last executing test programs: 6m43.163748266s ago: executing program 0 (id=83): timer_create(0x2, &(0x7f0000000000)={0x0, 0x11, 0x1}, &(0x7f0000000040)=0x0) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{}, {0x0, 0xe4c}}, 0x0) timer_gettime(r0, &(0x7f0000000140)) 6m42.959403417s ago: executing program 0 (id=85): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chroot(&(0x7f0000000a40)='./file0\x00') syz_open_dev$tty20(0xc, 0x4, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x1204081, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) syz_emit_ethernet(0x17d, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800490a016f006800000921"], 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file0\x00') 6m37.863469409s ago: executing program 0 (id=112): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000380)='%pI4 \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000008c000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 6m37.59166201s ago: executing program 0 (id=114): socket$inet6_sctp(0xa, 0x1, 0x84) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980200000000001800128008000100677265000c00028008000100", @ANYRES16=r1], 0x44}}, 0x0) sendto$packet(r0, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x11, 0xc, r3, 0x1, 0x4, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}}, 0x14) 6m37.324349702s ago: executing program 0 (id=115): openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x42ac1, 0x1bc) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0) 6m37.171126803s ago: executing program 0 (id=116): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000400)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xfffe, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x6, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 6m22.084238785s ago: executing program 32 (id=116): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000400)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xfffe, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x6, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 6m11.36765224s ago: executing program 1 (id=229): syz_emit_ethernet(0x3b6, &(0x7f0000000780)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xf5, 0x0, 0x0, [{0x18, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x53, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x8, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "ffffffffffff00000000000200fff500000000000001000000008879e66485201a0015ca837400"/55}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) 6m11.176192402s ago: executing program 1 (id=231): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x4) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'macvlan0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="84000000100003050000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000100005800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r4], 0x84}}, 0x20008040) 6m7.966257792s ago: executing program 1 (id=235): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0x120008c, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2cc, &(0x7f0000000480)="$eJzs3U9rHGUYAPBnks3sqIfNwZMIHbAHT8X0Jl4SJIXinix7UA8abAuSXYQWAv7BtSc/gYIHP4Eg+EF68RsIXgVvVii8MrMznUlc113pVmx/v0uePPM+8z7v7rCZEObNBy/PTm+Wcfve5z9HUWSxcxiH8SCL/djZj8aXcc43AQD8rz1IKX5LC5vUZRFRbK8tAGCL1vv5P+jCH59IWwDAFt145923jsbj47eLKOLa7KuzSfWbffV1cfzodnwU07gVr8UoHkbUNwp7Ud8tVOG1lNJ8UFb24/JsfjapKmfv32/Of/RrRF1/EKNY/EXh0d1Gqqa6Pj4+KBd69fOqj+eb+Q+r+qsxihcfFXfzXx8fX11SH5M8Xn2l1/+VGMVPH8bHMY2bdRNd/RcHZflm+vr3z96r2qvqs/nZZFiP66TdJ/zWAAAAAAAAAAAAAAAAAAAAAADwFLvS7J0zjPJSXJ5VqWb/nd2HkVfflq39rqo6voiyNtXfHyilNE/xXW9LwTI1A7v9fQbx0qC/sSAAAAAAAAAAAAAAAAAAAAA8u+5+8unpyXR6685jCdrdAAYR8ceNiH97nsNe5lKsHjxs5jyZTnea8NyY+3k/E7vtmCxiZRvVIh7Ty/JPwXMXe26D73+oFrjJCYte5vXlC9zb/rraq+v0JFs+1zDaTNFcJN/mEd2YPNacK/+7Qyk2ufzypYdG/Ux74aw+zwt1MF8xJrJVjb3xy2KWJpNdXEVev6pLy/eaoFd+4dpY632PYlH+18+KrN6tY7idDyIAAAAAAAAAAAAAAAAAAKD3/P+5dKqf8r23snQneRQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKdE9///NwjmTfEag/O4c/c/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgD8DAAD//8ytUEM=") openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x200) 6m7.673078753s ago: executing program 1 (id=240): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) chdir(&(0x7f0000000100)='./file0/file0\x00') mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020) 6m7.326944485s ago: executing program 1 (id=243): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b943", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbd", 0xf6}], 0x1}}], 0x2, 0x2010) recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000380)=""/238, 0xee}, {&(0x7f0000000b00)=""/240, 0xf0}, {&(0x7f0000000c00)=""/187, 0xbb}], 0x3}, 0x100) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 6m5.925710694s ago: executing program 1 (id=247): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmmsg(r0, &(0x7f0000006700)=[{{0x0, 0x0, 0x0}, 0x97f}], 0x1, 0x120, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000080)=0x2, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0) 6m5.408779517s ago: executing program 33 (id=247): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmmsg(r0, &(0x7f0000006700)=[{{0x0, 0x0, 0x0}, 0x97f}], 0x1, 0x120, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000080)=0x2, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0) 15.651819654s ago: executing program 2 (id=3154): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000740)={0x30, 0x5, 0x0, {0x0, 0x2, 0x0, 0x1}}, 0x81) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd\x00') fchdir(r1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x0) unshare(0x28000600) unshare(0x26020400) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) 15.520186205s ago: executing program 2 (id=3155): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0x1, 0x3}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94) 15.299559656s ago: executing program 2 (id=3157): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newtfilter={0x88c, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xe}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x858, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_POLICE={0x848, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x8, 0x10, 0xb, 0x70000000, {0x3, 0x1, 0xfff, 0x5, 0x7, 0x2d2b}, {0x2, 0x2, 0x7f, 0x7, 0x2, 0x7}, 0xb6f, 0xffff, 0x7ff}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7f, 0x6, 0x9, 0xe, 0x7, 0x70, 0xfffffffa, 0xe2c, 0x7, 0x2c7, 0x9805, 0x8, 0x0, 0x1, 0x800, 0x1, 0x8, 0x9cda, 0x0, 0x7ff, 0xaf, 0x9, 0xffffa58d, 0x9, 0x5, 0x1, 0x5, 0x44, 0xe, 0x5784, 0xddc, 0x7, 0x9, 0x9, 0x1000, 0x2, 0x3, 0xa9ea237, 0x4c3f, 0x8, 0x3, 0xb8, 0x81, 0x5, 0x1, 0xfffffff8, 0x7ff, 0x3, 0x0, 0xa41, 0x2, 0x6, 0x40000000, 0x8, 0x7, 0xcb0a, 0x5, 0x5, 0x7, 0x2, 0x80000000, 0x5, 0xfffffff5, 0x1, 0xc, 0x7, 0x1, 0x9, 0x1, 0x200, 0x93, 0x47cb, 0x53, 0xc, 0x81, 0x1400000, 0x101, 0x1, 0x9, 0x2, 0xfffffff7, 0x4, 0x8, 0xee, 0x8, 0xa131, 0x4, 0x885e, 0x6, 0x200, 0x3ff, 0x4, 0x3, 0x3590, 0x1dcea407, 0x40, 0x9, 0x0, 0x24000, 0x4, 0x5c35, 0xca3, 0x81, 0xfff, 0x2, 0xd1, 0x5486, 0x1, 0x266100a9, 0x80000000, 0x4, 0xb7b, 0x7, 0x8, 0x1000, 0xa0, 0x7748, 0x1, 0xfffffa6d, 0x4, 0x6, 0x128e5fcd, 0xfff, 0xfffffffa, 0x1, 0x4, 0xf, 0x4, 0xe, 0xe, 0x8, 0x8, 0xed4, 0x8000, 0x1755, 0x8, 0x7, 0x1, 0xd, 0x0, 0x8001, 0x4, 0x8, 0x4, 0x6, 0xf3, 0xff, 0x8001, 0x7, 0x1000, 0x8, 0x2, 0x8, 0x80, 0x7, 0x2, 0xfeffffc0, 0x8, 0xed0, 0x5, 0x4, 0x6, 0x3, 0x1000, 0x7f, 0x8, 0xfffff694, 0xffffc4e5, 0x3, 0x5, 0xb, 0xf4c, 0xe1, 0x1, 0x5, 0x80000001, 0x0, 0x8506, 0xff, 0x3, 0xd81, 0x3, 0x7ff, 0x8, 0x6, 0x6, 0x6, 0x7f, 0x30, 0x8, 0xe, 0x2, 0x8, 0x5, 0x0, 0x3, 0x7, 0x600, 0x2fc6, 0x800, 0x101, 0x8, 0x297, 0x59, 0x5, 0xd, 0x9, 0x0, 0x7ff, 0xe12, 0x4, 0x7, 0xf26d, 0x8000, 0x9, 0x1c47, 0x1e, 0xfffff001, 0x1, 0x54d3, 0xe567, 0x6, 0x80000001, 0x7, 0x7fff, 0xfffffeff, 0x4, 0x0, 0xffff, 0x3, 0x7, 0x7fb, 0x3ff, 0x9, 0x7, 0x99, 0x505, 0x6, 0x8, 0x0, 0xb8, 0x7, 0x3, 0x0, 0x1, 0xffffff72, 0x9, 0x2, 0x1, 0x0, 0x800, 0x9, 0x80, 0x7, 0xd6e7, 0x8]}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x7, 0x4, 0x7, 0xffff, 0x22a, 0x2, 0x9, 0x4, 0x28, 0x4, 0x8b, 0x7, 0x9, 0x1, 0x1, 0x3, 0x9, 0x2, 0x8, 0x8, 0xb, 0x40, 0x80000001, 0x2, 0x9, 0x1ff, 0x8f0, 0x800, 0x0, 0x9f7d, 0x8, 0x7, 0x8, 0xb, 0x101, 0x100, 0xffffffff, 0x9, 0x59, 0x2, 0x0, 0x5, 0x8, 0x4, 0x0, 0x3, 0x2, 0x0, 0x200, 0x7, 0x5, 0x6, 0x200, 0x7fffffff, 0x27, 0xfffffff4, 0x0, 0x5, 0xffffffff, 0x1, 0x8, 0xab0, 0x17518, 0x0, 0x2000002, 0x3, 0x10000, 0x8, 0x3, 0x4d74, 0x89, 0x9, 0x8f44, 0xf, 0x3, 0x2, 0x950, 0xf2, 0x8, 0x1f5, 0x1, 0x3, 0x9, 0x0, 0x7, 0x4, 0x7, 0x6, 0x80000000, 0x12, 0x8, 0x3, 0xd, 0xfffffffe, 0x7, 0x6f94, 0x6, 0x9, 0xa, 0x75, 0xfffffffa, 0x8, 0x1, 0xd69d, 0x1, 0x3, 0x1, 0x872, 0x0, 0x8, 0xb1, 0x8, 0x84e3, 0x1, 0x2, 0x6, 0x6, 0x6, 0x8, 0x4, 0xffffffff, 0xfffffff9, 0x7, 0x6, 0x7ff, 0x5323, 0x4, 0x7fffffff, 0x1, 0xd, 0x200, 0x9a, 0x9, 0x3549, 0xfffffff7, 0x81, 0x6, 0x7, 0x6, 0x4, 0xff, 0x101, 0xfff, 0x7, 0x8bb8, 0x800, 0xfffffff8, 0x2, 0xd, 0x5, 0xfe53, 0x294, 0xd15b, 0x0, 0x8000, 0x200, 0xb, 0x9, 0xffffffff, 0xc94c, 0x9, 0x101, 0x6, 0x6, 0xffffff4c, 0x2, 0x7f, 0xfc, 0x0, 0xffffffff, 0x3ff, 0x400, 0x4, 0x0, 0x1, 0x8000, 0x0, 0x8, 0x8000, 0x1ff, 0x8881, 0x4, 0x2, 0x5, 0x5, 0x1, 0xc, 0x10, 0x2, 0xe, 0x5, 0x3, 0x5, 0xffb7, 0xb, 0x7, 0x80000000, 0x8, 0x6, 0x1ff, 0x5d, 0x40000, 0xb, 0x40, 0x5, 0x5, 0x8, 0x2aacb09, 0x7f, 0x7, 0x10001, 0x8, 0xfff, 0x1000, 0x0, 0x0, 0xa4, 0x7, 0x0, 0xc0, 0x6, 0x784, 0x2, 0xe76d, 0x0, 0xfff, 0x1, 0x80000001, 0x2, 0x9, 0x2, 0x7, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, 0x4, 0x94e6, 0x80000000, 0xee2, 0x8, 0x9, 0x5, 0x2, 0xfffff800, 0x400, 0x8, 0xfff, 0x2, 0x8, 0x5, 0x5, 0x5a9]}]}]}}, @TCA_RATE={0x6, 0x5, {0xb8, 0x80}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004804) 14.298948372s ago: executing program 2 (id=3158): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a0088a8aaaaaaaaaaaa00000000000081002b0086dd690002000000000000000000000000000000000000000001fe880000510000000000000000000001"], 0x46) 13.409000438s ago: executing program 2 (id=3167): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newtfilter={0x88c, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xe}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x858, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_POLICE={0x848, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x8, 0x10, 0xb, 0x70000000, {0x3, 0x1, 0xfff, 0x5, 0x7, 0x2d2b}, {0x2, 0x2, 0x7f, 0x7, 0x2, 0x7}, 0xb6f, 0xffff, 0x7ff}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7f, 0x6, 0x9, 0xe, 0x7, 0x70, 0xfffffffa, 0xe2c, 0x7, 0x2c7, 0x9805, 0x8, 0x0, 0x1, 0x800, 0x1, 0x8, 0x9cda, 0x0, 0x7ff, 0xaf, 0x9, 0xffffa58d, 0x9, 0x5, 0x1, 0x5, 0x44, 0xe, 0x5784, 0xddc, 0x7, 0x9, 0x9, 0x1000, 0x2, 0x3, 0xa9ea237, 0x4c3f, 0x8, 0x3, 0xb8, 0x81, 0x5, 0x1, 0xfffffff8, 0x7ff, 0x3, 0x0, 0xa41, 0x2, 0x6, 0x40000000, 0x8, 0x7, 0xcb0a, 0x5, 0x5, 0x7, 0x2, 0x80000000, 0x5, 0xfffffff5, 0x1, 0xc, 0x7, 0x1, 0x9, 0x1, 0x200, 0x93, 0x47cb, 0x53, 0xc, 0x81, 0x1400000, 0x101, 0x1, 0x9, 0x2, 0xfffffff7, 0x4, 0x8, 0xee, 0x8, 0xa131, 0x4, 0x885e, 0x6, 0x200, 0x3ff, 0x4, 0x3, 0x3590, 0x1dcea407, 0x40, 0x9, 0x0, 0x24000, 0x4, 0x5c35, 0xca3, 0x81, 0xfff, 0x2, 0xd1, 0x5486, 0x1, 0x266100a9, 0x80000000, 0x4, 0xb7b, 0x7, 0x8, 0x1000, 0xa0, 0x7748, 0x1, 0xfffffa6d, 0x4, 0x6, 0x128e5fcd, 0xfff, 0xfffffffa, 0x1, 0x4, 0xf, 0x4, 0xe, 0xe, 0x8, 0x8, 0xed4, 0x8000, 0x1755, 0x8, 0x7, 0x1, 0xd, 0x0, 0x8001, 0x4, 0x8, 0x4, 0x6, 0xf3, 0xff, 0x8001, 0x7, 0x1000, 0x8, 0x2, 0x8, 0x80, 0x7, 0x2, 0xfeffffc0, 0x8, 0xed0, 0x5, 0x4, 0x6, 0x3, 0x1000, 0x7f, 0x8, 0xfffff694, 0xffffc4e5, 0x3, 0x5, 