last executing test programs: 13.658463512s ago: executing program 0 (id=1202): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000240), &(0x7f00000003c0)=r2}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r7, r4, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c) syz_emit_ethernet(0xde, &(0x7f0000000500)=ANY=[], 0x0) 11.82777842s ago: executing program 0 (id=1207): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="020000000400000008000000010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000e4657007445ceb0739c8efe7e3f0000000000000000"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, 0x0, 0xf00) 9.645249737s ago: executing program 4 (id=1213): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000e4657007445ceb0739c8efe7e3f0000000000000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="44010000100033060000000000000080e0000002000000000000000000000000fe8000000000000000000029000000fd00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000001000004d232000000ac1414aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000500000000000000000000000000000000000000020000000000000002000400000000000000000048000200656362286369706865725f"], 0x144}}, 0x0) r7 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0x0, 0xf00) bpf$MAP_CREATE(0x0, 0x0, 0x48) r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'}) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000900)='./bus\x00', 0x0, &(0x7f0000004080), 0x1, 0x76f, &(0x7f0000002080)="$eJzs3c9rHOUbAPBnNknTpv1+E0HQegoIGijdmBpbBQ8VDyJYKOjZumy2oWaTLdlNaUJARQQvgooHQS89+6PevIk/rvpfeJCWqmmx4kEis5lNN81uk22TrHU/H5j2eWdm886zM/O+7+4MOwH0rNH0n1zE4Yh4P4kYzuYnETFQj/ojTq6td3NluZhOSayuvvxbUl/nxspyMZpekzqYFR6OiO/fiTiS21xvdXFpplAul+az8nht9vx4dXHp6LnZwnRpujR3fGJy8tiJp04c37lc//hp6dDVD154/MuTf7390OX3fkjiZBzKljXnsVNGYzTWUh9I38INnt/pyros6fYGcFfS47Nv7SyPwzEcffUIAPgveyMiVgGAHpPo/wGgxzS+B7ixslxsTN39RmJvXXsuIvav5d+4vrm2pD+7Zre/fh106Eay4cpIEhEjO1D/aER8+vWrn6dT7NJ1SIBW3vwmCza1/8mmexY69cQ21hm9raz9g73zbTr+ebrV+C+3Pv6JFuOfwRbn7t3Y+vzPXdmBatpKx3/PNt3bdrMp/8xIX1b6X33MN5CcPVcupW3b/yNiLAYG0/LEHeoYu/739XbLmsd/v3/4+mdp/en/t9bIXekf3PiaqUKtcC85N7v2VsQj/a3yT9b3f9Jm/Ht6m3W8+My7n7Rbluaf5tuYNue/u1YvRTzWcv/fuqMtueP9ieP1w2G8cVC08NXPHw/F+pm0UfP+T6e0/sZngb2Q7v+hO+c/kjTfr1ntvI4fLw1/127Z1vm3Pv73Ja/U433ZvIuFWm1+ImJf8tLm+cduvbZRbqyf5j/2aD3/A9kqm9q/Vsd/+pnwta0Szzai/+qvX9x9/rsrzX+qo/3feXD55kxfu/q3t/8n69FYNmc77d92N/Be3jsAAAAAAAAAAAAAAAAAAAAAAAAA2K5cRByKJJdfj3O5fH7tGd4PxlCuXKnWjpytLMxNRf1Z2SMxkGv81OVw0++hTmS/h98oH7ut/GREPBARHw0eqJfzxUp5qtvJAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDmYJvn/6d+Gez21gEAu2Z/tzcAANhz+n8A6D2d9v/GCwBw/9OfA0Dv0f8DQO/R/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDLTp86lU6rf64sF9Py1IXFhZnKhaNTpepMfnahmC9W5s/npyuV6XIpX6zMbvX3ypXK+cmYW7g4XitVa+PVxaUzs5WFudqZc7OF6dKZ0sCeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnakuLs0UyuXSvKCj4ED2/v1btkcg2Nmgyw0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH3inwAAAP//CDwgEQ==") mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r8, 0x0) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = open(&(0x7f00000005c0)='./bus\x00', 0x66842, 0x19) pwritev2(r9, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0) 8.464226819s ago: executing program 1 (id=1215): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) 7.628223699s ago: executing program 4 (id=1222): r0 = socket$nl_audit(0x10, 0x3, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000dc0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000200)={0x34, r2, 0x521, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x4}, @NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x5}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0x9}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x20040000) 7.243457941s ago: executing program 4 (id=1225): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d", 0x9e}], 0x2}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0xf, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090080000000fb55090100000000009500000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) 7.041890763s ago: executing program 0 (id=1227): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x40c4) 7.01303806s ago: executing program 4 (id=1228): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mq_open(0x0, 0x0, 0x324, &(0x7f0000000180)={0x7c7, 0x80000000001, 0x0, 0x81}) r5 = add_key$user(&(0x7f00000003c0), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r5, r5, r5}, 0x0, 0x0, 0x0) write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0xc}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x3], [0x0, 0x5, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x100000, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2]}, 0x45c) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$input_event(r6, 0x0, 0x0) ioctl$UI_DEV_CREATE(r0, 0x5501) gettid() readv(r0, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) 6.901010279s ago: executing program 1 (id=1229): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="190000000400000008000000"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c) syz_emit_ethernet(0xde, &(0x7f0000000500)=ANY=[], 0x0) 5.807996979s ago: executing program 5 (id=1231): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/80, 0x50}}], 0x1, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 5.70807113s ago: executing program 0 (id=1232): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) socket$inet6_udp(0xa, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000) 5.695486148s ago: executing program 4 (id=1233): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000240), &(0x7f00000003c0)=r2}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r7, r4, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c) syz_emit_ethernet(0xde, &(0x7f0000000500)=ANY=[], 0x0) 5.553043762s ago: executing program 1 (id=1235): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000e4657007445ceb0739c8efe7e3f0000000000000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="44010000100033060000000000000080e0000002000000000000000000000000fe8000000000000000000029000000fd00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000001000004d232000000ac1414aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000500000000000000000000000000000000000000020000000000000002000400000000000000000048000200656362286369706865725f"], 0x144}}, 0x0) r7 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0x0, 0xf00) bpf$MAP_CREATE(0x0, 0x0, 0x48) r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'}) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000900)='./bus\x00', 0x0, &(0x7f0000004080), 0x1, 0x76f, &(0x7f0000002080)="$eJzs3c9rHOUbAPBnNknTpv1+E0HQegoIGijdmBpbBQ8VDyJYKOjZumy2oWaTLdlNaUJARQQvgooHQS89+6PevIk/rvpfeJCWqmmx4kEis5lNN81uk22TrHU/H5j2eWdm886zM/O+7+4MOwH0rNH0n1zE4Yh4P4kYzuYnETFQj/ojTq6td3NluZhOSayuvvxbUl/nxspyMZpekzqYFR6OiO/fiTiS21xvdXFpplAul+az8nht9vx4dXHp6LnZwnRpujR3fGJy8tiJp04c37lc//hp6dDVD154/MuTf7390OX3fkjiZBzKljXnsVNGYzTWUh9I38INnt/pyros6fYGcFfS47Nv7SyPwzEcffUIAPgveyMiVgGAHpPo/wGgxzS+B7ixslxsTN39RmJvXXsuIvav5d+4vrm2pD+7Zre/fh106Eay4cpIEhEjO1D/aER8+vWrn6dT7NJ1SIBW3vwmCza1/8mmexY69cQ21hm9raz9g73zbTr+ebrV+C+3Pv6JFuOfwRbn7t3Y+vzPXdmBatpKx3/PNt3bdrMp/8xIX1b6X33MN5CcPVcupW3b/yNiLAYG0/LEHeoYu/739XbLmsd/v3/4+mdp/en/t9bIXekf3PiaqUKtcC85N7v2VsQj/a3yT9b3f9Jm/Ht6m3W8+My7n7Rbluaf5tuYNue/u1YvRTzWcv/fuqMtueP9ieP1w2G8cVC08NXPHw/F+pm0UfP+T6e0/sZngb2Q7v+hO+c/kjTfr1ntvI4fLw1/127Z1vm3Pv73Ja/U433ZvIuFWm1+ImJf8tLm+cduvbZRbqyf5j/2aD3/A9kqm9q/Vsd/+pnwta0Szzai/+qvX9x9/rsrzX+qo/3feXD55kxfu/q3t/8n69FYNmc77d92N/Be3jsAAAAAAAAAAAAAAAAAAAAAAAAA2K5cRByKJJdfj3O5fH7tGd4PxlCuXKnWjpytLMxNRf1Z2SMxkGv81OVw0++hTmS/h98oH7ut/GREPBARHw0eqJfzxUp5qtvJAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDmYJvn/6d+Gez21gEAu2Z/tzcAANhz+n8A6D2d9v/GCwBw/9OfA0Dv0f8DQO/R/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDLTp86lU6rf64sF9Py1IXFhZnKhaNTpepMfnahmC9W5s/npyuV6XIpX6zMbvX3ypXK+cmYW7g4XitVa+PVxaUzs5WFudqZc7OF6dKZ0sCeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnakuLs0UyuXSvKCj4ED2/v1btkcg2Nmgyw0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH3inwAAAP//CDwgEQ==") mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r8, 0x0) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = open(&(0x7f00000005c0)='./bus\x00', 0x66842, 0x19) pwritev2(r9, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0) 5.512116441s ago: executing program 2 (id=1236): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x10000000, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 5.511351735s ago: executing program 3 (id=1237): mount(0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x44, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x44}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x2005c013}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000200000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) socket$inet_smc(0x2b, 0x1, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) fsopen(&(0x7f0000000400)='autofs\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 5.443367569s ago: executing program 5 (id=1238): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='sys_exit\x00', r0, 0x0, 0xe}, 0x18) sysfs$3(0x3) 5.302590252s ago: executing program 4 (id=1239): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="020000000400000008000000010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000e4657007445ceb0739c8efe7e3f0000000000000000"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, 0x0, 0xf00) 5.219662404s ago: executing program 3 (id=1240): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d", 0x9e}], 0x2}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0xf, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090080000000fb55090100000000009500000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) 5.218996984s ago: executing program 5 (id=1241): socket(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000080000000a00000000000000", @ANYRES32, @ANYBLOB="070000000028bddd9cc9dac3004c4200"/30, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) unshare(0x6020400) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000200)=[{&(0x7f0000000080)="7cd1f233f5", 0x5}], 0x1, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000015000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0xffffffffffffff5b, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETLINK(r5, 0x400454cd, 0x6) 4.32052583s ago: executing program 2 (id=1242): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, 0x20004, 0x1a001}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast2}, @IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e22}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e24}]}}}]}, 0x4c}}, 0x20004000) 4.067831971s ago: executing program 0 (id=1243): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8) timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) rt_sigprocmask(0x2, &(0x7f0000001140)={[0x8386]}, 0x0, 0x8) 4.01493661s ago: executing program 3 (id=1244): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x40c4) 3.849934236s ago: executing program 1 (id=1245): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mq_open(0x0, 0x0, 0x324, &(0x7f0000000180)={0x7c7, 0x80000000001, 0x0, 0x81}) r5 = add_key$user(&(0x7f00000003c0), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r5, r5, r5}, 0x0, 0x0, 0x0) write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0xc}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x3], [0x0, 0x5, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x100000, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2]}, 0x45c) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$input_event(r6, 0x0, 0x0) ioctl$UI_DEV_CREATE(r0, 0x5501) gettid() readv(r0, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) 3.769284639s ago: executing program 0 (id=1246): socket(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000080000000a00000000000000", @ANYRES32, @ANYBLOB="070000000028bddd9cc9dac3004c4200"/30, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) unshare(0x6020400) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000200)=[{&(0x7f0000000080)="7cd1f233f5", 0x5}], 0x1, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000015000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0xffffffffffffff5b, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETLINK(r5, 0x400454cd, 0x6) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) socket(0x15, 0x5, 0x0) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r7, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 3.768417357s ago: executing program 2 (id=1247): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="190000000400000008000000"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c) syz_emit_ethernet(0xde, &(0x7f0000000500)=ANY=[], 0x0) 3.595938454s ago: executing program 3 (id=1248): syz_open_dev$radio(&(0x7f00000000c0), 0x1, 0x2) io_setup(0x8, &(0x7f0000004200)=0x0) syz_open_procfs(0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb7", @ANYRES32], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000540)="0cc31a4098ddc80dadd3a0aa2bea9050d9f47bcde4cbb8170d3d61aabbdbd869e8a75ab95a3b8e8b960477dbbbbf5cb0fd4a98ea0032d054de676f19c5e1f84def57482d1b3eb94a2a1d3c0a733709610ece6cb54ae7f8c3ed385c3890244d348c9bcfb556ee478845ff23d8a9f2a492531e7c7ce719ef1983bdaf4008386323fc593be590321dbe51aa4ecabebf49ab7edb835efc0f722637337e20cc541399dc617deafa840b68f2b22e5f7c6afb3825871b966ab90a79a4d6d72f29a1e43abdf4d25f6352dfa26c576830c49b18ece887b47c37affa1c3f24fdb0e14151550796aaa09b4669e71d9f4255f63905467b709f7a7185347a078538e4443f0dad324393274e857979db0a9e3894857aacabc2f2ccd9457fda98a520e2b8c83085a206c8aea9dd18a0b66c87b3b61f95fafed84303436c7ae3782f714dc364c10102788b02d3aed05cb29fe974b75e7bf53dfd2554d7b700dcbf24a6fa021732b747a2c7d6d2a649e1ca523f91ba57da29e6e5050da7ec9466884aea64349e0c65b40bd78fe25622a5f854d351fd3282e85e37989b73e1a3b9fe874ad7131850117f285afe15040fd20cd9c861c95b2c1f9844ac1f8b3cd0a7f22269e235866434acb5f4d9d0b64301cd5b4e8c2da68caacd3f7dda0f325120ad99c05a55736067c87cceda7b850758e60ab8829b0dbfdc1ca8322e6716e643e00c2f665781461f08282a0aa366d9927036d685c3a721530dafe21e62906c5710c3214621d6374d9f5eef47eca1e5080e21832e6d639822a3bf99784f7b19e2dfaa7b8ba39dc5212c94585af38e7a50cbf6d619e3f1b8e4c17351203fa037ca4ce7ef32fd8b4387b8583ebd32a0c5aeb05fced1e492670cabc370aba18abe561e2bfcfa6d92c0c3d0419f5f4936772b6a0026a623914f09b04cf5d7c2b3ab010c676e9932f5807240a765b3d92d2bcdd63a91bd0f1c795fe0ecdda5e50ec8fd0a68115986168fb8bb67fa020ed3c416a716fb12d5d918b8522931dcf2bfd0c7bf7d9c56c490", 0x2de, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') setgroups(0x1, &(0x7f0000000080)=[0x0]) read$FUSE(r3, &(0x7f0000003680)={0x2020}, 0x2020) io_submit(r0, 0x1, &(0x7f0000004540)=[0x0]) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="5c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000252d010034001280090001007866726d0000000024000280080001000000000008000200030000e40800010001000000080001000100000008000300", @ANYRES32=r6], 0x5c}, 0x1, 0x0, 0x0, 0x85}, 0x4000000) 3.290176136s ago: executing program 2 (id=1249): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socket$tipc(0x1e, 0x5, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, 0x0) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x11) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r5, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100002, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd041, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef6, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf30, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x1, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x489, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xffff0000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8b7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400}) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) 2.342282343s