10 [ 301.179921][ T8828] ? drm_gem_fb_vmap+0x230/0x8d0 [ 301.184928][ T8828] drm_atomic_helper_wait_for_fences+0x265/0x8c0 [ 301.192236][ T8828] ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10 [ 301.199121][ T8828] ? drm_atomic_helper_prepare_planes+0x670/0xb60 [ 301.206101][ T8828] drm_atomic_helper_commit+0x5c7/0xb10 [ 301.211692][ T8828] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 301.217758][ T8828] drm_atomic_commit+0x25f/0x2c0 [ 301.222738][ T8828] ? __pfx_drm_atomic_commit+0x10/0x10 [ 301.228220][ T8828] ? __pfx___drm_printfn_info+0x10/0x10 [ 301.233864][ T8828] ? drm_client_rotation+0x47c/0x5b0 [ 301.239192][ T8828] drm_client_modeset_commit_atomic+0x620/0x760 [ 301.245526][ T8828] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 301.252333][ T8828] ? __mutex_lock+0x335/0x1360 [ 301.257122][ T8828] drm_client_modeset_commit_locked+0xcb/0x4d0 [ 301.263294][ T8828] drm_client_modeset_commit+0x4a/0x70 [ 301.268738][ T8828] drm_fb_helper_lastclose+0xa4/0x1c0 [ 301.274772][ T8828] drm_fbdev_client_restore+0x34/0x40 [ 301.280141][ T8828] drm_client_dev_restore+0x139/0x270 [ 301.285591][ T8828] drm_release+0x318/0x3f0 [ 301.290369][ T8828] ? __pfx_drm_release+0x10/0x10 [ 301.296156][ T8828] __fput+0x449/0xa70 [ 301.300696][ T8828] task_work_run+0x1d1/0x260 [ 301.306010][ T8828] ? __pfx_task_work_run+0x10/0x10 [ 301.311129][ T8828] ? exit_to_user_mode_loop+0x40/0x110 [ 301.316602][ T8828] exit_to_user_mode_loop+0xec/0x110 [ 301.321918][ T8828] do_syscall_64+0x2bd/0x3b0 [ 301.326501][ T8828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.332588][ T8828] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 301.338765][ T8828] ? clear_bhb_loop+0x60/0xb0 [ 301.343460][ T8828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.349337][ T8828] RIP: 0033:0x7fc3de58ebe9 [ 301.353797][ T8828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.373413][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.379421][ T8828] RSP: 002b:00007ffdf8693f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 301.387902][ T8828] RAX: 0000000000000000 RBX: 00007fc3de7b7da0 RCX: 00007fc3de58ebe9 [ 301.396777][ T8828] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 301.405078][ T8828] RBP: 00007fc3de7b7da0 R08: 0000000000001598 R09: 0000001af86941ff [ 301.413065][ T8828] R10: 00007fc3de7b7cb0 R11: 0000000000000246 R12: 0000000000049735 [ 301.421021][ T8828] R13: 00007ffdf8694000 R14: ffffffffffffffff R15: 00007ffdf8694020 [ 301.429042][ T8828] [ 301.432073][ T8828] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 301.439339][ T8828] CPU: 1 UID: 0 PID: 8828 Comm: syz.5.834 Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) [ 301.450334][ T8828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 301.460369][ T8828] Call Trace: [ 301.463635][ T8828] [ 301.466588][ T8828] dump_stack_lvl+0x99/0x250 [ 301.471171][ T8828] ? __asan_memcpy+0x40/0x70 [ 301.475833][ T8828] ? __pfx_dump_stack_lvl+0x10/0x10 [ 301.481024][ T8828] ? __pfx__printk+0x10/0x10 [ 301.485606][ T8828] vpanic+0x281/0x750 [ 301.489569][ T8828] ? __pfx_vpanic+0x10/0x10 [ 301.494052][ T8828] ? is_bpf_text_address+0x292/0x2b0 [ 301.499328][ T8828] ? is_bpf_text_address+0x26/0x2b0 [ 301.504541][ T8828] panic+0xb9/0xc0 [ 301.508333][ T8828] ? __pfx_panic+0x10/0x10 [ 301.512740][ T8828] __warn+0x334/0x4c0 [ 301.516722][ T8828] ? vkms_get_vblank_timestamp+0x137/0x160 [ 301.522549][ T8828] ? vkms_get_vblank_timestamp+0x137/0x160 [ 301.528347][ T8828] report_bug+0x2be/0x4f0 [ 301.532666][ T8828] ? vkms_get_vblank_timestamp+0x137/0x160 [ 301.538460][ T8828] ? vkms_get_vblank_timestamp+0x137/0x160 [ 301.544256][ T8828] ? vkms_get_vblank_timestamp+0x139/0x160 [ 301.550066][ T8828] handle_bug+0x84/0x160 [ 301.554315][ T8828] exc_invalid_op+0x1a/0x50 [ 301.558813][ T8828] asm_exc_invalid_op+0x1a/0x20 [ 301.563736][ T8828] RIP: 0010:vkms_get_vblank_timestamp+0x137/0x160 [ 301.570162][ T8828] Code: 42 80 3c 28 00 74 08 48 89 df e8 d4 c7 28 fc 4c 89 33 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 8a 5a c5 fb 90 <0f> 0b 90 eb e3 44 89 e1 80 e1 07 38 c1 0f 8c ff fe ff ff 4c 89 e7 [ 301.589761][ T8828] RSP: 0018:ffffc900036476c8 EFLAGS: 00010293 [ 301.595933][ T8828] RAX: ffffffff85fa5936 RBX: ffffc90003647840 RCX: ffff888025ab8000 [ 301.603999][ T8828] RDX: 0000000000000000 RSI: 0000004611d405fe RDI: 0000004611d405fe [ 301.611965][ T8828] RBP: 1ffff920006c8f08 R08: ffffc90003779000 R09: 0000000000000000 [ 301.619941][ T8828] R10: ffffc90003779000 R11: ffffffff85fa5800 R12: 0000004611d405fe [ 301.627908][ T8828] R13: dffffc0000000000 R14: ffff888024650028 R15: 0000004611d405fe [ 301.635891][ T8828] ? __pfx_vkms_get_vblank_timestamp+0x10/0x10 [ 301.642041][ T8828] ? vkms_get_vblank_timestamp+0x136/0x160 [ 301.647841][ T8828] ? vkms_get_vblank_timestamp+0x136/0x160 [ 301.653631][ T8828] ? __pfx_vkms_get_vblank_timestamp+0x10/0x10 [ 301.659793][ T8828] drm_crtc_next_vblank_start+0x223/0x470 [ 301.665530][ T8828] ? __pfx_drm_crtc_next_vblank_start+0x10/0x10 [ 301.671785][ T8828] ? drm_gem_fb_vmap+0x230/0x8d0 [ 301.676722][ T8828] drm_atomic_helper_wait_for_fences+0x265/0x8c0 [ 301.683052][ T8828] ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10 [ 301.689900][ T8828] ? drm_atomic_helper_prepare_planes+0x670/0xb60 [ 301.696319][ T8828] drm_atomic_helper_commit+0x5c7/0xb10 [ 301.701855][ T8828] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 301.707909][ T8828] drm_atomic_commit+0x25f/0x2c0 [ 301.712837][ T8828] ? __pfx_drm_atomic_commit+0x10/0x10 [ 301.718279][ T8828] ? __pfx___drm_printfn_info+0x10/0x10 [ 301.723851][ T8828] ? drm_client_rotation+0x47c/0x5b0 [ 301.729120][ T8828] drm_client_modeset_commit_atomic+0x620/0x760 [ 301.735346][ T8828] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 301.742087][ T8828] ? __mutex_lock+0x335/0x1360 [ 301.746855][ T8828] drm_client_modeset_commit_locked+0xcb/0x4d0 [ 301.752992][ T8828] drm_client_modeset_commit+0x4a/0x70 [ 301.758454][ T8828] drm_fb_helper_lastclose+0xa4/0x1c0 [ 301.763880][ T8828] drm_fbdev_client_restore+0x34/0x40 [ 301.769331][ T8828] drm_client_dev_restore+0x139/0x270 [ 301.774717][ T8828] drm_release+0x318/0x3f0 [ 301.779159][ T8828] ? __pfx_drm_release+0x10/0x10 [ 301.784171][ T8828] __fput+0x449/0xa70 [ 301.788681][ T8828] task_work_run+0x1d1/0x260 [ 301.793268][ T8828] ? __pfx_task_work_run+0x10/0x10 [ 301.798365][ T8828] ? exit_to_user_mode_loop+0x40/0x110 [ 301.803812][ T8828] exit_to_user_mode_loop+0xec/0x110 [ 301.809111][ T8828] do_syscall_64+0x2bd/0x3b0 [ 301.813695][ T8828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.819778][ T8828] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 301.825929][ T8828] ? clear_bhb_loop+0x60/0xb0 [ 301.830610][ T8828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.836486][ T8828] RIP: 0033:0x7fc3de58ebe9 [ 301.840890][ T8828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.860476][ T8828] RSP: 002b:00007ffdf8693f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 301.868891][ T8828] RAX: 0000000000000000 RBX: 00007fc3de7b7da0 RCX: 00007fc3de58ebe9 [ 301.877025][ T8828] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 301.884991][ T8828] RBP: 00007fc3de7b7da0 R08: 0000000000001598 R09: 0000001af86941ff [ 301.892983][ T8828] R10: 00007fc3de7b7cb0 R11: 0000000000000246 R12: 0000000000049735 [ 301.901022][ T8828] R13: 00007ffdf8694000 R14: ffffffffffffffff R15: 00007ffdf8694020 [ 301.909004][ T8828] [ 301.912487][ T8828] Kernel Offset: disabled [ 301.916799][ T8828] Rebooting in 86400 seconds..