0xb, 0xf4c, 0xe1, 0x1, 0x5, 0x80000001, 0x0, 0x8506, 0xff, 0x3, 0xd81, 0x3, 0x7ff, 0x8, 0x6, 0x6, 0x6, 0x7f, 0x30, 0x8, 0xe, 0x2, 0x8, 0x5, 0x0, 0x3, 0x7, 0x600, 0x2fc6, 0x800, 0x101, 0x8, 0x297, 0x59, 0x5, 0xd, 0x9, 0x0, 0x7ff, 0xe12, 0x4, 0x7, 0xf26d, 0x8000, 0x9, 0x1c47, 0x1e, 0xfffff001, 0x1, 0x54d3, 0xe567, 0x6, 0x80000001, 0x7, 0x7fff, 0xfffffeff, 0x4, 0x0, 0xffff, 0x3, 0x7, 0x7fb, 0x3ff, 0x9, 0x7, 0x99, 0x505, 0x6, 0x8, 0x0, 0xb8, 0x7, 0x3, 0x0, 0x1, 0xffffff72, 0x9, 0x2, 0x1, 0x0, 0x800, 0x9, 0x80, 0x7, 0xd6e7, 0x8]}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x7, 0x4, 0x7, 0xffff, 0x22a, 0x2, 0x9, 0x4, 0x28, 0x4, 0x8b, 0x7, 0x9, 0x1, 0x1, 0x3, 0x9, 0x2, 0x8, 0x8, 0xb, 0x40, 0x80000001, 0x2, 0x9, 0x1ff, 0x8f0, 0x800, 0x0, 0x9f7d, 0x8, 0x7, 0x8, 0xb, 0x101, 0x100, 0xffffffff, 0x9, 0x59, 0x2, 0x0, 0x5, 0x8, 0x4, 0x0, 0x3, 0x2, 0x0, 0x200, 0x7, 0x5, 0x6, 0x200, 0x7fffffff, 0x27, 0xfffffff4, 0x0, 0x5, 0xffffffff, 0x1, 0x8, 0xab0, 0x17518, 0x0, 0x2000002, 0x3, 0x10000, 0x8, 0x3, 0x4d74, 0x89, 0x9, 0x8f44, 0xf, 0x3, 0x2, 0x950, 0xf2, 0x8, 0x1f5, 0x1, 0x3, 0x9, 0x0, 0x7, 0x4, 0x7, 0x6, 0x80000000, 0x12, 0x8, 0x3, 0xd, 0xfffffffe, 0x7, 0x6f94, 0x6, 0x9, 0xa, 0x75, 0xfffffffa, 0x8, 0x1, 0xd69d, 0x1, 0x3, 0x1, 0x872, 0x0, 0x8, 0xb1, 0x8, 0x84e3, 0x1, 0x2, 0x6, 0x6, 0x6, 0x8, 0x4, 0xffffffff, 0xfffffff9, 0x7, 0x6, 0x7ff, 0x5323, 0x4, 0x7fffffff, 0x1, 0xd, 0x200, 0x9a, 0x9, 0x3549, 0xfffffff7, 0x81, 0x6, 0x7, 0x6, 0x4, 0xff, 0x101, 0xfff, 0x7, 0x8bb8, 0x800, 0xfffffff8, 0x2, 0xd, 0x5, 0xfe53, 0x294, 0xd15b, 0x0, 0x8000, 0x200, 0xb, 0x9, 0xffffffff, 0xc94c, 0x9, 0x101, 0x6, 0x6, 0xffffff4c, 0x2, 0x7f, 0xfc, 0x0, 0xffffffff, 0x3ff, 0x400, 0x4, 0x0, 0x1, 0x8000, 0x0, 0x8, 0x8000, 0x1ff, 0x8881, 0x4, 0x2, 0x5, 0x5, 0x1, 0xc, 0x10, 0x2, 0xe, 0x5, 0x3, 0x5, 0xffb7, 0xb, 0x7, 0x80000000, 0x8, 0x6, 0x1ff, 0x5d, 0x40000, 0xb, 0x40, 0x5, 0x5, 0x8, 0x2aacb09, 0x7f, 0x7, 0x10001, 0x8, 0xfff, 0x1000, 0x0, 0x0, 0xa4, 0x7, 0x0, 0xc0, 0x6, 0x784, 0x2, 0xe76d, 0x0, 0xfff, 0x1, 0x80000001, 0x2, 0x9, 0x2, 0x7, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, 0x4, 0x94e6, 0x80000000, 0xee2, 0x8, 0x9, 0x5, 0x2, 0xfffff800, 0x400, 0x8, 0xfff, 0x2, 0x8, 0x5, 0x5, 0x5a9]}]}]}}, @TCA_RATE={0x6, 0x5, {0xb8, 0x80}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004804) 13.192743719s ago: executing program 2 (id=3169): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xac}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x41}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x32}}]}, &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 5.498604486s ago: executing program 4 (id=3212): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fd4000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000300)="f081550000a00000c74424009ef30000c7442402d60000000f22820f0114240f0745000fbe252e8a09f00fb32a2e660f3a176a4b00b9800000c00f3267420f01c30f5966baf80cb8c087678eef66bac60ced45c194710a000000058a3bc4567dbcae009008f2", 0x66}], 0x1, 0x6c, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x61, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.007150479s ago: executing program 4 (id=3217): openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000300)={[0x9, 0x7, 0x7, 0x1, 0x7, 0xf, 0x4, 0x6, 0xfffffffffffffc00, 0x80000001, 0x3, 0x8, 0x0, 0x5, 0x9, 0x84], 0xeeef0000, 0x28010}) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f00000001c0)={{0x80a0000, 0x80a0000, 0x8, 0x3, 0x3, 0x6, 0x40, 0x7, 0x0, 0x30, 0x19}, {0x8080000, 0x10000, 0x3, 0x8, 0x40, 0x7, 0x7f, 0x6, 0x5, 0x6, 0x3, 0xf8}, {0x4000, 0x4000, 0xe, 0x5, 0x8, 0x7, 0x0, 0x9, 0x0, 0xa7, 0xb, 0x4}, {0x4, 0x4000, 0xa, 0x6, 0x3, 0x2, 0x1, 0xf8, 0x9, 0x9, 0xe, 0xf1}, {0x4000, 0x2000, 0x10, 0x3, 0x86, 0xff, 0xab, 0x7f, 0x1, 0x83, 0xc, 0x6}, {0x1000, 0xeeef0000, 0xc, 0xe6, 0xb5, 0x8, 0x1, 0xa0, 0x7, 0xf, 0x5}, {0x1000, 0xdddd0000, 0x4, 0x5, 0x5, 0x6, 0x4, 0x12, 0x4, 0x81, 0x6, 0x70}, {0x5000, 0xeeee0000, 0xc, 0x5, 0xf, 0x7, 0x1, 0xe2, 0x2, 0x8, 0xf0, 0x9}, {0xeeef0000, 0x30}, {0xeeef0000, 0x7}, 0x80000031, 0x0, 0x6000, 0x2004, 0x6, 0x0, 0x3000, [0x67fffffffffffffe, 0x9, 0x67, 0x6]}) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000004c0)={[0x8abe, 0x100d, 0x0, 0x807, 0x7ffd, 0xf, 0x120000, 0x9, 0x1, 0x7, 0x8000000000000000, 0x1, 0x2000000000001, 0xfe, 0x6, 0x1], 0x80a0000, 0x141200}) 4.786885831s ago: executing program 4 (id=3220): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x800, 0x8001, 0x2c}, 0x50) 3.463523469s ago: executing program 4 (id=3224): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'netpci0\x00', 0x400}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x280a01, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r2, 0x8943, 0x0) 3.178395s ago: executing program 5 (id=3225): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 3.078894171s ago: executing program 6 (id=3227): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x400004}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000b40), r1) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x24, r2, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x20}}]}, 0x24}, 0x1, 0x0, 0x0, 0xc801}, 0x4024880) 2.975897632s ago: executing program 5 (id=3228): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000040)=""/36, 0x0, 0xeeef0000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='cpuset\x00') dup3(0xffffffffffffffff, r1, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x0, r1}) 2.846004632s ago: executing program 6 (id=3230): sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x1409, 0x1, 0x70bd2d, 0x25dfdbfd}, 0x10}, 0x1, 0x0, 0x0, 0x4040000}, 0xc050) r0 = socket(0x11, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x6717, 0x4) sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000000)=@phonet={0x23, 0x40, 0x6, 0x7}, 0x80, 0x0}}], 0x1, 0x24040001) recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000140)}, 0x2}, {{&(0x7f0000000340)=@phonet, 0x80, &(0x7f0000000140)=[{&(0x7f0000001a00)=""/4096}], 0xa, &(0x7f0000000280)=""/3}, 0x7fff}], 0x8, 0x2020, 0x0) 2.775178743s ago: executing program 5 (id=3231): syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x10020a0, 0x0, 0x1, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x100a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x30000d0, 0x0, 0x2, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000380)='./bus\x00', 0x322020, &(0x7f0000000140)=ANY=[], 0x1, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$setstatus(r0, 0x4, 0x50000) bpf$MAP_CREATE(0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000000740)={0x2020}, 0x2020) 2.744718873s ago: executing program 4 (id=3232): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310) 2.604116533s ago: executing program 6 (id=3233): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x3, 0x6, 0x18, 0x2}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc2, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 2.597901334s ago: executing program 3 (id=3234): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r4 = syz_io_uring_setup(0x47a8, &(0x7f00000002c0)={0x0, 0x46b4, 0x80, 0x80000, 0x200}, 0x0, &(0x7f0000000700)) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r5, 0x0, 0x4040) syz_io_uring_setup(0x7676, &(0x7f0000000100)={0x0, 0xce17, 0x4, 0x3, 0x10f, 0x0, r4}, 0x0, 0x0) syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x4c1f, 0x8, 0xfffffffe, 0x200004}, &(0x7f0000000200), &(0x7f0000000440)) io_uring_enter(r4, 0x1fee, 0x2fc25, 0xc, 0x0, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) sendmsg$inet6(r6, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000140)}, 0x20048843) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20, @empty}}, 0x1000, 0x1ff, 0xffff18b6, 0x4, 0x384, 0x7fffffff, 0x1b}, 0x9c) pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000000000)={0x2, {0xc, 0xa00, 0x6, 0x101, 0x100}}) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000040)={0x8, 0x5}) r8 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x47}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000001c0)={0xa, &(0x7f0000000180)=[{0x7ff}, {0x2, 0xc9b}, {0x1800, 0x5}, {0xfff9, 0x9}, {0x1, 0x6}, {0x1, 0x8}, {0x4, 0x2000}, {0x468c, 0xfffe}, {0x7fff, 0x5}, {0x6, 0x3}]}) syz_emit_ethernet(0x4a, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000001ffffffffffff86dd690000005374d5ceec3a00590a7a32001406fffe800000000000000000000000000039fe80000000000000007d3452fe52701cdd2e27d0cecdfb5b27c3b1f5bcccedf4ab928bbd4c8dd5075e0f55a8e3f2827ca7f899d7b1267fef3e79d23bac62eae9cf0215b6931013ab11e9dcf48a37cfe887d165e4071928da0be7c2ef5673e254d9bd74e2c11dedd9f0abf7393123c4d763a1d7bf26b21a1a8fe9a27e7483c024b7e8e598fa8e94d2", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5110000790780003"], 0x0) fcntl$notify(r8, 0x402, 0x0) 2.383060455s ago: executing program 4 (id=3235): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x1, 0xfff3}, {0x0, 0x1}, {0x10, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40004}, 0x2008c010) 1.55130486s ago: executing program 6 (id=3236): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000000000000) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc4, 0xffd, 0x4, 0x0, 0x7, 0x0, 0x2, 0x0, 0x6a, 0x8d], 0xeeee8000, 0x2011c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000100)=@x86={0x10, 0xe, 0x7, 0x0, 0x81, 0xfc, 0x5, 0x7f, 0x1, 0x8c, 0x8, 0x9, 0x0, 0xffffffff, 0xe, 0x0, 0xb0, 0x1, 0x2, '\x00', 0x83, 0x20000000000003}) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000280)={'\x00', 0xf, 0x66a, 0x9, 0x0, 0x1, 0x80a4000, 0xd000, '\x00', 0xd5ad}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.53196426s ago: executing program 5 (id=3237): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000a5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb9) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="05"], 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r1, r2, 0x4}, 0x10) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000e00)) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000080), &(0x7f0000000840)=r2}, 0x20) 1.461115691s ago: executing program 3 (id=3238): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8) bind$inet6(r0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000004040)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=""/19, 0x13}, 0x8}], 0x1, 0x2b, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1.260935472s ago: executing program 6 (id=3239): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x3, &(0x7f0000000000)=@framed={{0x2e, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x34}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 1.111645313s ago: executing program 5 (id=3240): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000040)=""/36, 0x0, 0xeeef0000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='cpuset\x00') dup3(0xffffffffffffffff, r1, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x0, r1}) 1.078429873s ago: executing program 6 (id=3241): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'netpci0\x00', 0x400}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x280a01, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r2, 0x8943, 0x0) 950.678854ms ago: executing program 5 (id=3242): bpf$BPF_PROG_QUERY(0x10, &(0x7f00000004c0)={@map, 0x3f, 0x1, 0x5cc, &(0x7f00000001c0)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x0, 0x0}, 0x8) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380)=r0, 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={r1, 0x20, &(0x7f00000004c0)={0x0, 0x0, 0x0, &(0x7f00000019c0)=""/4096, 0x1000}}, 0x10) 379.750978ms ago: executing program 3 (id=3243): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000300)={[0x9, 0x7, 0x7, 