ago: executing program 1 (id=1250): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x5411, 0x0) 2.260457985s ago: executing program 5 (id=1251): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1a"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x4000800) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 2.230457632s ago: executing program 3 (id=1252): mount(0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x44, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x44}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x2005c013}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000200000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) socket$inet_smc(0x2b, 0x1, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) fsopen(&(0x7f0000000400)='autofs\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 1.000003276s ago: executing program 2 (id=1253): socket$kcm(0x10, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c899}, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) 499.837478ms ago: executing program 1 (id=1254): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000300)='./bus\x00', 0x15d) socket$nl_xfrm(0x10, 0x3, 0x6) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20) 409.126348ms ago: executing program 2 (id=1255): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00'}) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x844) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x21c0, 0xc) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80006) r6 = fanotify_init(0x200, 0x0) fanotify_mark(r6, 0x201, 0x4800003e, r5, 0x0) unlink(&(0x7f00000000c0)='./file0\x00') dup2(r6, r5) mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) 382.859851ms ago: executing program 5 (id=1256): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002f000b12d25a80648c2594f91124fc601000084002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 219.98882ms ago: executing program 5 (id=1257): io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0), 0x0) move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0) socket$pppl2tp(0x18, 0x1, 0x1) ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2) read$msr(r0, &(0x7f0000019680)=""/102384, 0x18ff0) pipe2(0x0, 0x800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tran', @ANYRESHEX, @ANYBLOB=',wfd', @ANYRESHEX, @ANYBLOB]) setuid(0x0) 0s ago: executing program 3 (id=1258): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8) timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) rt_sigprocmask(0x2, &(0x7f0000001140)={[0x8386]}, 0x0, 0x8) kernel console output (not intermixed with test programs): ace not active [ 88.940967][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.948548][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.975374][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.032673][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.040080][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.066546][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.211762][ T5845] hsr_slave_0: entered promiscuous mode [ 89.231946][ T5845] hsr_slave_1: entered promiscuous mode [ 89.238381][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.246530][ T5845] Cannot create hsr debugfs directory [ 89.460982][ T5854] hsr_slave_0: entered promiscuous mode [ 89.477026][ T5854] hsr_slave_1: entered promiscuous mode [ 89.483370][ T5854] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.491768][ T5854] Cannot create hsr debugfs directory [ 89.554081][ T5839] Bluetooth: hci2: command tx timeout [ 89.592256][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.605873][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.619104][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.635217][ T5839] Bluetooth: hci1: command tx timeout [ 89.640719][ T5839] Bluetooth: hci0: command tx timeout [ 89.646527][ T5842] Bluetooth: hci3: command tx timeout [ 89.710124][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.724296][ T54] Bluetooth: hci5: command tx timeout [ 89.724310][ T5839] Bluetooth: hci4: command tx timeout [ 89.892162][ T5841] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 89.905958][ T5841] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 89.918242][ T5841] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 89.952561][ T5841] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 90.060519][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.075333][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.113455][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.124947][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.202110][ T5832] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 90.212892][ T5832] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 90.249294][ T5832] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 90.259882][ T5832] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 90.330889][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.346204][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.360012][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.413298][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.432195][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.454635][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.512095][ T5854] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.527467][ T5854] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.543582][ T5854] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.567257][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.574594][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.592684][ T5854] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.626090][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.633256][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.680996][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.759398][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.837634][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.852056][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.868472][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.916985][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.924172][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.940257][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.947405][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.958172][ T3477] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.965322][ T3477] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.997216][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.004399][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.031532][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.063220][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.105574][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.112775][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.197163][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.204358][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.219638][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.239783][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.276376][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.311094][ T5841] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.359960][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.413126][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.420364][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.477422][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.494490][ T3503] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.501671][ T3503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.515631][ T3503] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.522813][ T3503] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.544999][ T3503] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.552178][ T3503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.634374][ T5839] Bluetooth: hci2: command tx timeout [ 91.644061][ T968] cfg80211: failed to load regulatory.db [ 91.716081][ T5839] Bluetooth: hci0: command tx timeout [ 91.721578][ T5839] Bluetooth: hci3: command tx timeout [ 91.731048][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.735573][ T54] Bluetooth: hci1: command tx timeout [ 91.795334][ T54] Bluetooth: hci4: command tx timeout [ 91.795348][ T5842] Bluetooth: hci5: command tx timeout [ 91.916137][ T5833] veth0_vlan: entered promiscuous mode [ 92.059876][ T5833] veth1_vlan: entered promiscuous mode [ 92.077019][ T5831] veth0_vlan: entered promiscuous mode [ 92.131851][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.170395][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.211131][ T5831] veth1_vlan: entered promiscuous mode [ 92.334487][ T5833] veth0_macvtap: entered promiscuous mode [ 92.378687][ T5831] veth0_macvtap: entered promiscuous mode [ 92.406971][ T5833] veth1_macvtap: entered promiscuous mode [ 92.452722][ T5831] veth1_macvtap: entered promiscuous mode [ 92.522570][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.588795][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.649673][ T5833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.659062][ T5833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.670624][ T5833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.682224][ T5833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.704634][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.727865][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.749532][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.762360][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.780653][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.836164][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.856480][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.872004][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.990238][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.001901][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.011155][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.020297][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.057830][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.072400][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.136792][ T5845] veth0_vlan: entered promiscuous mode [ 93.151426][ T5845] veth1_vlan: entered promiscuous mode [ 93.225479][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.225572][ T5841] veth0_vlan: entered promiscuous mode [ 93.233359][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.260270][ T5832] veth0_vlan: entered promiscuous mode [ 93.282099][ T5854] veth0_vlan: entered promiscuous mode [ 93.302679][ T5854] veth1_vlan: entered promiscuous mode [ 93.319957][ T5841] veth1_vlan: entered promiscuous mode [ 93.411492][ T5845] veth0_macvtap: entered promiscuous mode [ 93.427356][ T5841] veth0_macvtap: entered promiscuous mode [ 93.441235][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.445441][ T5832] veth1_vlan: entered promiscuous mode [ 93.464869][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.478075][ T5845] veth1_macvtap: entered promiscuous mode [ 93.493236][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.510554][ T5841] veth1_macvtap: entered promiscuous mode [ 93.527188][ T5854] veth0_macvtap: entered promiscuous mode [ 93.579195][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.594035][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.616970][ T5854] veth1_macvtap: entered promiscuous mode [ 93.652988][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.668751][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.690184][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.703455][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.713934][ T54] Bluetooth: hci2: command tx timeout [ 93.726056][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.755552][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.767990][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.778446][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.792633][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.802890][ T54] Bluetooth: hci1: command tx timeout [ 93.804016][ T5842] Bluetooth: hci3: command tx timeout [ 93.808434][ T54] Bluetooth: hci0: command tx timeout [ 93.819778][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.830821][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.849343][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.860887][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.874894][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.875748][ T54] Bluetooth: hci4: command tx timeout [ 93.887409][ T5842] Bluetooth: hci5: command tx timeout [ 93.899919][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.910865][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.921034][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.932773][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.950501][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.962940][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.981406][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.010522][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.021502][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.031504][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.042094][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.055081][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.070432][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.103779][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.139882][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.163284][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.192793][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.204863][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.216553][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.232648][ T5854] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.243006][ T5854] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.252169][ T5854] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.282352][ T5854] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.354383][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.375212][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.392422][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.404391][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.420690][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.432715][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.443117][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.457473][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.472789][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.509378][ T5841] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.532819][ T5841] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.552986][ T5841] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.575535][ T5841] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.596712][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.609269][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.618344][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.627604][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.660210][ T5832] veth0_macvtap: entered promiscuous mode [ 94.816809][ T5832] veth1_macvtap: entered promiscuous mode [ 