0x1, 0x7, 0xf, 0x4, 0x6, 0xfffffffffffffc00, 0x80000001, 0x3, 0x8, 0x0, 0x5, 0x9, 0x84], 0xeeef0000, 0x28010}) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000001c0)={{0x80a0000, 0x80a0000, 0x8, 0x3, 0x3, 0x6, 0x40, 0x7, 0x0, 0x30, 0x19}, {0x8080000, 0x10000, 0x3, 0x8, 0x40, 0x7, 0x7f, 0x6, 0x5, 0x6, 0x3, 0xf8}, {0x4000, 0x4000, 0xe, 0x5, 0x8, 0x7, 0x0, 0x9, 0x0, 0xa7, 0xb, 0x4}, {0x4, 0x4000, 0xa, 0x6, 0x3, 0x2, 0x1, 0xf8, 0x9, 0x9, 0xe, 0xf1}, {0x4000, 0x2000, 0x10, 0x3, 0x86, 0xff, 0xab, 0x7f, 0x1, 0x83, 0xc, 0x6}, {0x1000, 0xeeef0000, 0xc, 0xe6, 0xb5, 0x8, 0x1, 0xa0, 0x7, 0xf, 0x5}, {0x1000, 0xdddd0000, 0x4, 0x5, 0x5, 0x6, 0x4, 0x12, 0x4, 0x81, 0x6, 0x70}, {0x5000, 0xeeee0000, 0xc, 0x5, 0xf, 0x7, 0x1, 0xe2, 0x2, 0x8, 0xf0, 0x9}, {0xeeef0000, 0x30}, {0xeeef0000, 0x7}, 0x80000031, 0x0, 0x6000, 0x2004, 0x6, 0x0, 0x3000, [0x67fffffffffffffe, 0x9, 0x67, 0x6]}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000004c0)={[0x8abe, 0x100d, 0x0, 0x807, 0x7ffd, 0xf, 0x120000, 0x9, 0x1, 0x7, 0x8000000000000000, 0x1, 0x2000000000001, 0xfe, 0x6, 0x1], 0x80a0000, 0x141200}) 330.932638ms ago: executing program 3 (id=3244): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) memfd_create(&(0x7f0000000040)='/dev/kvm\x00', 0x4) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 86.616959ms ago: executing program 3 (id=3245): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000040)={'sit0\x00', 0x0, 0x40, 0x7, 0x97c1, 0x7e06, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x66, 0x0, 0x8, 0x29, 0x0, @private=0xa010102, @local}}}}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r3 = fcntl$dupfd(r2, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248) 0s ago: executing program 3 (id=3246): prctl$PR_MCE_KILL(0x35, 0x1, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FITHAW(r1, 0xc0045878) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]}) r4 = socket$unix(0x1, 0x1, 0x0) bind$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r4, 0x2) r5 = socket$unix(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="90", 0x1}], 0x1, &(0x7f0000000580)=[@rights={{0x18, 0x1, 0x1, [r6, r4]}}], 0x18, 0x8801}}], 0x1, 0x20044034) close_range(r3, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): nge from 0 to 256 [ 109.684005][ T4745] FAT-fs (loop2): Directory bread(block 64) failed [ 109.690888][ T4745] FAT-fs (loop2): Directory bread(block 65) failed [ 109.698158][ T4745] FAT-fs (loop2): Directory bread(block 66) failed [ 109.704845][ T4745] FAT-fs (loop2): Directory bread(block 67) failed [ 109.711928][ T4745] FAT-fs (loop2): Directory bread(block 68) failed [ 109.718649][ T4745] FAT-fs (loop2): Directory bread(block 69) failed [ 109.725656][ T4745] FAT-fs (loop2): Directory bread(block 70) failed [ 109.732501][ T4745] FAT-fs (loop2): Directory bread(block 71) failed [ 109.739614][ T4745] FAT-fs (loop2): Directory bread(block 72) failed [ 109.746284][ T4745] FAT-fs (loop2): Directory bread(block 73) failed [ 110.683315][ T4756] netlink: 'syz.3.128': attribute type 1 has an invalid length. [ 110.962286][ T4758] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 111.175256][ T4756] device veth3 entered promiscuous mode [ 111.733901][ T4776] loop4: detected capacity change from 0 to 4096 [ 111.900021][ T4782] pimreg: tun_chr_ioctl cmd 1074812118 [ 111.942076][ T4786] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.526988][ T4804] loop3: detected capacity change from 0 to 256 [ 114.928005][ T4804] FAT-fs (loop3): Directory bread(block 64) failed [ 114.934767][ T4804] FAT-fs (loop3): Directory bread(block 65) failed [ 114.943601][ T4804] FAT-fs (loop3): Directory bread(block 66) failed [ 114.950246][ T4804] FAT-fs (loop3): Directory bread(block 67) failed [ 114.957241][ T4804] FAT-fs (loop3): Directory bread(block 68) failed [ 114.964029][ T4804] FAT-fs (loop3): Directory bread(block 69) failed [ 114.971056][ T4804] FAT-fs (loop3): Directory bread(block 70) failed [ 114.977770][ T4804] FAT-fs (loop3): Directory bread(block 71) failed [ 114.984797][ T4804] FAT-fs (loop3): Directory bread(block 72) failed [ 114.991503][ T4804] FAT-fs (loop3): Directory bread(block 73) failed [ 116.217620][ T4278] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 116.226219][ T4278] Bluetooth: hci0: Injecting HCI hardware error event [ 116.235000][ T4285] Bluetooth: hci0: hardware error 0x00 [ 116.499825][ T4824] loop2: detected capacity change from 0 to 8192 [ 117.061900][ T4833] loop4: detected capacity change from 0 to 256 [ 118.208654][ T4848] netlink: 'syz.3.160': attribute type 1 has an invalid length. [ 118.297013][ T4285] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 118.519132][ T4857] loop2: detected capacity change from 0 to 256 [ 118.691576][ T4857] FAT-fs (loop2): Directory bread(block 64) failed [ 118.698573][ T4857] FAT-fs (loop2): Directory bread(block 65) failed [ 118.705741][ T4857] FAT-fs (loop2): Directory bread(block 66) failed [ 118.712528][ T4857] FAT-fs (loop2): Directory bread(block 67) failed [ 118.719681][ T4857] FAT-fs (loop2): Directory bread(block 68) failed [ 118.726380][ T4857] FAT-fs (loop2): Directory bread(block 69) failed [ 118.733498][ T4857] FAT-fs (loop2): Directory bread(block 70) failed [ 118.740285][ T4857] FAT-fs (loop2): Directory bread(block 71) failed [ 118.747215][ T4857] FAT-fs (loop2): Directory bread(block 72) failed [ 118.753885][ T4857] FAT-fs (loop2): Directory bread(block 73) failed [ 119.532642][ T4861] device veth5 entered promiscuous mode [ 119.642989][ T4863] loop4: detected capacity change from 0 to 4096 [ 119.663056][ T4861] bond2: (slave veth5): Enslaving as a backup interface with a down link [ 119.873391][ T4864] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 122.671800][ T4895] loop3: detected capacity change from 0 to 256 [ 123.203115][ T4743] Set syz1 is full, maxelem 65536 reached [ 124.021457][ T4278] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 124.037282][ T4902] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.037503][ T4278] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 124.046451][ T4902] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.063265][ T4278] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 124.184533][ T4278] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 124.204408][ T4278] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 124.268229][ T4278] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 125.254001][ T4902] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.291927][ T4902] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 125.422889][ T4902] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.436554][ T4902] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.448787][ T4902] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.461346][ T4902] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.531898][ T4905] netlink: 'syz.2.177': attribute type 1 has an invalid length. [ 125.578166][ T4908] device veth5 entered promiscuous mode [ 125.981218][ T4950] netlink: 'syz.3.184': attribute type 1 has an invalid length. [ 126.309774][ T4950] device veth7 entered promiscuous mode [ 126.376945][ T4278] Bluetooth: hci5: command 0x0409 tx timeout [ 126.423930][ T4746] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.566389][ T4746] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.658952][ T4968] loop2: detected capacity change from 0 to 256 [ 126.701137][ T4968] FAT-fs (loop2): Directory bread(block 64) failed [ 126.707849][ T4968] FAT-fs (loop2): Directory bread(block 65) failed [ 126.714496][ T4968] FAT-fs (loop2): Directory bread(block 66) failed [ 126.721122][ T4968] FAT-fs (loop2): Directory bread(block 67) failed [ 126.727862][ T4968] FAT-fs (loop2): Directory bread(block 68) failed [ 126.734498][ T4968] FAT-fs (loop2): Directory bread(block 69) failed [ 126.741363][ T4968] FAT-fs (loop2): Directory bread(block 70) failed [ 126.747966][ T4968] FAT-fs (loop2): Directory bread(block 71) failed [ 126.754925][ T4968] FAT-fs (loop2): Directory bread(block 72) failed [ 126.761575][ T4968] FAT-fs (loop2): Directory bread(block 73) failed [ 126.980331][ T4746] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.862467][ T4746] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.914047][ T4982] netlink: 'syz.2.193': attribute type 12 has an invalid length. [ 127.933557][ T4982] netlink: 'syz.2.193': attribute type 29 has an invalid length. [ 127.966904][ T4982] netlink: 148 bytes leftover after parsing attributes in process `syz.2.193'. [ 127.996955][ T4982] netlink: 'syz.2.193': attribute type 2 has an invalid length. [ 128.026893][ T4982] netlink: 'syz.2.193': attribute type 3 has an invalid length. [ 128.050110][ T4919] chnl_net:caif_netlink_parms(): no params data found [ 128.196177][ T4989] netlink: 'syz.1.196': attribute type 1 has an invalid length. [ 128.317361][ T4992] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 128.457262][ T4278] Bluetooth: hci5: command 0x041b tx timeout [ 128.545026][ T4919] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.557965][ T4919] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.566619][ T4919] device bridge_slave_0 entered promiscuous mode [ 128.618369][ T4919] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.633040][ T4919] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.677818][ T4919] device bridge_slave_1 entered promiscuous mode [ 128.764710][ T4989] device veth3 entered promiscuous mode [ 128.788414][ T4989] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 129.100145][ T4919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.133954][ T4919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.294038][ T5021] 9pnet_fd: Insufficient options for proto=fd [ 130.083265][ T5023] netlink: 100 bytes leftover after parsing attributes in process `syz.2.203'. [ 130.201191][ T4919] team0: Port device team_slave_0 added [ 130.299277][ T5035] cgroup: noprefix used incorrectly [ 130.310898][ T4919] team0: Port device team_slave_1 added [ 130.556649][ T4278] Bluetooth: hci5: command 0x040f tx timeout [ 130.673591][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.706914][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.774639][ T4919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.831703][ T5040] netlink: 'syz.1.211': attribute type 1 has an invalid length. [ 131.060241][ T5051] device veth5 entered promiscuous mode [ 131.075258][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 131.094928][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.172259][ T4919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.260888][ T5060] netlink: 'syz.3.214': attribute type 1 has an invalid length. [ 131.575829][ T4919] device hsr_slave_0 entered promiscuous mode [ 131.599060][ T4919] device hsr_slave_1 entered promiscuous mode [ 131.620948][ T4919] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 131.645268][ T4919] Cannot create hsr debugfs directory [ 131.804303][ T5060] device veth9 entered promiscuous mode [ 131.814806][ T5072] 9pnet_fd: Insufficient options for proto=fd [ 131.819381][ T5060] bond4: (slave veth9): Enslaving as a backup interface with a down link [ 132.617026][ T4285] Bluetooth: hci5: command 0x0419 tx timeout [ 132.868501][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.875136][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.929254][ T5081] netlink: 100 bytes leftover after parsing attributes in process `syz.1.218'. [ 133.148824][ T5087] loop1: detected capacity change from 0 to 256 [ 133.602721][ T5102] 9pnet_fd: Insufficient options for proto=fd [ 133.666970][ T4746] device hsr_slave_0 left