94.905326][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.930676][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.965482][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.983834][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.008832][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.033810][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.047457][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.064612][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.075562][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.086484][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.098440][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.202425][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.230973][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.250526][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.277380][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.302117][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.313568][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.359514][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.391683][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.431563][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.455318][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.467028][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.507388][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.520303][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.772466][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.792165][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.805974][ T5832] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.822969][ T5832] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.834290][ T5832] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.843227][ T5832] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.083845][ T5971] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13'. [ 97.373793][ T5972] loop1: detected capacity change from 0 to 2048 [ 97.480630][ T3582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.546716][ T5972] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.774396][ T3582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.823463][ T29] audit: type=1800 audit(1741060599.516:2): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 98.031208][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.057986][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.108402][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.227619][ T3582] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.264413][ T29] audit: type=1326 audit(1741060599.956:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.272033][ T3582] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.312926][ T29] audit: type=1326 audit(1741060600.006:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.362477][ T5983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15'. [ 98.385167][ T29] audit: type=1326 audit(1741060600.016:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.428486][ T5983] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.435947][ T29] audit: type=1326 audit(1741060600.016:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.436006][ T29] audit: type=1326 audit(1741060600.026:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.436053][ T29] audit: type=1326 audit(1741060600.026:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.436110][ T29] audit: type=1326 audit(1741060600.026:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.436156][ T29] audit: type=1326 audit(1741060600.026:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.461660][ T5983] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.527109][ T29] audit: type=1326 audit(1741060600.076:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 98.628557][ T5983] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.636784][ T5983] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.759223][ T3503] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.768750][ T3503] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.830179][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.877300][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.042959][ T3582] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.098439][ T3582] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.702605][ T6009] loop3: detected capacity change from 0 to 2048 [ 101.250429][ T6020] netlink: 64 bytes leftover after parsing attributes in process `syz.1.23'. [ 101.552102][ T6014] team0 (unregistering): Port device team_slave_0 removed [ 101.586382][ T6014] team0 (unregistering): Port device team_slave_1 removed [ 101.840306][ T6014] syz.3.21 (6014) used greatest stack depth: 19632 bytes left [ 102.013033][ T6036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.30'. [ 102.082956][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.100910][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.171507][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.256767][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.320363][ T6043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'. [ 102.343950][ T6043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'. [ 102.377091][ T6046] loop5: detected capacity change from 0 to 128 [ 102.385425][ T6043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'. [ 102.406305][ T6046] ======================================================= [ 102.406305][ T6046] WARNING: The mand mount option has been deprecated and [ 102.406305][ T6046] and is ignored by this kernel. Remove the mand [ 102.406305][ T6046] option from the mount to silence this warning. [ 102.406305][ T6046] ======================================================= [ 102.454414][ T6046] vfat: Unknown parameter '0xffffffffffffffff' [ 102.793813][ T6056] netlink: 52 bytes leftover after parsing attributes in process `syz.2.39'. [ 102.849720][ T6050] loop1: detected capacity change from 0 to 4096 [ 103.069000][ T29] kauditd_printk_skb: 76 callbacks suppressed [ 103.069025][ T29] audit: type=1326 audit(1741060604.741:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.5.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 103.164943][ T6050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.196916][ T29] audit: type=1326 audit(1741060604.741:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.5.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 103.490946][ T6074] netlink: 40 bytes leftover after parsing attributes in process `syz.3.43'. [ 103.677803][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.679127][ T9] kernel write not supported for file /31/attr/exec (pid: 9 comm: kworker/0:1) [ 105.450724][ T6091] loop1: detected capacity change from 0 to 1024 [ 105.463666][ T6091] EXT4-fs: Ignoring removed nobh option [ 105.469388][ T6091] EXT4-fs: Ignoring removed bh option [ 105.684605][ T6091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.506488][ T6103] loop5: detected capacity change from 0 to 164 [ 107.849088][ T6110] netlink: 12 bytes leftover after parsing attributes in process `syz.4.50'. [ 108.255981][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.383037][ T6114] netlink: 52 bytes leftover after parsing attributes in process `syz.5.52'. [ 108.762246][ T5935] kernel write not supported for file /39/attr/exec (pid: 5935 comm: kworker/1:6) [ 108.861418][ T6122] loop0: detected capacity change from 0 to 4096 [ 109.037802][ T6122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.265371][ T6135] netlink: 12 bytes leftover after parsing attributes in process `syz.5.57'. [ 109.522677][ T6136] loop5: detected capacity change from 0 to 2048 [ 110.020294][ T6136] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.086455][ T29] audit: type=1800 audit(1741060611.298:90): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.57" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 110.270753][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.737391][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.739067][ T29] audit: type=1326 audit(1741060611.906:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 110.875229][ T29] audit: type=1326 audit(1741060611.906:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 110.995962][ T29] audit: type=1326 audit(1741060611.906:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 111.094212][ T29] audit: type=1326 audit(1741060611.906:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 111.351036][ T29] audit: type=1326 audit(1741060611.906:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 111.492835][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.71'. [ 111.621956][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.71'. [ 111.635526][ T6179] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.718492][ T6179] vcan0: entered promiscuous mode [ 111.749715][ T6179] vlan2: entered promiscuous mode [ 111.788482][ T6179] vcan0: left promiscuous mode [ 113.643825][ T6207] loop5: detected capacity change from 0 to 1024 [ 113.662407][ T6207] EXT4-fs: Ignoring removed orlov option [ 113.670615][ T6213] netlink: 52 bytes leftover after parsing attributes in process `syz.2.86'. [ 113.712900][ T6207] EXT4-fs: Ignoring removed nomblk_io_submit option [ 113.771510][ T6207] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.907568][ T6207] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 114.214501][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.406208][ T6228] vcan0: entered promiscuous mode [ 114.431787][ T29] audit: type=1326 audit(1741060615.367:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6229 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 114.476432][ T6228] vlan2: entered promiscuous mode [ 114.482700][ T29] audit: type=1326 audit(1741060615.367:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6229 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 114.511672][ T29] audit: type=1326 audit(1741060615.367:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6229 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 114.547487][ T6228] vcan0: left promiscuous mode [ 114.568747][ T29] audit: type=1326 audit(1741060615.470:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6229 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 114.633272][ T6237] Zero length message leads to an empty skb [ 114.804677][ T6234] loop5: detected capacity change from 0 to 4096 [ 114.919513][ T6234] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.056866][ T6250] netlink: 52 bytes leftover after parsing attributes in process `syz.3.102'. [ 115.158676][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.432273][ T6254] loop1: detected capacity change from 0 to 4096 [ 115.555362][ T6254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.722596][ T6254] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #15: comm syz.1.103: corrupted inode contents [ 115.799515][ T6254] EXT4-fs error (device loop1): ext4_dirty_inode:6042: inode #15: comm syz.1.103: mark_inode_dirty error [ 115.913907][ T6254] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #15: comm syz.1.103: corrupted inode contents [ 115.982795][ T6254] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.103: mark_inode_dirty error [ 116.105646][ T6254] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #15: comm syz.1.103: corrupted inode contents [ 117.127062][ T6254] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.103: mark_inode_dirty error [ 117.170653][ T6254] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #15: comm syz.1.103: corrupted inode contents [ 117.207704][ T6280] netlink: 12 bytes leftover after parsing attributes in process `syz.0.110'. [ 117.740841][ T6254] EXT4-fs error (device loop1): ext4_truncate:4240: inode #15: comm syz.1.103: mark_inode_dirty error [ 117.939854][ T6280] loop0: detected capacity change from 0 to 2048 [ 117.970357][ T6254] EXT4-fs error (device loop1) in ext4_setattr:5569: Corrupt filesystem [ 117.998521][ T6280] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.018816][ T6269] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #15: comm syz.1.103: corrupted inode contents [ 118.043407][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 118.043430][ T29] audit: type=1800 audit(1741060618.744:127): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.110" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 118.122635][ T6254] syz.1.103 (6254) used greatest stack depth: 19312 bytes left [ 118.210883][ T5831] EXT4-fs warning (device loop1): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 118.363332][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.388842][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.898437][ T6305] netlink: 52 bytes leftover after parsing attributes in process `syz.2.118'. [ 119.083820][ T6307] loop1: detected capacity change from 0 to 4096 [ 119.151063][ T6307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.245666][ T6318] capability: warning: `syz.2.124' uses 32-bit capabilities (legacy support in use) [ 119.442002][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.233135][ T6338] netlink: 12 bytes leftover after parsing attributes in process `syz.1.128'. [ 120.389792][ T6338] loop1: detected capacity change from 0 to 2048 [ 121.008186][ T6338] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.062098][ T29] audit: type=1800 audit(1741060621.560:128): pid=6337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.128" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 121.359363][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.497016][ T6350] netlink: 52 bytes leftover after parsing attributes in process `syz.3.136'. [ 121.506274][ T6348] loop0: detected capacity change from 0 to 512 [ 121.598918][ T6348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.670903][ T6348] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.704880][ T6348] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.138: corrupted inode contents [ 121.741264][ T6348] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #2: comm syz.0.138: mark_inode_dirty error [ 121.778566][ T6348] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.138: corrupted inode contents [ 121.849030][ T6348] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #2: comm syz.0.138: mark_inode_dirty error [ 122.005745][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.175276][ T6361] loop5: detected capacity change from 0 to 4096 [ 122.266351][ T6361] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.271525][ T6366] netlink: 8 bytes leftover after parsing attributes in process `è@'. [ 122.301083][ T6366] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 122.312788][ T6366] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 122.324016][ T6369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'. [ 122.460518][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.470080][ T6369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'. [ 122.835107][ T29] audit: type=1326 audit(1741060623.225:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979e58d169 code=0x7ffc0000 [ 122.839260][ T6378] loop4: detected capacity change from 0 to 128 [ 122.926415][ T29] audit: type=1326 audit(1741060623.225:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979e58d169 code=0x7ffc0000 [ 122.967573][ T6378] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 123.015032][ T29] audit: type=1326 audit(1741060623.225:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f979e58d169 code=0x7ffc0000 [ 123.041581][ T6378] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 123.094307][ T29] audit: type=1326 audit(1741060623.225:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f979e58d1a3 code=0x7ffc0000 [ 123.136698][ T6387] netlink: 52 bytes leftover after parsing attributes in process `syz.5.151'. [ 123.158735][ T29] audit: type=1326 audit(1741060623.225:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f979e58bc1f code=0x7ffc0000 [ 123.260380][ T6366] è@ (6366) used greatest stack depth: 18896 bytes left [ 123.286027][ T29] audit: type=1326 audit(1741060623.225:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f979e58d1f7 code=0x7ffc0000 [ 123.329831][ T6378] dccp_xmit_packet: Payload too large (65472) for featneg. [ 123.383148][ T29] audit: type=1326 audit(1741060623.225:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979e58bad0 code=0x7ffc0000 [ 123.474948][ T29] audit: type=1326 audit(1741060623.225:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f979e58cd6b code=0x7ffc0000 [ 123.527867][ T5841] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 123.565556][ T29] audit: type=1326 audit(1741060623.309:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f979e58bdca code=0x7ffc0000 [ 123.592395][ T29] audit: type=1326 audit(1741060623.309:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f979e58bdca code=0x7ffc0000 [ 123.636845][ T6402] vcan0: entered promiscuous mode [ 123.651727][ T6402] vlan2: entered promiscuous mode [ 123.669044][ T6402] vcan0: left promiscuous mode [ 123.725922][ T29] audit: type=1326 audit(1741060623.309:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f979e58b9d7 code=0x7ffc0000 [ 123.809143][ T29] audit: type=1326 audit(1741060623.309:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f979e58e90a code=0x7ffc0000 [ 123.843238][ T29] audit: type=1326 audit(1741060623.552:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979e58bad0 code=0x7ffc0000 [ 124.001434][ T29] audit: type=1326 audit(1741060623.552:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f979e58beb7 code=0x7ffc0000 [ 124.109580][ T29] audit: type=1326 audit(1741060623.552:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979e58bad0 code=0x7ffc0000 [ 124.263894][ T29] audit: type=1326 audit(1741060623.552:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979e58d169 code=0x7ffc0000 [ 124.420155][ T29] audit: type=1326 audit(1741060623.571:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6377 comm="syz.4.