promiscuous mode [ 133.675917][ T4746] device hsr_slave_1 left promiscuous mode [ 133.719484][ T4746] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.777051][ T4746] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.867962][ T4746] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.960590][ T4746] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.118135][ T4746] device bridge_slave_1 left promiscuous mode [ 134.273149][ T4746] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.489063][ T4746] device bridge_slave_0 left promiscuous mode [ 134.519522][ T4746] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.792506][ T4746] device veth1_macvtap left promiscuous mode [ 135.496472][ T4746] device veth0_macvtap left promiscuous mode [ 135.535585][ T4746] device veth1_vlan left promiscuous mode [ 135.570010][ T4746] device veth0_vlan left promiscuous mode [ 136.243863][ T4746] team0 (unregistering): Port device team_slave_1 removed [ 136.284902][ T4746] team0 (unregistering): Port device team_slave_0 removed [ 136.328194][ T4746] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 136.369557][ T4746] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 136.821753][ T4746] bond0 (unregistering): Released all slaves [ 136.913188][ T5098] netlink: 'syz.4.225': attribute type 1 has an invalid length. [ 136.945341][ T5116] device veth3 entered promiscuous mode [ 136.951345][ T5130] netlink: 100 bytes leftover after parsing attributes in process `syz.1.231'. [ 137.124500][ T5152] loop1: detected capacity change from 0 to 256 [ 137.323899][ T5156] veth1_to_team: default FDB implementation only supports local addresses [ 137.409186][ T4919] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 137.459873][ T4919] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 137.511322][ T4919] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 137.551653][ T5162] 9pnet_fd: Insufficient options for proto=fd [ 137.568314][ T4919] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 137.610944][ T5165] netlink: 'syz.3.241': attribute type 1 has an invalid length. [ 138.588659][ T5183] netlink: 100 bytes leftover after parsing attributes in process `syz.3.244'. [ 139.026365][ T4919] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.174995][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 139.245096][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 139.270892][ T4919] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.322875][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 139.346600][ T5189] block device autoloading is deprecated and will be removed. [ 139.360726][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 139.381776][ T4885] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.388993][ T4885] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.468410][ T5192] netlink: 'syz.3.248': attribute type 1 has an invalid length. [ 139.575386][ T5194] 8021q: adding VLAN 0 to HW filter on device bond5 [ 139.597086][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 139.621810][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 139.661898][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 139.695592][ T4885] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.702869][ T4885] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.738334][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 139.768260][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 139.817338][ T5196] device veth11 entered promiscuous mode [ 139.869906][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 139.922972][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 139.956727][ T5210] Zero length message leads to an empty skb [ 139.963780][ T5202] netlink: 'syz.2.250': attribute type 1 has an invalid length. [ 140.213878][ T5217] 9pnet_fd: Insufficient options for proto=fd [ 140.230332][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 140.251834][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 140.268902][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 140.360219][ T5202] device veth5 entered promiscuous mode [ 140.384894][ T5202] bond2: (slave veth5): Enslaving as a backup interface with a down link [ 140.584691][ T4278] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 140.594607][ T4278] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 140.617096][ T4278] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 140.626633][ T4278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 140.642529][ T4278] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 140.820343][ T4278] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 140.921092][ T4746] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.250836][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 141.268102][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 141.276884][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 141.294627][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 141.297362][ T5229] capability: warning: `syz.4.257' uses deprecated v2 capabilities in a way that may be insecure [ 141.324586][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 141.503906][ T4746] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.586368][ T5237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.259'. [ 142.151695][ T4746] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.561490][ T4746] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.595215][ T5248] netlink: 'syz.3.262': attribute type 1 has an invalid length. [ 142.690276][ T5248] 8021q: adding VLAN 0 to HW filter on device bond6 [ 142.708891][ T5248] device veth13 entered promiscuous mode [ 142.983176][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 142.998509][ T5265] 9pnet_fd: Insufficient options for proto=fd [ 143.004997][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 143.017493][ T4271] Bluetooth: hci0: command 0x0409 tx timeout [ 143.030808][ T4919] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.280162][ T4746] bond1: (slave ip6gretap1): Releasing backup interface [ 143.297085][ T4746] bond1: (slave ip6gretap1): the permanent HWaddr of slave - 42:e6:c4:e5:2b:76 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 143.364452][ T5223] chnl_net:caif_netlink_parms(): no params data found [ 143.505648][ T5282] netlink: 'syz.4.267': attribute type 1 has an invalid length. [ 143.677521][ T5284] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 143.838010][ T5282] device veth5 entered promiscuous mode [ 143.846686][ T5282] bond1: (slave veth5): Enslaving as a backup interface with a down link [ 143.971905][ T5223] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.979286][ T5223] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.010264][ T5223] device bridge_slave_0 entered promiscuous mode [ 144.052033][ T5223] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.072263][ T5223] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.083497][ T5223] device bridge_slave_1 entered promiscuous mode [ 144.225083][ T5302] loop2: detected capacity change from 0 to 16 [ 144.245604][ T5223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.259567][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 144.270219][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 144.300672][ T5223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.330398][ T5302] erofs: (device loop2): mounted with root inode @ nid 36. [ 144.449766][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 144.499475][ T5302] syz.2.278: attempt to access beyond end of device [ 144.499475][ T5302] loop2: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 144.517698][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 144.570816][ T5302] syz.2.278: attempt to access beyond end of device [ 144.570816][ T5302] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 144.615342][ T26] audit: type=1800 audit(1762504512.856:3): pid=5302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.278" name="file1" dev="loop2" ino=86 res=0 errno=0 [ 144.631665][ T5302] syz.2.278: attempt to access beyond end of device [ 144.631665][ T5302] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 144.653714][ T4919] device veth0_vlan entered promiscuous mode [ 144.660230][ T26] audit: type=1800 audit(1762504512.906:4): pid=5302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.278" name="file1" dev="loop2" ino=86 res=0 errno=0 [ 144.668520][ T5301] syz.2.278: attempt to access beyond end of device [ 144.668520][ T5301] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 144.696507][ T5301] syz.2.278: attempt to access beyond end of device [ 144.696507][ T5301] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 144.697232][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 144.737611][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 144.761729][ T5223] team0: Port device team_slave_0 added [ 144.772671][ T5314] netlink: 'syz.4.273': attribute type 1 has an invalid length. [ 144.839035][ T5317] 8021q: adding VLAN 0 to HW filter on device bond2 [ 144.871961][ T4919] device veth1_vlan entered promiscuous mode [ 145.039426][ T5223] team0: Port device team_slave_1 added [ 145.085888][ T5319] device veth7 entered promiscuous mode [ 145.096872][ T4271] Bluetooth: hci0: command 0x041b tx timeout [ 147.177466][ T4271] Bluetooth: hci0: command 0x040f tx timeout [ 147.314276][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 147.326804][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 147.393113][ T5223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 147.410497][ T5329] netlink: 'syz.2.279': attribute type 1 has an invalid length. [ 147.466361][ T5340] netlink: 100 bytes leftover after parsing attributes in process `syz.3.277'. [ 147.543949][ T4746] device hsr_slave_0 left promiscuous mode [ 147.562609][ T4746] device hsr_slave_1 left promiscuous mode [ 147.595817][ T4746] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.603428][ T4746] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.631995][ T4746] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.644489][ T4746] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.652423][ T4746] device bridge_slave_1 left promiscuous mode [ 147.659841][ T4746] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.675355][ T4746] device bridge_slave_0 left promiscuous mode [ 147.683249][ T4746] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.732983][ T4746] device veth1_macvtap left promiscuous mode [ 147.739144][ T4746] device veth0_macvtap left promiscuous mode [ 147.746218][ T4746] device veth1_vlan left promiscuous mode [ 147.759216][ T4746] device veth0_vlan left promiscuous mode [ 148.112678][ T4746] bond2 (unregistering): Released all slaves [ 148.546079][ T4746] bond1 (unregistering): (slave veth3): Releasing backup interface [ 148.592964][ T4746] bond1 (unregistering): Released all slaves [ 149.256873][ T4271] Bluetooth: hci0: command 0x0419 tx timeout [ 149.450478][ T4746] team0 (unregistering): Port device team_slave_1 removed [ 149.490484][ T4746] team0 (unregistering): Port device team_slave_0 removed [ 149.536642][ T4746] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.575938][ T4746] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.992941][ T4746] bond0 (unregistering): Released all slaves [ 150.071179][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 150.078309][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.105147][ T5223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 150.172455][ T5329] device veth7 entered promiscuous mode [ 150.183070][ T5329] bond3: (slave veth7): Enslaving as a backup interface