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979e58d169 code=0x7ffc0000 [ 124.529282][ T6431] netlink: 52 bytes leftover after parsing attributes in process `syz.4.168'. [ 124.915468][ T6440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.172'. [ 124.927089][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.4.172'. [ 125.677815][ T6444] loop3: detected capacity change from 0 to 4096 [ 125.876404][ T6444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.115681][ T6454] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.248655][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.388408][ T6457] netlink: 4 bytes leftover after parsing attributes in process `syz.5.179'. [ 126.421185][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 126.492083][ T6457] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 126.562848][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.609626][ T6457] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 127.078399][ T6476] netlink: 24 bytes leftover after parsing attributes in process `syz.0.187'. [ 127.128137][ T6476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.187'. [ 128.236149][ T6511] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 128.314569][ T6511] loop5: detected capacity change from 0 to 512 [ 128.377664][ T6511] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 128.465456][ T6516] netlink: 24 bytes leftover after parsing attributes in process `syz.0.204'. [ 128.502192][ T6511] EXT4-fs (loop5): orphan cleanup on readonly fs [ 128.547947][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.204'. [ 128.582449][ T6511] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.202: invalid indirect mapped block 256 (level 2) [ 128.704289][ T6511] EXT4-fs (loop5): 2 truncates cleaned up [ 128.731710][ T6511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.050781][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.887530][ T6546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.212'. [ 130.040811][ T6546] loop0: detected capacity change from 0 to 2048 [ 130.287848][ T6546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.448151][ T29] kauditd_printk_skb: 108 callbacks suppressed [ 130.448210][ T29] audit: type=1800 audit(1741060630.296:254): pid=6546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.212" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 130.898342][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.035705][ T6542] Cannot find del_set index 4 as target [ 131.512268][ T6567] loop0: detected capacity change from 0 to 4096 [ 131.560137][ T6567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.805044][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.141672][ T29] audit: type=1326 audit(1741060632.869:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6599 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 133.306827][ T29] audit: type=1326 audit(1741060632.869:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6599 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 133.348303][ T6602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.234'. [ 133.355908][ T29] audit: type=1326 audit(1741060632.869:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6599 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 133.858362][ T6608] loop0: detected capacity change from 0 to 4096 [ 133.894963][ T6614] loop2: detected capacity change from 0 to 2048 [ 133.945221][ T6608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.060749][ T6614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.179033][ T29] audit: type=1800 audit(1741060633.851:258): pid=6614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.241" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 134.231399][ T6614] IPv6: Can't replace route, no match found [ 134.297549][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.469487][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.574223][ T6630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.245'. [ 134.641221][ T6630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.245'. [ 134.792382][ T6636] netlink: 'syz.2.247': attribute type 9 has an invalid length. [ 134.844262][ T6636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.247'. [ 134.877128][ T6638] loop2: detected capacity change from 0 to 128 [ 134.946410][ T6638] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 134.972671][ T6638] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 135.094311][ T6635] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 135.314794][ T6651] vcan0: entered promiscuous mode [ 135.336418][ T6651] vlan2: entered promiscuous mode [ 135.430080][ T6651] vcan0: left promiscuous mode [ 136.448944][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.263'. [ 136.468457][ T6673] netlink: 8 bytes leftover after parsing attributes in process `syz.2.263'. [ 136.491227][ T6532] Set syz1 is full, maxelem 65536 reached [ 136.876399][ T6691] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.268'. [ 136.921194][ T6692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.271'. [ 136.922295][ T6684] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.268'. [ 136.986813][ T29] audit: type=1326 audit(1741060636.470:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.5.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 137.063582][ T29] audit: type=1326 audit(1741060636.498:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.5.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 137.098504][ T6699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'. [ 137.128239][ T29] audit: type=1326 audit(1741060636.498:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.5.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 137.156186][ T29] audit: type=1326 audit(1741060636.498:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.5.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 137.241097][ T29] audit: type=1326 audit(1741060636.498:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.5.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 137.328360][ T6708] netlink: 'syz.5.277': attribute type 4 has an invalid length. [ 137.708588][ T6730] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 137.720184][ T6725] IPVS: stopping master sync thread 6730 ... [ 137.796482][ T6729] sd 0:0:1:0: device reset [ 138.038360][ T29] audit: type=1326 audit(1741060637.443:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.5.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff3a5184127 code=0x7ffc0000 [ 138.095516][ T29] audit: type=1326 audit(1741060637.443:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.5.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff3a5129359 code=0x7ffc0000 [ 138.122489][ T29] audit: type=1326 audit(1741060637.443:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.5.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff3a5184127 code=0x7ffc0000 [ 138.145679][ T29] audit: type=1326 audit(1741060637.443:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.5.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff3a5129359 code=0x7ffc0000 [ 138.173392][ T29] audit: type=1326 audit(1741060637.443:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.5.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff3a5184127 code=0x7ffc0000 [ 138.226405][ T6739] mmap: syz.5.290 (6739) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 138.281570][ T6748] random: crng reseeded on system resumption [ 139.148679][ T6777] loop3: detected capacity change from 0 to 1764 [ 139.206094][ T6777] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 139.245451][ T6783] pimreg: entered allmulticast mode [ 139.297554][ T6781] syz.4.311 uses obsolete (PF_INET,SOCK_PACKET) [ 139.332813][ T6783] pimreg: left allmulticast mode [ 139.505885][ T6794] __nla_validate_parse: 13 callbacks suppressed [ 139.505913][ T6794] netlink: 4 bytes leftover after parsing attributes in process `syz.3.317'. [ 139.655870][ T6803] loop0: detected capacity change from 0 to 512 [ 139.659847][ T6802] loop5: detected capacity change from 0 to 256 [ 139.686961][ T6803] EXT4-fs: Ignoring removed nobh option [ 139.803581][ T6803] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 139.803707][ T6809] loop3: detected capacity change from 0 to 4096 [ 139.845293][ T6803] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61 [ 139.855639][ T6803] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #13: comm syz.0.319: casefold flag without casefold feature [ 139.873685][ T6809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.899884][ T6803] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.319: couldn't read orphan inode 13 (err -117) [ 140.024503][ T6803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.091994][ T6803] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 140.133035][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.178348][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 140.185415][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.253037][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.497516][ T6835] process 'syz.1.335' launched './file1' with NULL argv: empty string added [ 140.530146][ T6837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.336'. [ 141.039921][ T6852] loop3: detected capacity change from 0 to 4096 [ 141.115731][ T6852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.219666][ T6864] netlink: 36 bytes leftover after parsing attributes in process `syz.5.347'. [ 141.233199][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.366651][ T6873] loop5: detected capacity change from 0 to 2048 [ 141.448617][ T6873] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.467806][ T6877] loop3: detected capacity change from 0 to 512 [ 141.536855][ T6877] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.352: bg 0: block 35: padding at end of block bitmap is not set [ 141.556568][ T6877] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 141.580193][ T6877] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.352: invalid indirect mapped block 4294967295 (level 1) [ 141.613345][ T6877] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.352: invalid indirect mapped block 4294967295 (level 2) [ 141.671811][ T6877] EXT4-fs (loop3): 1 truncate cleaned up [ 141.688342][ T6877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.723780][ T6871] vcan0: entered promiscuous mode [ 141.747758][ T6871] vlan2: entered promiscuous mode [ 141.760170][ T6871] vcan0: left promiscuous mode [ 141.817139][ T6896] IPVS: stopping master sync thread 6897 ... [ 141.823329][ T6897] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 141.979884][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.114035][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.356'. [ 142.183421][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.356'. [ 142.216931][ T6905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.359'. [ 143.374499][ T6914] loop3: detected capacity change from 0 to 128 [ 143.494905][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.654803][ T6930] vcan0: entered promiscuous mode [ 143.704855][ T6930] vlan2: entered promiscuous mode [ 143.711063][ T6933] syz.3.364: attempt to access beyond end of device [ 143.711063][ T6933] loop3: rw=2049, sector=145, nr_sectors = 280 limit=128 [ 143.742022][ T6930] vcan0: left promiscuous mode [ 144.078705][ T6935] IPv6: Can't replace route, no match found [ 144.369917][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.1.379'. [ 146.321273][ T6986] vcan0: entered promiscuous mode [ 146.365923][ T6986] vlan2: entered promiscuous mode [ 146.378100][ T6986] vcan0: left promiscuous mode [ 146.476538][ T6998] netlink: 4 bytes leftover after parsing attributes in process `syz.5.393'. [ 146.544132][ T6991] loop3: detected capacity change from 0 to 4096 [ 146.693524][ T6991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.938366][ T29] kauditd_printk_skb: 71 callbacks suppressed [ 146.938387][ T29] audit: type=1326 audit(1741060645.777:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.007927][ T29] audit: type=1326 audit(1741060645.805:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.045543][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.064423][ T29] audit: type=1326 audit(1741060645.805:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.090348][ T29] audit: type=1326 audit(1741060645.805:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.113100][ T29] audit: type=1326 audit(1741060645.805:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.125394][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.5.399'. [ 147.137764][ T29] audit: type=1326 audit(1741060645.871:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.172372][ T7014] ªªªªª»: renamed from hsr0 (while UP) [ 147.234796][ T7020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.403'. [ 147.393240][ T29] audit: type=1326 audit(1741060646.208:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.497138][ T29] audit: type=1326 audit(1741060646.208:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.5.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 147.653684][ T7032] ipvlan2: entered promiscuous mode [ 147.712217][ T7032] ipvlan2: entered allmulticast mode [ 147.765128][ T7042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.411'. [ 147.765574][ T7032] bridge0: entered allmulticast mode [ 147.802392][ T7038] bond_slave_1: entered promiscuous mode [ 147.841257][ T29] audit: type=1326 audit(1741060646.600:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7040 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 147.880337][ T7038] bond_slave_1: left promiscuous mode [ 147.905440][ T29] audit: type=1326 audit(1741060646.600:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7040 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 148.044960][ T7042] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 148.052943][ T7042] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.073811][ T7042] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.083199][ T7042] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.216885][ T7059] loop1: detected capacity change from 0 to 4096 [ 149.279965][ T7059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.354970][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.3.416'. [ 149.383466][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.3.416'. [ 149.472592][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.642144][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.420'. [ 149.958305][ T7084] netlink: 'syz.5.424': attribute type 9 has an invalid length. [ 150.000689][ T7084] netlink: 8 bytes leftover after parsing attributes in process `syz.5.424'. [ 150.016701][ T7093] loop5: detected capacity change from 0 to 128 [ 150.115534][ T7093] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 150.144114][ T7093] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 150.161197][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 150.171707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 150.440336][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 150.768977][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 150.914497][ T7083] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 151.200969][ T7113] netlink: 160 bytes leftover after parsing attributes in process `syz.0.434'. [ 151.254121][ T7113] syz.0.434 (7113): /proc/7109/oom_adj is deprecated, please use /proc/7109/oom_score_adj instead. [ 151.626570][ T5897] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 152.652052][ T29] kauditd_printk_skb: 49 callbacks suppressed [ 152.652077][ T29] audit: type=1326 audit(1741060651.118:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 152.714402][ T5897] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 152.756093][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 152.850814][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 152.908616][ T29] audit: type=1326 audit(1741060651.118:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 152.934488][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 153.001096][ T7139] Bluetooth: MGMT ver 1.23 [ 153.011869][ T29] audit: type=1326 audit(1741060651.118:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 153.047513][ T5897] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 153.089498][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.121840][ T5897] usb 1-1: Product: syz [ 153.125187][ T29] audit: type=1326 audit(1741060651.118:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5cc538f087 code=0x7ffc0000 [ 153.150782][ T5897] usb 1-1: Manufacturer: syz [ 153.170203][ T5897] usb 1-1: SerialNumber: syz [ 153.225317][ T5897] usb 1-1: config 0 descriptor?? [ 153.250547][ T29] audit: type=1326 audit(1741060651.118:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5cc538effc code=0x7ffc0000 [ 153.277637][ T5897] garmin_gps 1-1:0.0: Garmin GPS usb/tty converter detected [ 153.334695][ T5897] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8 [ 153.380933][ T29] audit: type=1326 audit(1741060651.118:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5cc538ef34 code=0x7ffc0000 [ 153.421966][ T5897] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8 [ 153.486067][ T29] audit: type=1326 audit(1741060651.118:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5cc538ef34 code=0x7ffc0000 [ 153.535950][ T5897] usb 1-1: USB disconnect, device number 2 [ 153.581040][ T5897] garmin_gps 1-1:0.0: device disconnected [ 153.607577][ T29] audit: type=1326 audit(1741060651.118:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5cc538bdca code=0x7ffc0000 [ 153.667364][ T29] audit: type=1326 audit(1741060651.118:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 153.711910][ T7159] netlink: 'syz.2.451': attribute type 9 has an invalid length. [ 153.719617][ T7159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.451'. [ 153.767270][ T29] audit: type=1326 audit(1741060651.221:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7128 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 153.868167][ T7166] netlink: 4 bytes leftover after parsing attributes in process `syz.5.454'. [ 153.873191][ T7167] usb usb8: usbfs: process 7167 (syz.3.455) did not claim interface 0 before use [ 154.149077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 154.205184][ T7173] warning: `syz.3.457' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 154.624414][ T7190] netlink: 20 bytes leftover after parsing attributes in process `syz.2.465'. [ 154.661150][ T7191] netlink: 4 bytes leftover after parsing attributes in process `syz.5.466'. [ 155.626167][ T5842] Bluetooth: hci0: command tx timeout [ 155.896781][ T7211] capability: warning: `syz.5.474' uses deprecated v2 capabilities in a way that may be insecure [ 156.129201][ T7215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.472'. [ 156.171943][ T7215] Cannot find add_set index 0 as target [ 157.337193][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 157.556547][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 157.556739][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 157.612662][ T7225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.481'. [ 158.019780][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 158.094152][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 158.094177][ T29] audit: type=1326 audit(1741060656.198:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 158.183627][ T29] audit: type=1326 audit(1741060656.198:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cc538d169 code=0x7ffc0000 [ 158.948165][ T7250] netlink: 12 bytes leftover after parsing attributes in process `syz.1.484'. [ 158.984471][ T7250] loop1: detected capacity change from 0 to 2048 [ 159.339127][ T7250] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.909438][ T29] audit: type=1800 audit(1741060657.909:466): pid=7250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.484" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 160.042562][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.498523][ T7273] netlink: 36 bytes leftover after parsing attributes in process `syz.0.495'. [ 160.574393][ T7274] xt_CT: You must specify a L4 protocol and not use inversions on it [ 160.651765][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 160.785345][ T7276] loop0: detected capacity change from 0 to 2048 [ 160.808416][ T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 160.971349][ T7276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.166301][ T9] usb 2-1: too many configurations: 29, using maximum allowed: 8 [ 161.198859][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.224743][ T9] usb 2-1: config 0 has no interface number 0 [ 161.255759][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 161.322867][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 161.400038][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.408447][ T9] usb 2-1: config 0 has no interface number 0 [ 161.425532][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 161.461520][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 161.515154][ T29] audit: type=1800 audit(1741060659.406:467): pid=7273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.495" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 161.546296][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.578433][ T9] usb 2-1: config 0 has no interface number 0 [ 161.584716][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 161.648475][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 161.701976][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.717142][ T9] usb 2-1: config 0 has no interface number 0 [ 161.731299][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 161.764972][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 161.795033][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.806339][ T9] usb 2-1: config 0 has no interface number 0 [ 161.847954][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 161.867949][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 161.897318][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.965053][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 161.973350][ T9] usb 2-1: config 0 has no interface number 0 [ 161.991439][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 162.052260][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 162.072314][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 162.091051][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.500'. [ 162.104741][ T9] usb 2-1: config 0 has no interface number 0 [ 162.110897][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 162.122266][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 162.182545][ T9] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 162.201009][ T9] usb 2-1: config 0 has no interface number 0 [ 162.214927][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 162.252119][ T9] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 162.326540][ T9] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 162.346636][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.371044][ T9] usb 2-1: Product: syz [ 162.376278][ T9] usb 2-1: Manufacturer: syz [ 162.399349][ T9] usb 2-1: SerialNumber: syz [ 162.414517][ T9] usb 2-1: config 0 descriptor?? [ 162.426817][ T7277] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 162.731621][ T7310] netlink: 12 bytes leftover after parsing attributes in process `syz.0.505'. [ 162.891983][ T7310] loop0: detected capacity change from 0 to 2048 [ 163.024747][ T7310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.178042][ T9] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0 [ 163.425895][ T29] audit: type=1800 audit(1741060661.193:468): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.505" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 163.535346][ T25] usb 2-1: USB disconnect, device number 2 [ 163.558808][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.559705][ T25] yurex 2-1:0.50: USB YUREX #0 now disconnected [ 163.924291][ T7326] netlink: 36 bytes leftover after parsing attributes in process `syz.0.513'. [ 164.045336][ T7326] loop0: detected capacity change from 0 to 2048 [ 165.039099][ T7326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.217965][ T29] audit: type=1800 audit(1741060663.793:469): pid=7326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.513" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 166.332612][ T7348] netlink: 40 bytes leftover after parsing attributes in process `syz.2.518'. [ 166.456049][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.483528][ T7348] netlink: 4 bytes leftover after parsing attributes in process `syz.2.518'. [ 169.434781][ T29] audit: type=1326 audit(1741060666.814:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.499354][ T7388] netlink: 36 bytes leftover after parsing attributes in process `syz.1.533'. [ 169.511665][ T7389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.531'. [ 169.532944][ T7389] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.540410][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.572883][ T29] audit: type=1326 audit(1741060666.842:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.609519][ T7388] loop1: detected capacity change from 0 to 2048 [ 169.618965][ T7389] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.632188][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.642812][ T7372] kexec: Could not allocate control_code_buffer [ 169.650195][ T29] audit: type=1326 audit(1741060666.842:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.682273][ T29] audit: type=1326 audit(1741060666.842:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.704835][ T29] audit: type=1326 audit(1741060666.842:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.710493][ T7388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.728238][ T29] audit: type=1326 audit(1741060666.842:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.775426][ T29] audit: type=1326 audit(1741060666.842:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.811102][ T29] audit: type=1326 audit(1741060666.842:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 169.907721][ T29] audit: type=1326 audit(1741060666.871:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.0.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 170.207054][ T7406] netlink: 40 bytes leftover after parsing attributes in process `syz.2.537'. [ 170.241002][ T7406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.537'. [ 170.975250][ T7410] syz_tun: entered promiscuous mode [ 170.984543][ T7410] vlan2: entered promiscuous mode [ 171.005646][ T7410] syz_tun: left promiscuous mode [ 171.196977][ T7227] Set syz1 is full, maxelem 65536 reached [ 171.241095][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.711086][ T7431] netlink: 12 bytes leftover after parsing attributes in process `syz.5.545'. [ 172.547611][ T7426] xt_CT: No such helper "pptp" [ 173.419550][ T7455] syz_tun: entered promiscuous mode [ 173.425339][ T7455] vlan2: entered promiscuous mode [ 173.443408][ T7455] syz_tun: left promiscuous mode [ 174.590258][ T968] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 174.792302][ T968] usb 4-1: Using ep0 maxpacket: 16 [ 175.053838][ T968] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 175.077237][ T968] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25 [ 175.094008][ T968] usb 4-1: New USB device strings: Mfr=0, Product=251, SerialNumber=3 [ 175.114152][ T968] usb 4-1: Product: syz [ 175.118489][ T968] usb 4-1: SerialNumber: syz [ 175.187779][ T7480] netlink: 12 bytes leftover after parsing attributes in process `syz.5.565'. [ 176.058591][ T968] usb 4-1: config 0 descriptor?? [ 176.137387][ T7481] xt_CT: No such helper "pptp" [ 176.729552][ T5883] usb 4-1: USB disconnect, device number 2 [ 177.462679][ T7521] netlink: 12 bytes leftover after parsing attributes in process `syz.5.580'. [ 178.278812][ T7519] omfs: Invalid superblock (0) [ 179.198484][ T7528] xt_CT: No such helper "pptp" [ 182.442776][ T7573] netlink: 104 bytes leftover after parsing attributes in process `syz.5.600'. [ 183.619991][ T7588] ntfs3(nullb0): Primary boot signature is not NTFS. [ 183.631043][ T7588] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 187.694639][ T7460] Set syz1 is full, maxelem 65536 reached [ 187.707376][ T7577] Cannot find add_set index 0 as target [ 189.047374][ T7642] batadv_slave_0: entered promiscuous mode [ 189.085703][ T7642] batadv_slave_0: entered allmulticast mode [ 193.050704][ T7689] netlink: 20 bytes leftover after parsing attributes in process `syz.4.639'. [ 193.495751][ T7692] xt_CT: No such helper "pptp" [ 194.725646][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 194.725668][ T29] audit: type=1326 audit(1741060690.461:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.3.