with a down link [ 150.192247][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 150.217880][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 150.303718][ T4919] device veth0_macvtap entered promiscuous mode [ 150.330502][ T4919] device veth1_macvtap entered promiscuous mode [ 150.368662][ T5223] device hsr_slave_0 entered promiscuous mode [ 150.427920][ T5223] device hsr_slave_1 entered promiscuous mode [ 150.436483][ T5223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 150.463793][ T5223] Cannot create hsr debugfs directory [ 150.548320][ T4919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.568071][ T4919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.608641][ T4919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.646920][ T4919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.687187][ T4919] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.795058][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 151.009066][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 151.110786][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 151.523654][ T4919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 151.523713][ T4919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.523725][ T4919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 151.523739][ T4919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.525060][ T4919] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 151.527392][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 151.528123][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 151.532067][ T4919] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.532141][ T4919] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.532170][ T4919] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.532198][ T4919] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.739651][ T5239] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.866830][ T5239] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.907167][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 152.948851][ T5223] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 152.982142][ T5223] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 153.044749][ T5223] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 153.054068][ T4357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.081914][ T4357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.111126][ T5223] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 153.143143][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 153.175810][ T5406] loop3: detected capacity change from 0 to 16 [ 153.225691][ T5406] erofs: (device loop3): mounted with root inode @ nid 36. [ 153.321779][ T5415] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.298'. [ 153.364837][ T5406] syz.3.297: attempt to access beyond end of device [ 153.364837][ T5406] loop3: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 153.421132][ T5417] netlink: 'syz.2.299': attribute type 1 has an invalid length. [ 153.424686][ T5406] syz.3.297: attempt to access beyond end of device [ 153.424686][ T5406] loop3: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 153.470655][ T26] audit: type=1800 audit(1762504521.716:5): pid=5406 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.297" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 153.535091][ T5421] loop5: detected capacity change from 0 to 4096 [ 153.638541][ T5426] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 154.871837][ T5223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.977243][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 154.992661][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 155.010471][ T5223] 8021q: adding VLAN 0 to HW filter on device team0 [ 155.042687][ T5437] netlink: 'syz.4.302': attribute type 1 has an invalid length. [ 155.120205][ T5440] netlink: 'syz.3.304': attribute type 12 has an invalid length. [ 155.202393][ T5417] device veth9 entered promiscuous mode [ 155.262032][ T5417] bond4: (slave veth9): Enslaving as a backup interface with a down link [ 155.307155][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 155.329566][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 155.362368][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.369583][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.387561][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 155.409948][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 155.435906][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.443173][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.516541][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 155.587474][ T5437] 8021q: adding VLAN 0 to HW filter on device bond3 [ 155.605178][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 155.676633][ T5442] device veth9 entered promiscuous mode [ 156.289733][ T5223] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 156.380196][ T5223] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 156.401990][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 156.428441][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 156.449611][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 156.489012][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 156.540779][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 156.571226][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 156.579608][ T5467] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.311'. [ 156.603703][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 156.627893][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 156.650429][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 156.717643][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 156.746317][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 157.550947][ T5483] loop5: detected capacity change from 0 to 4096 [ 158.279724][ T5500] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 159.689664][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 159.732959][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 159.737105][ T4271] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 159.753566][ T4271] Bluetooth: hci5: Injecting HCI hardware error event [ 159.762100][ T4278] Bluetooth: hci5: hardware error 0x00 [ 159.825505][ T5223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.090798][ T5557] netlink: 'syz.5.333': attribute type 1 has an invalid length. [ 161.827082][ T4278] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 161.971314][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 161.991191][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 162.036333][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 162.068065][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 162.163773][ T5557] device veth3 entered promiscuous mode [ 162.196100][ T5223] device veth0_vlan entered promiscuous mode [ 162.209574][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 162.225995][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 162.250263][ T5223] device veth1_vlan entered promiscuous mode [ 162.331869][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 162.341145][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 162.360704][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 162.386547][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 162.408884][ T5223] device veth0_macvtap entered promiscuous mode [ 162.444940][ T5223] device veth1_macvtap entered promiscuous mode [ 162.508593][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.535923][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.552334][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.563356][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.586234][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.611810][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.633548][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.649242][ T5581] netlink: 'syz.3.339': attribute type 12 has an invalid length. [ 162.666550][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 162.688318][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 162.703429][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 162.713996][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 162.732157][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.750147][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.760449][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.771733][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.782167][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.793055][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.805490][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.817196][ T5223] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.830586][ T5223] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.840791][ T5223] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.854080][ T5223] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.898447][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 162.915713][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 163.079699][ T47] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.103134][ T47] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.193151][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 163.214258][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.226466][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.255309][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 163.570536][ T5613] loop6: detected capacity change from 0 to 256 [ 163.577488][ T4278] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 163.586137][ T4278] Bluetooth: hci4: Injecting HCI hardware error event [ 163.594599][ T4271] Bluetooth: hci4: hardware error 0x00 [ 165.793618][ T4271] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 166.679218][ T5671] loop2: detected capacity change from 0 to 256 [ 169.447301][ T5723] netlink: 'syz.6.379': attribute type 1 has an invalid length. [ 169.621518][ T5728] loop5: detected capacity change from 0 to 256 [ 170.188914][ T5723] device veth3 entered promiscuous mode [ 173.643071][ T5786] loop6: detected capacity change from 0 to 256 [ 174.785646][ T5809] netlink: 'syz.2.401': attribute type 1 has an invalid length. [ 175.089485][ T5812] device veth11 entered promiscuous mode [ 175.155870][ T5812] bond5: (slave veth11): Enslaving as a backup interface with a down link [ 176.250726][ T5827] loop3: detected capacity change from 0 to 256 [ 176.535207][ T5816] team0 (unregistering): Port device team_slave_0 removed [ 176.586440][ T5816] team0 (unregistering): Port device team_slave_1 removed [ 176.659434][ T5840] loop2: detected capacity change from 0 to 256 [ 176.717388][ T5836] netlink: 40 bytes leftover after parsing attributes in process `syz.6.405'. [ 178.560244][ T5872] 9pnet_fd: Insufficient options for proto=fd [ 178.649576][ T5874] netlink: 'syz.2.417': attribute type 1 has an invalid length. [ 178.730107][ T5879] loop6: detected capacity change from 0 to 256 [ 179.285567][ T5899] netlink: 'syz.5.424': attribute type 12 has an invalid length. [ 179.399988][ T5874] device veth13 entered promiscuous mode [ 179.450493][ T5874] bond6: (slave veth13): Enslaving as a backup interface with a down link [ 181.027948][ T5930] loop4: detected capacity change from 0 to 256 [ 181.344028][ T5942] netlink: 'syz.6.437': attribute type 12 has an invalid length. [ 181.989686][ T5960] netlink: 40 bytes leftover after parsing attributes in process `syz.5.442'. [ 182.504729][ T5964] netlink: 'syz.3.445': attribute type 1 has an invalid length. [ 183.227161][ T5964] device