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 194.951402][ T7728] netlink: 36 bytes leftover after parsing attributes in process `syz.3.654'. [ 198.404333][ T7748] netlink: 'syz.2.659': attribute type 9 has an invalid length. [ 198.427723][ T7748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.659'. [ 198.502774][ T7752] : renamed from bond0 (while UP) [ 199.628554][ T7768] netlink: 16 bytes leftover after parsing attributes in process `syz.3.668'. [ 199.854984][ T7775] netlink: 36 bytes leftover after parsing attributes in process `syz.4.670'. [ 200.246606][ T7784] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 201.149694][ T1157] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 201.158529][ T5900] IPVS: starting estimator thread 0... [ 201.358599][ T7790] IPVS: using max 21 ests per chain, 50400 per kthread [ 201.577095][ T1157] usb 5-1: config 0 has an invalid interface number: 106 but max is 0 [ 201.871205][ T1157] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.274732][ T1157] usb 5-1: config 0 has no interface number 0 [ 202.287121][ T1157] usb 5-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 216 [ 202.301413][ T7799] 9pnet_fd: Insufficient options for proto=fd [ 202.360482][ T1157] usb 5-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 202.432341][ T1157] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb [ 202.483613][ T1157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.510294][ T1157] usb 5-1: config 0 descriptor?? [ 202.519199][ T7789] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 202.550396][ T1157] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 202.808001][ T7811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.856382][ T7811] bond0: (slave rose0): Enslaving as an active interface with an up link [ 202.873222][ T6099] usb 5-1: Failed to submit usb control message: -71 [ 202.874151][ T25] usb 5-1: USB disconnect, device number 2 [ 202.894780][ T7816] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 202.909843][ T6099] usb 5-1: unable to send the bmi data to the device: -71 [ 202.925804][ T6099] usb 5-1: unable to get target info from device [ 202.944688][ T6099] usb 5-1: could not get target info (-71) [ 202.950949][ T6099] usb 5-1: could not probe fw (-71) [ 203.150009][ T7827] netlink: 16 bytes leftover after parsing attributes in process `syz.3.685'. [ 203.673041][ T7851] 9pnet_fd: Insufficient options for proto=fd [ 204.102229][ T7867] netlink: 'syz.5.698': attribute type 9 has an invalid length. [ 204.123734][ T7671] Set syz1 is full, maxelem 65536 reached [ 204.127272][ T7867] netlink: 8 bytes leftover after parsing attributes in process `syz.5.698'. [ 204.163505][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.697'. [ 204.784198][ T7896] 9pnet_fd: Insufficient options for proto=fd [ 205.852924][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.859550][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.195936][ T7912] netlink: 16 bytes leftover after parsing attributes in process `syz.1.713'. [ 206.294091][ T7920] netlink: 'syz.3.715': attribute type 9 has an invalid length. [ 206.302162][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.3.715'. [ 206.476319][ T7922] loop3: detected capacity change from 0 to 128 [ 206.597710][ T7922] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 206.642798][ T7922] ext4 filesystem being mounted at /114/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 206.792250][ T7919] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 207.390926][ T7957] 9pnet_fd: Insufficient options for proto=fd [ 207.649795][ T1157] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 208.115486][ T1157] usb 2-1: Using ep0 maxpacket: 16 [ 208.194313][ T1157] usb 2-1: config index 0 descriptor too short (expected 69, got 36) [ 208.241936][ T1157] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 208.343646][ T1157] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 208.384709][ T1157] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.438207][ T1157] usb 2-1: Product: syz [ 208.442415][ T1157] usb 2-1: Manufacturer: syz [ 208.486699][ T1157] usb 2-1: SerialNumber: syz [ 208.559983][ T1157] usb 2-1: config 0 descriptor?? [ 208.635380][ T1157] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 208.654399][ T7971] netlink: 'syz.2.729': attribute type 1 has an invalid length. [ 208.946549][ T7971] 8021q: adding VLAN 0 to HW filter on device bond1 [ 209.118103][ T7977] bond1: (slave gretap1): making interface the new active one [ 209.125939][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 209.140066][ T7977] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 209.289453][ T7977] syz.2.729 (7977) used greatest stack depth: 16496 bytes left [ 209.405074][ T25] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 209.565211][ T25] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 209.580519][ T25] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 209.593479][ T1157] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71 [ 209.600341][ T1157] gspca_pac7302 2-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 209.629061][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.668115][ T7987] netlink: 'syz.2.734': attribute type 9 has an invalid length. [ 209.698786][ T1157] usb 2-1: USB disconnect, device number 3 [ 209.705356][ T7987] netlink: 8 bytes leftover after parsing attributes in process `syz.2.734'. [ 209.726235][ T7979] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 209.754440][ T25] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 209.972344][ T1157] usb 5-1: USB disconnect, device number 3 [ 211.845631][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.744'. [ 211.871268][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.744'. [ 211.940850][ T8012] netlink: 36 bytes leftover after parsing attributes in process `syz.1.742'. [ 211.995649][ T8012] netlink: 12 bytes leftover after parsing attributes in process `syz.1.742'. [ 212.148186][ T8022] netlink: 104 bytes leftover after parsing attributes in process `syz.4.748'. [ 214.392171][ T8049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.760'. [ 214.478254][ T8049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.760'. [ 214.627877][ T8057] netlink: 36 bytes leftover after parsing attributes in process `syz.4.763'. [ 214.691388][ T8057] netlink: 12 bytes leftover after parsing attributes in process `syz.4.763'. [ 216.036632][ T29] audit: type=1326 audit(1741060710.404:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 216.270671][ T29] audit: type=1326 audit(1741060710.404:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 216.804503][ T29] audit: type=1326 audit(1741060710.432:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 217.090816][ T29] audit: type=1326 audit(1741060710.432:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 217.134651][ T29] audit: type=1326 audit(1741060710.432:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 217.157228][ T29] audit: type=1326 audit(1741060710.432:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 217.216447][ T29] audit: type=1326 audit(1741060710.432:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3a518f087 code=0x7ffc0000 [ 217.419306][ T8089] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 217.553674][ T8089] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 217.635862][ T29] audit: type=1326 audit(1741060710.432:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff3a518effc code=0x7ffc0000 [ 217.678136][ T8093] overlayfs: failed to resolve './file0': -2 [ 217.740616][ T29] audit: type=1326 audit(1741060710.432:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff3a518ef34 code=0x7ffc0000 [ 217.853825][ T29] audit: type=1326 audit(1741060710.432:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8079 comm="syz.5.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff3a518ef34 code=0x7ffc0000 [ 218.007162][ T8103] __nla_validate_parse: 1 callbacks suppressed [ 218.007185][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.5.776'. [ 218.251829][ T8108] netlink: 12 bytes leftover after parsing attributes in process `syz.4.780'. [ 218.280208][ T8108] netlink: 12 bytes leftover after parsing attributes in process `syz.4.780'. [ 218.343175][ T8110] netlink: 104 bytes leftover after parsing attributes in process `syz.2.781'. [ 219.642109][ T5843] Bluetooth: hci2: command 0x0406 tx timeout [ 219.778681][ T5852] Bluetooth: hci1: command 0x0406 tx timeout [ 219.784830][ T5852] Bluetooth: hci4: command 0x0406 tx timeout [ 219.792121][ T5852] Bluetooth: hci0: command 0x0406 tx timeout [ 219.798178][ T5852] Bluetooth: hci5: command 0x0406 tx timeout [ 219.804469][ T5852] Bluetooth: hci3: command 0x0406 tx timeout [ 220.448458][ T8127] xt_CT: No such helper "pptp" [ 221.284150][ T8156] netlink: 40 bytes leftover after parsing attributes in process `syz.5.790'. [ 222.258835][ T8166] netlink: 12 bytes leftover after parsing attributes in process `syz.1.796'. [ 222.515502][ T8166] netlink: 12 bytes leftover after parsing attributes in process `syz.1.796'. [ 223.388310][ T8178] 9pnet: Could not find request transport: dma [ 223.615770][ T8187] netlink: 4 bytes leftover after parsing attributes in process `syz.5.798'. [ 225.546435][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.815'. [ 225.605298][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.815'. [ 226.254445][ T5939] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 226.825099][ T5939] usb 2-1: config 0 has an invalid interface number: 106 but max is 0 [ 227.312670][ T5939] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 227.369018][ T5939] usb 2-1: config 0 has no interface number 0 [ 227.407521][ T5939] usb 2-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 216 [ 227.472288][ T8254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.826'. [ 227.484027][ T5939] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 227.532818][ T5939] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb [ 227.551210][ T5939] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.592855][ T5939] usb 2-1: config 0 descriptor?? [ 227.602341][ T8233] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 227.655752][ T5939] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 227.856479][ T1131] usb 2-1: Failed to submit usb control message: -71 [ 227.857690][ T5897] usb 2-1: USB disconnect, device number 4 [ 227.880977][ T1131] usb 2-1: unable to send the bmi data to the device: -71 [ 227.902386][ T1131] usb 2-1: unable to get target info from device [ 227.923999][ T1131] usb 2-1: could not get target info (-71) [ 227.942614][ T1131] usb 2-1: could not probe fw (-71) [ 229.087089][ T8287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.834'. [ 230.664682][ T8311] veth1_to_bond: entered allmulticast mode [ 230.698489][ T8311] veth1_to_bond: left allmulticast mode [ 230.836651][ T8315] xt_CT: No such helper "pptp" [ 231.890843][ T5900] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 232.116642][ T5900] usb 2-1: config 0 has an invalid interface number: 106 but max is 0 [ 232.125202][ T5900] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 232.135689][ T5900] usb 2-1: config 0 has no interface number 0 [ 232.575920][ T5900] usb 2-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 216 [ 232.586817][ T5900] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 232.601724][ T5900] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb [ 232.611036][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.621505][ T5900] usb 2-1: config 0 descriptor?? [ 232.630143][ T8318] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 232.699551][ T5900] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 232.948274][ T5900] usb 2-1: USB disconnect, device number 5 [ 232.954672][ T1131] usb 2-1: Failed to submit usb control message: -71 [ 232.968188][ T1131] usb 2-1: unable to send the bmi data to the device: -71 [ 232.980253][ T1131] usb 2-1: unable to get target info from device [ 233.006422][ T1131] usb 2-1: could not get target info (-71) [ 233.018422][ T1131] usb 2-1: could not probe fw (-71) [ 235.304490][ T8366] xt_CT: No such helper "pptp" [ 235.738036][ T8379] netlink: 8 bytes leftover after parsing attributes in process `syz.0.865'. [ 238.568262][ T8401] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 238.753705][ T8401] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 238.768444][ T8401] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 239.771018][ T8401] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 240.667759][ T8422] netlink: 8 bytes leftover after parsing attributes in process `syz.3.881'. [ 241.320163][ T8419] Can't find ip_set type hash [ 243.617419][ T8448] netlink: 'syz.2.891': attribute type 4 has an invalid length. [ 243.943483][ T8454] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.889'. [ 243.953302][ T8454] netlink: zone id is out of range [ 243.958581][ T8454] netlink: zone id is out of range [ 243.964044][ T8454] netlink: get zone limit has 8 unknown bytes [ 244.998531][ T8455] program syz.4.893 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 245.008843][ T8455] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 246.734284][ T8478] input: syz0 as /devices/virtual/input/input5 [ 247.593932][ T8488] netlink: 132 bytes leftover after parsing attributes in process `syz.4.901'. [ 248.439888][ T8486] xt_CT: No such helper "pptp" [ 248.468750][ T8491] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 248.807077][ T8499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.908'. [ 252.876038][ T8533] dccp_close: ABORT with 180 bytes unread [ 253.399472][ T8539] xt_CT: No such helper "pptp" [ 253.939447][ T8556] netlink: 8 bytes leftover after parsing attributes in process `syz.3.925'. [ 254.126792][ T8565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.928'. [ 257.431574][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.941'. [ 259.697774][ T8632] pimreg: entered allmulticast mode [ 259.712239][ T8632] pimreg: left allmulticast mode [ 260.659448][ T5834] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 260.682734][ T8643] netlink: 'syz.4.952': attribute type 1 has an invalid length. [ 260.992823][ T5834] usb 1-1: unable to get BOS descriptor or descriptor too short [ 261.449276][ T5834] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 261.546947][ T5834] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 261.626581][ T8654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.955'. [ 261.632163][ T5834] usb 1-1: config 1 interface 0 has no altsetting 1 [ 261.658274][ T5834] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 261.706873][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.747254][ T5834] usb 1-1: Product: syz [ 261.788472][ T5834] usb 1-1: Manufacturer: syz [ 261.835452][ T5834] usb 1-1: SerialNumber: syz [ 261.922597][ T5834] smsusb:smsusb_probe: board id=8, interface number 0 [ 262.956924][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 262.956947][ T29] audit: type=1326 audit(1741060754.293:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8669 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 263.075381][ T5834] smsusb:smsusb_probe: Device initialized with return code -19 [ 263.150194][ T29] audit: type=1326 audit(1741060754.293:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8669 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77cc38d169 code=0x7ffc0000 [ 263.285939][ T5834] usb 1-1: USB disconnect, device number 3 [ 265.646964][ T8700] netlink: 104 bytes leftover after parsing attributes in process `syz.0.974'. [ 265.972566][ T29] audit: type=1326 audit(1741060757.118:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.0.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 266.214430][ T29] audit: type=1326 audit(1741060757.118:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.0.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2d3b8d169 code=0x7ffc0000 [ 268.407864][ T8736] netlink: 'syz.0.985': attribute type 32 has an invalid length. [ 268.474245][ T8737] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (9) [ 269.492967][ T8750] netlink: 104 bytes leftover after parsing attributes in process `syz.2.991'. [ 271.790494][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 271.796891][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 273.496315][ T8783] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 275.431897][ T8796] loop4: detected capacity change from 0 to 2048 [ 275.611630][ T8796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.039963][ T29] audit: type=1800 audit(1741060766.537:555): pid=8796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1006" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 278.549629][ T8805] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 278.683803][ T8825] netlink: 'syz.0.1015': attribute type 10 has an invalid length. [ 278.970458][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.068565][ T5883] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 279.132678][ T968] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 279.226742][ T8835] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 279.293651][ T5883] usb 2-1: config 0 has an invalid interface number: 223 but max is 0 [ 279.409241][ T5883] usb 2-1: config 0 has no interface number 0 [ 279.566412][ T5883] usb 2-1: New USB device found, idVendor=17cc, idProduct=4712, bcdDevice=63.f3 [ 279.912163][ T5883] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.968849][ T5883] usb 2-1: config 0 descriptor?? [ 279.998603][ T968] usb 1-1: Using ep0 maxpacket: 16 [ 280.008103][ T5883] snd-usb-caiaq 2-1:0.223: can't set alt interface. [ 280.021773][ T968] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 280.047047][ T5883] usb 2-1: unable to init card! (ret=-5) [ 280.059846][ T968] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 280.064544][ T5883] snd-usb-caiaq 2-1:0.223: probe with driver snd-usb-caiaq failed with error -5 [ 280.100390][ T968] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 280.141946][ T968] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 280.175873][ T968] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.214251][ T968] usb 1-1: config 0 descriptor?? [ 280.227415][ T5939] usb 2-1: USB disconnect, device number 6 [ 280.665452][ T968] kovaplus 0003:1E7D:2D50.0001: item fetching failed at offset 0/3 [ 280.704933][ T968] kovaplus 0003:1E7D:2D50.0001: parse failed [ 280.737993][ T968] kovaplus 0003:1E7D:2D50.0001: probe with driver kovaplus failed with error -22 [ 280.838564][ T8855] loop4: detected capacity change from 0 to 2048 [ 281.133287][ T8864] netlink: 'syz.0.1015': attribute type 10 has an invalid length. [ 281.955014][ T8864] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1015'. [ 282.347299][ T8855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.473397][ T1157] usb 1-1: USB disconnect, device number 4 [ 282.612709][ T8870] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 282.697798][ T29] audit: type=1800 audit(1741060772.767:556): pid=8855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1028" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 284.101565][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.515891][ T8912] netlink: 'syz.4.1037': attribute type 12 has an invalid length. [ 287.012061][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.258220][ T968] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.715455][ T8957] netlink: 'syz.4.1057': attribute type 12 has an invalid length. [ 287.770802][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 288.458697][ T8980] netlink: 'syz.3.1066': attribute type 1 has an invalid length. [ 288.557473][ T8981] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1062'. [ 289.351224][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 289.416092][ T8985] loop0: detected capacity change from 0 to 2048 [ 289.509013][ T968] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 289.581254][ T8985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.613143][ T8994] netlink: 'syz.4.1070': attribute type 12 has an invalid length. [ 289.693953][ T9000] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1073'. [ 289.705457][ T968] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 289.716035][ T968] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 289.725322][ T968] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.740788][ T968] usb 2-1: config 0 descriptor?? [ 289.764830][ T968] pwc: Askey VC010 type 2 USB webcam detected. [ 289.896521][ T29] audit: type=1800 audit(1741060779.493:557): pid=8985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1067" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 290.083445][ T3582] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.099357][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.234930][ T968] pwc: recv_control_msg error -32 req 02 val 2b00 [ 290.652013][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.664370][ T968] pwc: recv_control_msg error -32 req 02 val 2700 [ 290.787886][ T9014] overlay: ./file0 is not a directory [ 291.080977][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.121421][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.151227][ T968] pwc: recv_control_msg error -32 req 02 val 2c00 [ 291.173364][ T968] pwc: recv_control_msg error -32 req 04 val 1000 [ 291.213458][ T968] pwc: recv_control_msg error -32 req 04 val 1300 [ 291.235950][ T968] pwc: recv_control_msg error -32 req 04 val 1400 [ 291.360304][ T968] pwc: recv_control_msg error -32 req 02 val 2000 [ 291.372497][ T968] pwc: recv_control_msg error -32 req 02 val 2100 [ 291.407309][ T968] pwc: recv_control_msg error -32 req 04 val 1500 [ 291.486494][ T968] pwc: recv_control_msg error -32 req 02 val 2500 [ 291.720632][ T968] pwc: recv_control_msg error -71 req 02 val 2600 [ 291.784054][ T968] pwc: recv_control_msg error -71 req 02 val 2900 [ 291.794617][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.880453][ T9029] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1081'. [ 292.812974][ T9031] netlink: 'syz.5.1082': attribute type 1 has an invalid length. [ 292.815525][ T968] pwc: recv_control_msg error -71 req 02 val 2800 [ 292.914304][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.934551][ T968] pwc: recv_control_msg error -71 req 04 val 1100 [ 292.954050][ T968] pwc: recv_control_msg error -71 req 04 val 1200 [ 293.196725][ T968] pwc: Registered as video103. [ 293.672430][ T968] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6 [ 294.049225][ T968] usb 2-1: USB disconnect, device number 7 [ 294.134403][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.146180][ T9043] netlink: 'syz.3.1085': attribute type 12 has an invalid length. [ 294.268298][ T9048] loop1: detected capacity change from 0 to 2048 [ 294.343559][ T9048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.367707][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.485189][ T29] audit: type=1326 audit(1741060783.693:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 294.570839][ T9065] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1091'. [ 294.644779][ T29] audit: type=1326 audit(1741060783.693:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 295.013344][ T9070] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1097'. [ 295.202931][ T9070] loop4: detected capacity change from 0 to 2048 [ 295.700178][ T29] audit: type=1326 audit(1741060783.814:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 295.851583][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 295.883087][ T29] audit: type=1326 audit(1741060783.814:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 295.909229][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.918939][ T29] audit: type=1326 audit(1741060783.814:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 295.947476][ T9070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.031615][ T9074] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1099'. [ 296.033473][ T29] audit: type=1326 audit(1741060783.814:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.078930][ T29] audit: type=1326 audit(1741060783.814:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.102907][ T29] audit: type=1326 audit(1741060783.814:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.128062][ T9074] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1099'. [ 296.131703][ T29] audit: type=1326 audit(1741060783.814:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.191853][ T29] audit: type=1326 audit(1741060784.198:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.296450][ T9079] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1098'. [ 296.306392][ T29] audit: type=1326 audit(1741060784.198:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9055 comm="syz.5.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a518d169 code=0x7ffc0000 [ 296.319341][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.408617][ T29] audit: type=1800 audit(1741060785.208:569): pid=9068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1097" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 296.836815][ T6099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.854540][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.872009][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.555666][ T9102] trusted_key: encrypted_key: master key parameter '' is invalid [ 298.166253][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.318415][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.369770][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.508680][ T9110] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1111'. [ 298.540823][ T9110] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 298.556775][ T9106] loop0: detected capacity change from 0 to 2048 [ 298.563746][ T9110] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 298.564390][ T9114] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1115'. [ 298.586577][ T9110] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 298.597848][ T9110] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 298.652320][ T9106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.688162][ T9114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1115'. [ 298.806505][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.317997][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 300.551093][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 300.584592][ T9157] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1128'. [ 301.419697][ T9162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1128'. [ 301.556875][ T9163] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1130'. [ 301.628049][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.335475][ T968] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.793504][ T9188] input: syz0 as /devices/virtual/input/input7 [ 302.852442][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.013801][ T3582] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.539666][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.547907][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.556564][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.830217][ T9206] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 305.560643][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.830975][ T9220] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1147'. [ 305.914661][ T9220] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1147'. [ 306.010607][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.222889][ T9225] netlink: 'syz.2.1150': attribute type 10 has an invalid length. [ 306.266723][ T9225] syz_tun: entered promiscuous mode [ 306.296899][ T9225] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 307.109207][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.588891][ T9244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1154'. [ 308.229551][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 308.688592][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.538295][ T9260] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 309.569494][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.769850][ T8577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.143392][ T9262] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 310.183044][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 310.183071][ T29] audit: type=1326 audit(1741061054.464:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 310.214064][ T29] audit: type=1326 audit(1741061054.464:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 310.238305][ T29] audit: type=1326 audit(1741061054.474:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 310.284514][ T9267] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'. [ 310.285467][ T29] audit: type=1326 audit(1741061054.474:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 310.411181][ T29] audit: type=1326 audit(1741061054.474:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 310.694506][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.694692][ T29] audit: type=1326 audit(1741061054.474:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdd45b8d169 code=0x7ffc0000 [ 311.376821][ T9279] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1165'. [ 311.438487][ T9281] loop4: detected capacity change from 0 to 2048 [ 311.524081][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1165'. [ 311.592977][ T9281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.754221][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.806486][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.393169][ T8577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.403563][ T5939] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.583420][ T9313] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 314.080677][ T9315] overlayfs: overlapping lowerdir path [ 314.548630][ T47] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.236370][ T9322] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 315.612634][ T9330] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'. [ 315.830735][ T9330] loop4: detected capacity change from 0 to 2048 [ 316.398530][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 316.606411][ T9330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.692577][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 316.821613][ T29] audit: type=1800 audit(1741061060.657:588): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1179" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 317.149840][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.194161][ T9335] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1182'. [ 317.245459][ T9335] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1182'. [ 317.292655][ T9337] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1183'. [ 317.534726][ T47] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 317.662131][ T8577] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 317.729378][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1189'. [ 317.923875][ T8577] usb 5-1: too many endpoints for config 0 interface 0 altsetting 177: 247, using maximum allowed: 30 [ 318.066226][ T8577] usb 5-1: config 0 interface 0 altsetting 177 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.233738][ T8577] usb 5-1: config 0 interface 0 altsetting 177 endpoint 0x81 has invalid wMaxPacketSize 0 [ 318.381125][ T8577] usb 5-1: config 0 interface 0 altsetting 177 has 1 endpoint descriptor, different from the interface descriptor's value: 247 [ 318.463954][ T8577] usb 5-1: config 0 interface 0 has no altsetting 0 [ 318.470779][ T8577] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 318.560001][ T8577] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.601729][ T8577] usb 5-1: config 0 descriptor?? [ 318.614140][ T9359] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1192'. [ 318.627309][ T9362] netlink: 'syz.5.1194': attribute type 10 has an invalid length. [ 318.641767][ T9359] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1192'. [ 318.646167][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.679671][ T9363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1193'. [ 318.741518][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.151276][ T8577] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 319.198968][ T8577] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 319.328235][ T8577] cp2112 0003:10C4:EA90.0002: error requesting version [ 319.363852][ T8577] cp2112 0003:10C4:EA90.0002: probe with driver cp2112 failed with error -71 [ 319.412591][ T8577] usb 5-1: USB disconnect, device number 4 [ 320.166445][ T9380] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1196'. [ 