veth15 entered promiscuous mode [ 183.235860][ T5964] bond7: (slave veth15): Enslaving as a backup interface with a down link [ 183.262941][ T5990] netlink: 'syz.5.451': attribute type 12 has an invalid length. [ 183.986266][ T6015] loop3: detected capacity change from 0 to 512 [ 184.062739][ T6015] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 184.134785][ T6018] netlink: 40 bytes leftover after parsing attributes in process `syz.2.458'. [ 184.991908][ T4885] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 185.908833][ T6051] netlink: 20 bytes leftover after parsing attributes in process `syz.4.467'. [ 186.311502][ T6055] netlink: 'syz.4.470': attribute type 12 has an invalid length. [ 186.804614][ T6068] netlink: 40 bytes leftover after parsing attributes in process `syz.6.472'. [ 188.033064][ T6099] netlink: 20 bytes leftover after parsing attributes in process `syz.2.481'. [ 188.780695][ T6106] netlink: 'syz.5.484': attribute type 12 has an invalid length. [ 190.273523][ T6127] loop4: detected capacity change from 0 to 256 [ 191.255779][ T6143] loop5: detected capacity change from 0 to 256 [ 191.884386][ T6161] netlink: 26 bytes leftover after parsing attributes in process `syz.5.502'. [ 191.956291][ T6163] Driver unsupported XDP return value 0 on prog (id 35) dev N/A, expect packet loss! [ 192.210933][ T6170] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 192.270062][ T6170] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 192.573835][ T6185] process 'syz.5.508' launched '/dev/fd/3' with NULL argv: empty string added [ 194.299879][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.306543][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.728262][ T6256] netlink: 'syz.6.529': attribute type 1 has an invalid length. [ 196.027951][ T6256] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 197.120220][ T6289] Can't find ip_set type has [ 197.289402][ T6071] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 197.309333][ T6256] 8021q: adding VLAN 0 to HW filter on device bond1 [ 197.955939][ T4510] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 198.490855][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 198.718174][ T6263] device veth3 entered promiscuous mode [ 198.743050][ T6307] loop5: detected capacity change from 0 to 256 [ 198.759588][ T6263] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 201.138253][ T6344] Can't find ip_set type has [ 204.352195][ T6404] Can't find ip_set type has [ 207.932599][ T6465] loop2: detected capacity change from 0 to 256 [ 216.300445][ T6579] Can't find ip_set type hash:ip,po [ 217.944496][ T6615] overlayfs: overlapping lowerdir path [ 219.076841][ T6628] Can't find ip_set type hash:ip,po [ 220.801122][ T6661] overlayfs: overlapping lowerdir path [ 223.329562][ T6706] overlayfs: overlapping lowerdir path [ 224.269307][ T6723] Can't find ip_set type hash:ip,por [ 225.319035][ T6765] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 226.324400][ T6817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.684'. [ 227.876649][ T6887] loop2: detected capacity change from 0 to 764 [ 228.403289][ T6910] loop4: detected capacity change from 0 to 256 [ 231.127149][ T6911] device bridge_slave_1 left promiscuous mode [ 231.135288][ T6911] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.317771][ T6911] device bridge_slave_0 left promiscuous mode [ 231.324056][ T6911] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.743743][ T6972] netlink: 8 bytes leftover after parsing attributes in process `syz.2.737'. [ 236.233825][ T7055] netlink: 'syz.6.760': attribute type 1 has an invalid length. [ 236.274268][ T7060] overlayfs: failed to clone upperpath [ 236.288486][ T7060] overlayfs: failed to clone lowerpath [ 237.321636][ T7076] loop2: detected capacity change from 0 to 256 [ 237.460353][ T7066] device veth5 entered promiscuous mode [ 237.570960][ T7066] bond2: (slave veth5): Enslaving as a backup interface with a down link [ 240.029415][ T7102] 9pnet_fd: Insufficient options for proto=fd [ 240.428979][ T7118] netlink: 8 bytes leftover after parsing attributes in process `syz.2.776'. [ 240.666100][ T7127] overlayfs: failed to clone upperpath [ 241.034133][ T7148] overlayfs: overlapping lowerdir path [ 241.313745][ T7159] netlink: 'syz.2.791': attribute type 1 has an invalid length. [ 241.889443][ T7159] device veth15 entered promiscuous mode [ 241.945430][ T7159] bond7: (slave veth15): Enslaving as a backup interface with a down link [ 242.051110][ T7192] fuse: Bad value for 'fd' [ 242.624697][ T7208] overlayfs: missing 'lowerdir' [ 243.035954][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.6.815'. [ 243.944453][ T7238] netlink: 'syz.3.818': attribute type 1 has an invalid length. [ 244.077587][ T7246] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 244.086479][ T7246] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 244.328540][ T7249] device veth17 entered promiscuous mode [ 244.451255][ T7249] bond8: (slave veth17): Enslaving as a backup interface with a down link [ 244.654326][ T7266] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 244.700143][ T7266] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 245.052359][ T7279] 9pnet_fd: Insufficient options for proto=fd [ 245.073164][ T7278] netlink: 28 bytes leftover after parsing attributes in process `syz.3.830'. [ 245.319128][ T7290] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 245.365447][ T7290] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 246.210645][ T7320] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 246.237047][ T7320] pim6reg1: linktype set to 778 [ 246.269495][ T7326] 9pnet_fd: Insufficient options for proto=fd [ 246.466514][ T7334] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 246.506957][ T7334] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 246.611511][ T7342] 9pnet_fd: Insufficient options for proto=fd [ 247.299864][ T7371] overlayfs: missing 'lowerdir' [ 247.643245][ T7378] 9pnet_fd: Insufficient options for proto=fd [ 248.334669][ T7385] 9pnet_fd: Insufficient options for proto=fd [ 250.044445][ T7426] 9pnet_fd: Insufficient options for proto=fd [ 252.171731][ T7471] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 252.248420][ T7471] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 252.687311][ T7495] netlink: 8 bytes leftover after parsing attributes in process `syz.3.909'. [ 252.723390][ T7495] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 254.179533][ T7532] fuse: Bad value for 'group_id' [ 254.580163][ T7539] loop5: detected capacity change from 0 to 164 [ 255.271007][ T4277] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 255.515808][ T7555] 9pnet_fd: Insufficient options for proto=fd [ 255.740630][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.748214][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.837679][ T7565] 9pnet_fd: Insufficient options for proto=fd [ 256.048286][ T7574] fuse: Bad value for 'group_id' [ 257.326380][ T7596] 9pnet_fd: Insufficient options for proto=fd [ 257.586224][ T7608] 9pnet_fd: Insufficient options for proto=fd [ 257.911198][ T7616] fuse: Bad value for 'group_id' [ 258.217490][ T7625] netlink: 'syz.3.955': attribute type 1 has an invalid length. [ 258.477652][ T7641] 9pnet_fd: Insufficient options for proto=fd [ 258.930719][ T7625] device veth19 entered promiscuous mode [ 258.972580][ T7625] bond9: (slave veth19): Enslaving as a backup interface with a down link [ 260.677847][ T7683] overlayfs: missing 'workdir' [ 261.102741][ T7704] netlink: 'syz.3.978': attribute type 1 has an invalid length. [ 261.249157][ T7709] netlink: 8 bytes leftover after parsing attributes in process `syz.6.979'. [ 263.241572][ T7704] device veth21 entered promiscuous mode [ 263.263284][ T7704] bond10: (slave veth21): Enslaving as a backup interface with a down link [ 264.799392][ T7776] overlayfs: failed to clone upperpath [ 265.066848][ T7784] 9pnet_fd: Insufficient options for proto=fd [ 265.916453][ T7820] loop5: detected capacity change from 0 to 256 [ 267.248795][ T7840] overlayfs: failed to clone upperpath [ 268.058001][ T4278] Bluetooth: hci0: command 0x0406 tx timeout [ 268.303623][ T7883] syz.4.1042 (7883) used greatest stack depth: 20512 bytes left [ 268.581223][ T7896] 9pnet_fd: Insufficient options for proto=fd [ 270.042511][ T7941] fuse: Unknown parameter 'grou00000000000000000000' [ 270.109251][ T7947] 9pnet_fd: Insufficient options for proto=fd [ 272.713817][ T7990] fuse: Unknown parameter 'grou00000000000000000000' [ 272.823943][ T7992] loop5: detected capacity change from 0 to 256 [ 272.874413][ T7992] FAT-fs (loop5): Directory bread(block 1285) failed [ 273.072133][ T7999] FAT-fs (loop5): Directory bread(block 1285) failed [ 273.125877][ T7999] FAT-fs (loop5): Directory bread(block 1285) failed [ 273.153462][ T7999] FAT-fs (loop5): Directory bread(block 1285) failed [ 273.189232][ T8001] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus [ 274.695424][ T8030] fuse: Unknown parameter 'grou00000000000000000000' [ 275.810657][ T8080] fuse: Unknown parameter 'group_i00000000000000000000' [ 275.897558][ T8084] fuse: Bad value for 'fd' [ 277.454340][ T8117] fuse: Unknown parameter 'group_i00000000000000000000' [ 277.574837][ T8122] fuse: Bad value for 'fd' [ 278.654001][ T8132] overlayfs: failed to clone upperpath [ 279.934488][ T8154] fuse: Unknown parameter 'group_i00000000000000000000' [ 280.021816][ T8157] fuse: Bad value for 'fd' [ 280.242587][ T8165] overlayfs: failed to resolve './bus': -2 [ 280.278358][ T8166] netlink: 'syz.5.1145': attribute type 12 has an invalid length. [ 281.533037][ T8184] 9pnet_fd: Insufficient options for proto=fd [ 281.571226][ T8187] fuse: Unknown parameter 'group_id00000000000000000000' [ 281.870468][ T8201] overlayfs: failed to resolve './bus': -2 [ 282.143471][ T8209] netlink: 'syz.2.1163': attribute type 12 has an invalid length. [ 282.159807][ T8213] netlink: 'syz.6.1165': attribute type 1 has an invalid length. [ 283.315468][ T8220] 8021q: adding VLAN 0 to HW filter on device bond3 [ 283.486533][ T8213] device veth7 entered promiscuous mode [ 283.711642][ T8239] overlayfs: failed to clone upperpath [ 283.830017][ T8244] overlayfs: upper fs does not support tmpfile. [ 283.912586][ T8250] netlink: 'syz.3.1179': attribute type 12 has an invalid length. [ 283.991387][ T8253] netlink: 'syz.4.1181': attribute type 2 has an invalid length. [ 284.006832][ T8253] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1181'. [ 284.540136][ T8273] netlink: 'syz.5.1189': attribute type 1 has an invalid length. [ 284.714207][ T8277] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 284.844936][ T9] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 285.103687][ T8277] 8021q: adding VLAN 0 to HW filter on device bond1 [ 285.542180][ T11] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 285.891993][ T8273] device veth3 entered promiscuous mode [ 286.257987][ T8310] fuse: Bad value for 'user_id' [ 287.388402][ T8329] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1210'. [ 287.698444][ T8338] overlayfs: failed to clone upperpath [ 287.878755][ T8344] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1217'. [ 288.807540][ T8352] fuse: Bad value for 'user_id' [ 295.981940][ T8475] loop4: detected capacity change from 0 to 764 [ 297.215115][ T8490] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 297.230902][ T8490] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 299.552842][ T8519] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.560433][ T8519] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.572409][ T8520] device bridge_slave_1 left promiscuous mode [ 299.578832][ T8520] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.745185][ T8520] device bridge_slave_0 left promiscuous mode [ 299.752324][ T8520] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.867496][ T8530] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1295'. [ 299.881242][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1295'. [ 301.123089][ T8548] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 301.154836][ T8548] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 302.615498][ T8576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1298'. [ 302.649709][ T8580] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1301'. [ 302.681965][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1301'. [ 303.679316][ T8592] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 303.716984][ T8592] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 304.369016][ T8621] overlayfs: statfs failed on './file0' [ 305.339093][ T8633] loop2: detected capacity change from 0 to 164 [ 305.561302][ T8636] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 305.601540][ T8641] overlayfs: missing 'lowerdir' [ 307.217760][ T8661] overlayfs: failed to clone upperpath [ 310.848738][ T8710] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 310.897005][ T8710] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 312.360933][ T8733] block device autoloading is deprecated and will be removed. [ 312.694877][ T8735] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 312.827208][ T8735] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 313.103687][ T8749] netlink: 'syz.6.1355': attribute type 3 has an invalid length. [ 313.136650][ T8752] syz.5.1358 uses obsolete (PF_INET,SOCK_PACKET) [ 313.240381][ T8755] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 313.268478][ T8755] 8021q: adding VLAN 0 to HW filter on device team0 [ 313.296241][ T8755] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 313.403651][ T8761] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 313.449038][ T8761] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 314.605218][ T8775] netlink: 'syz.4.1366': attribute type 1 has an invalid length. [ 314.795663][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1369'. [ 314.841291][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1369'. [ 314.906094][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1369'. [ 314.935740][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1369'. [ 314.965599][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1369'. [ 315.126162][ T8775] 8021q: adding VLAN 0 to HW filter on device bond4 [ 315.173915][ T8775] device veth11 entered promiscuous mode [ 316.467986][ T8817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1378'. [ 317.180276][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.186645][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.852429][ T8867] fuse: Bad value for 'group_id' [ 320.167890][ T8891] overlayfs: failed to clone upperpath [ 320.254249][ T8895] fuse: Bad value for 'group_id' [ 320.833806][ T8909] overlayfs: missing 'lowerdir' [ 321.426337][ T8914] loop2: detected capacity change from 0 to 16 [ 321.455482][ T8914] erofs: (device loop2): mounted with root inode @ nid 36. [ 321.485690][ T8914] erofs: (device loop2): init_inode_xattrs: xattr_isize 12 of nid 86 is not supported yet [ 321.754853][ T8921] loop5: detected capacity change from 0 to 2048 [ 321.830583][ T8921] loop5: p1 < > p3 p4 < > [ 321.864438][ T8921] loop5: p3 start 4284289 is beyond EOD, truncated [ 322.107391][ T4284] udevd[4284]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 322.124628][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 322.168916][ T8931] fuse: Bad value for 'group_id' [ 322.203620][ T8933] overlayfs: missing 'workdir' [ 322.384046][ T8940] loop6: detected capacity change from 0 to 128 [ 324.612721][ T8959] 8021q: adding VLAN 0 to HW filter on device bond2 [ 325.013970][ T8983] loop4: detected capacity change from 0 to 256 [ 325.054835][ T8983] FAT-fs (loop4): Directory bread(block 1285) failed [ 325.106327][ T8983] FAT-fs (loop4): Directory bread(block 1285) failed [ 325.125211][ T8983] FAT-fs (loop4): Directory bread(block 1285) failed [ 325.135492][ T8983] FAT-fs (loop4): Directory bread(block 1285) failed [ 325.155100][ T8985] fuse: Bad value for 'rootmode' [ 325.202897][ T8979] loop5: detected capacity change from 0 to 8192 [ 326.936059][ T9019] loop6: detected capacity change from 0 to 256 [ 326.975110][ T9019] FAT-fs (loop6): Directory bread(block 1285) failed [ 327.027461][ T9019] FAT-fs (loop6): Directory bread(block 1285) failed [ 327.048923][ T9019] FAT-fs (loop6): Directory bread(block 1285) failed [ 327.094547][ T9019] FAT-fs (loop6): Directory bread(block 1285) failed [ 327.176543][ T9023] fuse: Unknown parameter 'use00000000000000000000' [ 327.470328][ T9029] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1457'. [ 328.018269][ T9049] fuse: Unknown parameter 'use00000000000000000000' [ 329.525576][ T9082] fuse: Unknown parameter 'use00000000000000000000' [ 330.205406][ T9111] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1493'. [ 330.328172][ T9113] fuse: Unknown parameter 'user_i00000000000000000000' [ 330.713856][ T9127] loop2: detected capacity change from 0 to 16 [ 330.724615][ T9127] erofs: (device loop2): mounted with root inode @ nid 36. [ 331.021585][ T9137] fuse: Unknown parameter 'user_i00000000000000000000' [ 331.361417][ T9153] fuse: Unknown parameter 'grou00000000000000000000' [ 331.531974][ T9155] loop6: detected capacity change from 0 to 8192 [ 331.810504][ T9165] fuse: Unknown parameter 'user_i00000000000000000000' [ 332.222716][ T9177] fuse: Unknown parameter 'grou00000000000000000000' [ 332.271748][ T9181] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received [ 333.327762][ T9190] device sit0 entered promiscuous mode [ 333.336913][ T9190] netlink: 'syz.4.1529': attribute type 1 has an invalid length. [ 333.344690][ T9190] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1529'. [ 333.446015][ T9200] fuse: Unknown parameter 'user_id00000000000000000000' [ 334.756207][ T9219] fuse: Unknown parameter 'grou00000000000000000000' [ 336.013586][ T9238] fuse: Unknown parameter 'user_id00000000000000000000' [ 337.733882][ T9263] fuse: Unknown parameter 'group_i00000000000000000000' [ 337.992138][ T9276] fuse: Unknown parameter 'user_id00000000000000000000' [ 338.495942][ T9296] fuse: Unknown parameter 'group_i00000000000000000000' [ 338.533282][ T26] audit: type=1326 audit(1762504706.776:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.3.1568" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f536458f6c9 code=0x0 [ 338.590236][ T9298] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1570'. [ 338.866066][ T9307] fuse: Bad value for 'fd' [ 339.180526][ T9318] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1579'. [ 339.241922][ T9320] fuse: Unknown parameter 'group_i00000000000000000000' [ 339.296889][ T9322] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1581'. [ 339.325647][ T9324] overlayfs: failed to clone upperpath [ 339.465897][ T9330] fuse: Bad value for 'fd' [ 340.504659][ T9345] fuse: Unknown parameter 'group_id00000000000000000000' [ 340.752783][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1593'. [ 340.874811][ T9360] fuse: Bad value for 'fd' [ 341.187718][ T9376] fuse: Unknown parameter 'group_id00000000000000000000' [ 342.375211][ T9399] fuse: Unknown parameter '0x0000000000000004' [ 342.486357][ T9403] fuse: Unknown parameter 'group_id00000000000000000000' [ 343.817119][ T4278] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 343.825924][ T4278] Bluetooth: hci0: Injecting HCI hardware error event [ 343.835313][ T4271] Bluetooth: hci0: hardware error 0x00 [ 343.896289][ T9426] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1623'. [ 344.019209][ T9432] fuse: Unknown parameter '0x0000000000000004' [ 344.610719][ T9457] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1634'. [ 344.705202][ T9459] fuse: Bad value for 'fd' [ 344.723741][ T9461] fuse: Unknown parameter '0x0000000000000004' [ 345.365895][ T9482] fuse: Bad value for 'user_id' [ 345.375724][ T9484] fuse: Bad value for 'fd' [ 345.578685][ T9492] fuse: Unknown parameter '0x0000000000000004' [ 345.584826][ T9493] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1651'. [ 345.897012][ T4271] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 346.639457][ T9517] fuse: Bad value for 'fd' [ 346.738836][ T9519] fuse: Bad value for 'fd' [ 346.938903][ T9526] fuse: Unknown parameter '0x0000000000000004' [ 347.103864][ T9532] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1667'. [ 347.251935][ T9538] fuse: Bad value for 'fd' [ 347.596389][ T9551] overlayfs: failed to set xattr on upper [ 347.602563][ T9551] overlayfs: ...falling back to index=off,metacopy=off. [ 347.671998][ T9553] fuse: Unknown parameter '0x0000000000000004' [ 349.183620][ T9582] fuse: Unknown parameter 'fd0x0000000000000004' [ 350.225553][ T9614] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1699'. [ 350.403103][ T9619] fuse: Unknown parameter 'fd0x0000000000000004' [ 351.275797][ T9627] fuse: Bad value for 'fd' [ 352.686274][ T9648] fuse: Unknown parameter 'fd0x0000000000000004' [ 354.001282][ T9667] overlayfs: failed to resolve './file0': -2 [ 354.115281][ T9670] overlayfs: failed to resolve './file0/file0': -2 [ 354.367695][ T9684] fuse: Invalid rootmode [ 355.101546][ T9709] overlayfs: failed to resolve './file0': -2 [ 355.112282][ T9709] overlayfs: failed to resolve './file0/file0': -2 [ 356.030291][ T9724] fuse: Invalid rootmode [ 356.523343][ T9747] loop6: detected capacity change from 0 to 128 [ 356.538005][ T9747] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 356.665513][ T9747] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 357.522949][ T4297] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 357.532886][ T9759] fuse: Invalid rootmode [ 358.127902][ T9783] overlayfs: failed to resolve './file0': -2 [ 358.134942][ T9781] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1762'. [ 358.168267][ T9783] overlayfs: failed to resolve './file0/file0': -2 [ 358.522186][ T9797] fuse: Bad value for 'rootmode' [ 358.531611][ T9795] loop4: detected capacity change from 0 to 764 [ 358.552185][ T9795] rock: directory entry would overflow storage [ 358.566771][ T9795] rock: sig=0x4654, size=5, remaining=4 [ 359.795532][ T9824] overlayfs: failed to resolve './file0': -2 [ 359.813869][ T9824] overlayfs: failed to resolve './file0/file0': -2 [ 361.313474][ T9861] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1796'. [ 361.614496][ T9872] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1800'. [ 361.644306][ T9872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1800'. [ 361.695371][ T9872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1800'. [ 362.682310][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1810'. [ 364.688238][ T9942] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1824'. [ 364.773696][ T9948] fuse: Bad value for 'fd' [ 364.946142][ T9954] fuse: Unknown parameter 'use00000000000000000000' [ 366.092322][T10000] fuse: Unknown parameter 'use00000000000000000000' [ 367.095456][T10044] fuse: Unknown parameter 'use00000000000000000000' [ 367.129424][T10043] netlink: 'syz.6.1862': attribute type 4 has an invalid length. [ 367.435625][T10056] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1867'. [ 367.777396][T10069] fuse: Unknown parameter 'user_i00000000000000000000' [ 368.290505][T10091] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1881'. [ 