320.436374][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.617245][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.072454][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.125149][ T9382] nfs: Unknown parameter 'ntext' [ 322.767925][ T9394] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1201'. [ 323.286139][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 324.107290][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 324.376529][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 324.751319][ T9404] netlink: 'syz.5.1208': attribute type 10 has an invalid length. [ 324.787916][ T9407] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1209'. [ 324.797960][ T9407] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1209'. [ 325.681757][ T9421] input: syz0 as /devices/virtual/input/input8 [ 326.091140][ T9419] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1213'. [ 326.124428][ T9419] loop4: detected capacity change from 0 to 2048 [ 326.201293][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.237404][ T9419] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 326.332476][ T29] audit: type=1800 audit(1741061069.580:589): pid=9417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1213" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 327.061840][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.099278][ T9444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1220'. [ 327.283500][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 327.399071][ T8577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 328.181304][ T9467] input: syz0 as /devices/virtual/input/input9 [ 328.811004][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 328.997756][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 329.322236][ T9493] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1237'. [ 329.620046][ T9495] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 329.938427][ T9502] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1235'. [ 329.973268][ T9502] loop1: detected capacity change from 0 to 2048 [ 329.998045][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.105824][ T9502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.353625][ T29] audit: type=1800 audit(1741061073.285:590): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1235" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 330.803250][ T8577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.859880][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.318289][ T5883] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.484714][ T9527] input: syz0 as /devices/virtual/input/input10 [ 332.416184][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 333.606111][ T5935] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 333.697567][ T9529] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 334.047034][ T8577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.149400][ T9541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1252'. [ 334.181477][ T9544] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1251'. [ 334.192795][ T9544] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1251'. [ 334.296395][ T9529] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.307340][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.357306][ T9547] netlink: 194488 bytes leftover after parsing attributes in process `syz.5.1256'. [ 334.944204][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 335.011191][ T9510] ================================================================== [ 335.019346][ T9510] BUG: KASAN: wild-memory-access in __lock_acquire+0xc94/0x2100 [ 335.027000][ T9510] Read of size 8 at addr 1fffffff84f84980 by task syz.4.1239/9510 [ 335.034816][ T9510] [ 335.037147][ T9510] CPU: 1 UID: 0 PID: 9510 Comm: syz.4.1239 Not tainted 6.14.0-rc5-syzkaller-00013-g99fa936e8e4f #0 [ 335.037177][ T9510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.037194][ T9510] Call Trace: [ 335.037204][ T9510] [ 335.037216][ T9510] dump_stack_lvl+0x241/0x360 [ 335.037255][ T9510] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.037282][ T9510] ? __pfx__printk+0x10/0x10 [ 335.037301][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.037331][ T9510] ? _printk+0xd5/0x120 [ 335.037351][ T9510] print_report+0xe3/0x5b0 [ 335.037374][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.037403][ T9510] ? __virt_addr_valid+0x58/0x530 [ 335.037423][ T9510] ? __lock_acquire+0xc94/0x2100 [ 335.037451][ T9510] kasan_report+0x143/0x180 [ 335.037472][ T9510] ? validate_chain+0x11e/0x5920 [ 335.037493][ T9510] ? __lock_acquire+0xc94/0x2100 [ 335.037521][ T9510] ? ZSTD_compressBlock_opt0+0x470/0x9180 [ 335.037548][ T9510] kasan_check_range+0x282/0x290 [ 335.037571][ T9510] ? ZSTD_compressBlock_opt0+0x470/0x9180 [ 335.037596][ T9510] __lock_acquire+0xc94/0x2100 [ 335.037630][ T9510] lock_acquire+0x1ed/0x550 [ 335.037657][ T9510] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 335.037684][ T9510] ? __pfx_lock_acquire+0x10/0x10 [ 335.037711][ T9510] ? rcu_note_context_switch+0xd44/0x1060 [ 335.037739][ T9510] ? __pfx_validate_chain+0x10/0x10 [ 335.037758][ T9510] ? __pfx_validate_chain+0x10/0x10 [ 335.037779][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.037807][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.037840][ T9510] _raw_spin_lock_nested+0x31/0x40 [ 335.037865][ T9510] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 335.037888][ T9510] raw_spin_rq_lock_nested+0xb0/0x140 [ 335.037912][ T9510] __schedule+0x357/0x4c90 [ 335.037940][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.037969][ T9510] ? mark_lock+0x9a/0x360 [ 335.037988][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038016][ T9510] ? mark_lock+0x9a/0x360 [ 335.038034][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038063][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.038091][ T9510] ? __pfx___schedule+0x10/0x10 [ 335.038116][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038146][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038175][ T9510] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 335.038206][ T9510] ? preempt_schedule+0xe1/0xf0 [ 335.038229][ T9510] preempt_schedule_common+0x84/0xd0 [ 335.038263][ T9510] preempt_schedule+0xe1/0xf0 [ 335.038288][ T9510] ? __pfx_preempt_schedule+0x10/0x10 [ 335.038318][ T9510] ? __mutex_trylock_common+0x183/0x2e0 [ 335.038352][ T9510] ? __pfx___mutex_trylock_common+0x10/0x10 [ 335.038384][ T9510] preempt_schedule_thunk+0x1a/0x30 [ 335.038419][ T9510] __mutex_lock+0x3b0/0x1010 [ 335.038446][ T9510] ? __skb_try_recv_from_queue+0x5d8/0x780 [ 335.038468][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038497][ T9510] ? __mutex_unlock_slowpath+0x227/0x800 [ 335.038524][ T9510] ? __unix_dgram_recvmsg+0x24f/0x1320 [ 335.038551][ T9510] ? __pfx___mutex_lock+0x10/0x10 [ 335.038577][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038609][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038637][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.038668][ T9510] __unix_dgram_recvmsg+0x24f/0x1320 [ 335.038698][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038728][ T9510] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 335.038756][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038787][ T9510] ? iovec_from_user+0x61/0x240 [ 335.038810][ T9510] ? __pfx___might_resched+0x10/0x10 [ 335.038836][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038864][ T9510] ? __import_iovec+0x3bf/0x830 [ 335.038887][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.038916][ T9510] ? unix_dgram_recvmsg+0xb6/0xe0 [ 335.038940][ T9510] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 335.038960][ T9510] sock_recvmsg_nosec+0x190/0x1d0 [ 335.038987][ T9510] ____sys_recvmsg+0x3cd/0x480 [ 335.039009][ T9510] ? __pfx_____sys_recvmsg+0x10/0x10 [ 335.039033][ T9510] ? do_recvmmsg+0x44e/0xab0 [ 335.039051][ T9510] ? __might_fault+0xaa/0x120 [ 335.039072][ T9510] do_recvmmsg+0x426/0xab0 [ 335.039095][ T9510] ? __pfx_do_recvmmsg+0x10/0x10 [ 335.039113][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.039141][ T9510] ? mark_lock+0x9a/0x360 [ 335.039168][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.039198][ T9510] ? reacquire_held_locks+0x3eb/0x690 [ 335.039218][ T9510] ? vma_end_read+0x18/0x170 [ 335.039248][ T9510] ? __pfx_reacquire_held_locks+0x10/0x10 [ 335.039281][ T9510] __x64_sys_recvmmsg+0x199/0x250 [ 335.039301][ T9510] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 335.039321][ T9510] ? exc_page_fault+0x590/0x8b0 [ 335.039344][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.039384][ T9510] ? do_syscall_64+0xb6/0x230 [ 335.039415][ T9510] do_syscall_64+0xf3/0x230 [ 335.039455][ T9510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.039492][ T9510] RIP: 0033:0x7f979e58d169 [ 335.039514][ T9510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.039531][ T9510] RSP: 002b:00007f979f39b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 335.039552][ T9510] RAX: ffffffffffffffda RBX: 00007f979e7a6080 RCX: 00007f979e58d169 [ 335.039566][ T9510] RDX: 0000000000010106 RSI: 00004000000000c0 RDI: 0000000000000003 [ 335.039579][ T9510] RBP: 00007f979e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 335.039591][ T9510] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 335.039602][ T9510] R13: 0000000000000001 R14: 00007f979e7a6080 R15: 00007ffe109b07d8 [ 335.039623][ T9510] [ 335.039630][ T9510] ================================================================== [ 335.589847][ T9510] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 335.597035][ T9510] CPU: 1 UID: 0 PID: 9510 Comm: syz.4.1239 Not tainted 6.14.0-rc5-syzkaller-00013-g99fa936e8e4f #0 [ 335.607698][ T9510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.617748][ T9510] Call Trace: [ 335.621024][ T9510] [ 335.623952][ T9510] dump_stack_lvl+0x241/0x360 [ 335.628638][ T9510] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.633831][ T9510] ? __pfx__printk+0x10/0x10 [ 335.638413][ T9510] ? rcu_is_watching+0x15/0xb0 [ 335.643171][ T9510] ? lock_release+0xbf/0xa30 [ 335.647762][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.653398][ T9510] ? vscnprintf+0x5d/0x90 [ 335.657724][ T9510] panic+0x349/0x880 [ 335.661609][ T9510] ? check_panic_on_warn+0x21/0xb0 [ 335.666737][ T9510] ? __pfx_panic+0x10/0x10 [ 335.671166][ T9510] ? do_raw_spin_unlock+0x13c/0x8b0 [ 335.676517][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.682187][ T9510] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 335.688155][ T9510] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 335.694602][ T9510] ? print_report+0xe3/0x5b0 [ 335.699256][ T9510] check_panic_on_warn+0x86/0xb0 [ 335.704279][ T9510] ? __lock_acquire+0xc94/0x2100 [ 335.709251][ T9510] end_report+0x77/0x160 [ 335.713509][ T9510] kasan_report+0x154/0x180 [ 335.718066][ T9510] ? validate_chain+0x11e/0x5920 [ 335.723046][ T9510] ? __lock_acquire+0xc94/0x2100 [ 335.728033][ T9510] ? ZSTD_compressBlock_opt0+0x470/0x9180 [ 335.733886][ T9510] kasan_check_range+0x282/0x290 [ 335.738883][ T9510] ? ZSTD_compressBlock_opt0+0x470/0x9180 [ 335.744657][ T9510] __lock_acquire+0xc94/0x2100 [ 335.749465][ T9510] lock_acquire+0x1ed/0x550 [ 335.754026][ T9510] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 335.759600][ T9510] ? __pfx_lock_acquire+0x10/0x10 [ 335.764662][ T9510] ? rcu_note_context_switch+0xd44/0x1060 [ 335.770395][ T9510] ? __pfx_validate_chain+0x10/0x10 [ 335.775626][ T9510] ? __pfx_validate_chain+0x10/0x10 [ 335.780862][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.786518][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.791560][ T9510] _raw_spin_lock_nested+0x31/0x40 [ 335.796684][ T9510] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 335.802232][ T9510] raw_spin_rq_lock_nested+0xb0/0x140 [ 335.807626][ T9510] __schedule+0x357/0x4c90 [ 335.812044][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.817726][ T9510] ? mark_lock+0x9a/0x360 [ 335.822176][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.827843][ T9510] ? mark_lock+0x9a/0x360 [ 335.832275][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.837918][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.842962][ T9510] ? __pfx___schedule+0x10/0x10 [ 335.847818][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.853510][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.859448][ T9510] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 335.865626][ T9510] ? preempt_schedule+0xe1/0xf0 [ 335.870521][ T9510] preempt_schedule_common+0x84/0xd0 [ 335.875823][ T9510] preempt_schedule+0xe1/0xf0 [ 335.880550][ T9510] ? __pfx_preempt_schedule+0x10/0x10 [ 335.885954][ T9510] ? __mutex_trylock_common+0x183/0x2e0 [ 335.891550][ T9510] ? __pfx___mutex_trylock_common+0x10/0x10 [ 335.897481][ T9510] preempt_schedule_thunk+0x1a/0x30 [ 335.902695][ T9510] __mutex_lock+0x3b0/0x1010 [ 335.907625][ T9510] ? __skb_try_recv_from_queue+0x5d8/0x780 [ 335.913454][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.919222][ T9510] ? __mutex_unlock_slowpath+0x227/0x800 [ 335.924870][ T9510] ? __unix_dgram_recvmsg+0x24f/0x1320 [ 335.930356][ T9510] ? __pfx___mutex_lock+0x10/0x10 [ 335.935391][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.941058][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.946700][ T9510] ? __lock_acquire+0x1397/0x2100 [ 335.951755][ T9510] __unix_dgram_recvmsg+0x24f/0x1320 [ 335.957061][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.962698][ T9510] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 335.968440][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.974079][ T9510] ? iovec_from_user+0x61/0x240 [ 335.978932][ T9510] ? __pfx___might_resched+0x10/0x10 [ 335.984219][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 335.989857][ T9510] ? __import_iovec+0x3bf/0x830 [ 335.994735][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 336.000411][ T9510] ? unix_dgram_recvmsg+0xb6/0xe0 [ 336.005452][ T9510] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 336.010995][ T9510] sock_recvmsg_nosec+0x190/0x1d0 [ 336.016036][ T9510] ____sys_recvmsg+0x3cd/0x480 [ 336.020798][ T9510] ? __pfx_____sys_recvmsg+0x10/0x10 [ 336.026081][ T9510] ? do_recvmmsg+0x44e/0xab0 [ 336.030665][ T9510] ? __might_fault+0xaa/0x120 [ 336.035335][ T9510] do_recvmmsg+0x426/0xab0 [ 336.039753][ T9510] ? __pfx_do_recvmmsg+0x10/0x10 [ 336.044709][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 336.050352][ T9510] ? mark_lock+0x9a/0x360 [ 336.054684][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 336.060320][ T9510] ? reacquire_held_locks+0x3eb/0x690 [ 336.065712][ T9510] ? vma_end_read+0x18/0x170 [ 336.070345][ T9510] ? __pfx_reacquire_held_locks+0x10/0x10 [ 336.076243][ T9510] __x64_sys_recvmmsg+0x199/0x250 [ 336.081421][ T9510] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 336.087038][ T9510] ? exc_page_fault+0x590/0x8b0 [ 336.091916][ T9510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 336.097569][ T9510] ? do_syscall_64+0xb6/0x230 [ 336.102280][ T9510] do_syscall_64+0xf3/0x230 [ 336.106830][ T9510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.112848][ T9510] RIP: 0033:0x7f979e58d169 [ 336.117535][ T9510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.137171][ T9510] RSP: 002b:00007f979f39b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 336.145650][ T9510] RAX: ffffffffffffffda RBX: 00007f979e7a6080 RCX: 00007f979e58d169 [ 336.153645][ T9510] RDX: 0000000000010106 RSI: 00004000000000c0 RDI: 0000000000000003 [ 336.161636][ T9510] RBP: 00007f979e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 336.169626][ T9510] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 336.177602][ T9510] R13: 0000000000000001 R14: 00007f979e7a6080 R15: 00007ffe109b07d8 [ 336.185607][ T9510] [ 336.188915][ T9510] Kernel Offset: disabled [ 336.193288][ T9510] Rebooting in 86400 seconds..