368.428705][T10094] capability: warning: `syz.3.1883' uses 32-bit capabilities (legacy support in use) [ 368.739327][T10103] fuse: Unknown parameter 'user_i00000000000000000000' [ 369.420240][T10135] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1896'. [ 369.625773][T10141] fuse: Unknown parameter 'user_i00000000000000000000' [ 370.233051][T10166] overlayfs: failed to resolve './file1': -2 [ 370.254193][T10166] overlayfs: failed to resolve './file1': -2 [ 370.469566][T10175] fuse: Unknown parameter 'user_id00000000000000000000' [ 371.252399][T10205] overlayfs: failed to resolve './file1': -2 [ 371.264599][T10205] overlayfs: failed to resolve './file1': -2 [ 371.831831][T10212] fuse: Unknown parameter 'user_id00000000000000000000' [ 372.705698][T10248] overlayfs: failed to resolve './file1': -2 [ 372.749383][T10248] overlayfs: failed to resolve './file1': -2 [ 374.235913][T10282] fuse: Unknown parameter 'fd0x0000000000000004' [ 374.617005][T10298] fuse: Bad value for 'fd' [ 375.809724][T10321] fuse: Unknown parameter 'fd0x0000000000000004' [ 376.234996][T10337] fuse: Bad value for 'fd' [ 377.441108][T10361] fuse: Unknown parameter 'fd0x0000000000000004' [ 377.452719][T10362] 9pnet_fd: Insufficient options for proto=fd [ 378.023625][T10381] fuse: Bad value for 'fd' [ 378.619357][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.627249][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.122057][T10411] overlayfs: failed to clone upperpath [ 379.409483][T10417] loop6: detected capacity change from 0 to 128 [ 380.141066][T10450] loop4: detected capacity change from 0 to 256 [ 380.189600][T10452] overlayfs: failed to clone upperpath [ 381.380383][T10497] ipt_CLUSTERIP: Please specify destination IP [ 382.184235][T10509] loop4: detected capacity change from 0 to 8192 [ 382.824633][T10524] loop6: detected capacity change from 0 to 128 [ 382.919236][T10509] loop4: p1 p2 < > p3 [ 383.031735][T10509] loop4: partition table partially beyond EOD, truncated [ 383.122317][T10509] loop4: p1 start 16777216 is beyond EOD, truncated [ 383.170531][T10509] loop4: p2 start 268435456 is beyond EOD, truncated [ 383.223177][T10509] loop4: p3 size 60489728 extends beyond EOD, truncated [ 383.371010][T10533] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2037'. [ 383.437735][T10535] overlayfs: missing 'lowerdir' [ 383.767776][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 384.111864][T10556] fuse: Unknown parameter '0x0000000000000003' [ 384.310790][T10563] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2050'. [ 384.831745][T10587] fuse: Unknown parameter 'fd0x0000000000000003' [ 384.992870][ T26] audit: type=1326 audit(1762504753.236:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10593 comm="syz.2.2065" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72fbd8f6c9 code=0x0 [ 385.138145][T10599] overlayfs: invalid redirect ((null)) [ 385.336997][T10604] loop2: detected capacity change from 0 to 128 [ 385.864997][T10618] 9pnet_fd: Insufficient options for proto=fd [ 385.890690][T10620] fuse: Unknown parameter 'fd0x0000000000000003' [ 386.085229][T10625] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 386.125918][T10625] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 387.136525][T10636] fuse: Bad value for 'fd' [ 387.221875][T10641] loop5: detected capacity change from 0 to 128 [ 387.964838][T10644] loop2: detected capacity change from 0 to 128 [ 388.163258][T10648] netlink: 'syz.6.2086': attribute type 3 has an invalid length. [ 388.222906][T10648] netlink: 'syz.6.2086': attribute type 3 has an invalid length. [ 388.375974][T10651] 9pnet_fd: Insufficient options for proto=fd [ 388.966428][T10672] fuse: Bad value for 'fd' [ 389.012876][T10674] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 389.054838][T10674] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 389.328167][T10684] 9pnet_fd: Insufficient options for proto=fd [ 389.721637][T10701] block device autoloading is deprecated and will be removed. [ 390.182506][T10710] loop6: detected capacity change from 0 to 128 [ 390.386161][T10715] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 390.441523][T10715] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 390.503424][T10720] 9pnet_fd: Insufficient options for proto=fd [ 390.993195][T10742] overlayfs: filesystem on './file0' not supported as upperdir [ 391.252888][T10748] loop4: detected capacity change from 0 to 128 [ 391.554190][T10755] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 391.601991][T10755] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 391.816384][T10766] 9pnet_fd: Insufficient options for proto=fd [ 392.535843][T10797] loop2: detected capacity change from 0 to 128 [ 392.708629][T10800] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 392.741637][T10800] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 392.791625][T10802] loop6: detected capacity change from 0 to 136 [ 392.858571][ T4266] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 392.923585][T10805] 9pnet_fd: Insufficient options for proto=fd [ 394.375762][T10837] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 394.393097][T10838] overlayfs: filesystem on './file0' not supported as upperdir [ 394.425877][T10837] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 394.814932][T10849] loop2: detected capacity change from 0 to 128 [ 395.342631][T10864] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 395.396170][T10864] overlayfs: fs on './bus' does not support file handles, falling back to xino=off. [ 395.434176][T10864] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 397.057806][T10885] overlayfs: filesystem on './file0' not supported as upperdir [ 397.069834][T10886] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 397.104156][T10886] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 397.485653][T10897] loop4: detected capacity change from 0 to 128 [ 398.966471][T10943] loop6: detected capacity change from 0 to 2048 [ 399.014448][T10949] loop5: detected capacity change from 0 to 256 [ 399.039658][T10943] Alternate GPT is invalid, using primary GPT. [ 399.048783][T10943] loop6: p1 p2 p3 [ 399.646698][ C0] hrtimer: interrupt took 71466 ns [ 399.700134][ T4284] udevd[4284]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 399.701877][ T4266] udevd[4266]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 399.762388][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 399.773990][T10970] mmap: syz.4.2211 (10970): VmData 50049024 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 399.830359][ T4284] udevd[4284]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 399.849894][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 399.867475][ T4266] udevd[4266]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 400.141066][ T26] audit: type=1326 audit(1762504768.386:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10973 comm="syz.3.2214" exe="/root/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7f5364586567 code=0x0 [ 401.013094][T11014] tmpfs: Unknown parameter 'noswap' [ 401.114322][T11016] netlink: 'syz.3.2230': attribute type 4 has an invalid length. [ 401.340831][T11024] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2233'. [ 401.557882][T11031] loop5: detected capacity change from 0 to 128 [ 402.164229][T11049] fuse: Unknown parameter 'grou00000000000000000000' [ 402.248048][T11056] IPv6: addrconf: prefix option has invalid lifetime [ 402.841478][T11073] 9pnet_fd: Insufficient options for proto=fd [ 403.328564][T11086] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2253'. [ 403.542470][T11094] fuse: Unknown parameter 'group_i00000000000000000000' [ 403.819157][T11098] loop5: detected capacity change from 0 to 128 [ 403.942056][T11104] netlink: 'syz.3.2258': attribute type 3 has an invalid length. [ 403.965892][T11104] netlink: 'syz.3.2258': attribute type 3 has an invalid length. [ 404.084485][T11108] overlayfs: missing 'lowerdir' [ 404.236880][T11112] 9pnet_fd: Insufficient options for proto=fd [ 404.515955][T11126] overlayfs: failed to resolve './bus': -2 [ 404.526337][T11126] overlayfs: failed to resolve './bus': -2 [ 404.683279][T11134] loop5: detected capacity change from 0 to 128 [ 404.692744][T11135] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2271'. [ 404.944680][T11140] overlayfs: missing 'lowerdir' [ 404.992255][T11143] 9pnet_fd: Insufficient options for proto=fd [ 405.263914][T11153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2280'. [ 405.309550][T11153] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2280'. [ 405.537003][T11166] overlayfs: missing 'lowerdir' [ 405.603641][T11169] 9pnet_fd: Insufficient options for proto=fd [ 406.689023][T11185] fuse: Bad value for 'group_id' [ 406.911231][T11196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2296'. [ 406.973799][T11197] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2294'. [ 406.985907][T11196] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2296'. [ 407.073727][T11203] overlayfs: missing 'workdir' [ 407.234024][T11208] 9pnet_fd: Insufficient options for proto=fd [ 408.526652][T11224] fuse: Bad value for 'group_id' [ 408.780724][T11228] fuse: Unknown parameter 'group_id00000000000000000000' [ 409.682428][T11241] overlayfs: missing 'workdir' [ 409.729082][T11243] 9pnet_fd: Insufficient options for proto=fd [ 409.742059][T11244] loop2: detected capacity change from 0 to 7 [ 409.770297][T11244] Dev loop2: unable to read RDB block 7 [ 409.776397][T11244] loop2: AHDI p1 p2 p3 [ 409.781733][T11244] loop2: partition table partially beyond EOD, truncated [ 409.791063][T11244] loop2: p1 start 1601398130 is beyond EOD, truncated [ 409.798371][T11244] loop2: p2 start 1702059890 is beyond EOD, truncated [ 410.128796][T11262] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2321'. [ 410.277401][T11268] fuse: Unknown parameter 'group_id00000000000000000000' [ 410.368382][T11271] netlink: 3 bytes leftover after parsing attributes in process `syz.6.2325'. [ 410.381783][T11271] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2325'. [ 410.391669][T11271] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2325'. [ 410.542626][T11275] overlayfs: missing 'workdir' [ 411.155599][T11294] fuse: Bad value for 'user_id' [ 411.307933][T11300] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2338'. [ 411.327695][T11300] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2338'. [ 411.345050][T11300] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2338'. [ 411.927184][T11327] fuse: Bad value for 'user_id' [ 411.989398][T11321] loop6: detected capacity change from 0 to 8192 [ 412.113052][T11331] loop2: detected capacity change from 0 to 128 [ 412.304709][T11333] sock: sock_set_timeout: `syz.6.2353' (pid 11333) tries to set negative timeout [ 412.563610][T11341] loop5: detected capacity change from 0 to 128 [ 413.216211][T11368] netlink: 'syz.2.2369': attribute type 13 has an invalid length. [ 414.477292][T11388] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 414.994707][T11406] overlayfs: failed to resolve './bus': -2 [ 415.095250][T11368] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.102624][T11368] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.312269][T11417] fuse: Bad value for 'fd' [ 415.897236][T11438] overlayfs: failed to resolve './bus': -2 [ 416.351920][T11451] fuse: Bad value for 'fd' [ 416.545853][T11455] fuse: Unknown parameter 'grou00000000000000000000' [ 416.720986][T11461] overlayfs: unrecognized mount option "verity=on" or missing value [ 417.583823][T11466] overlayfs: failed to resolve './file0': -2 [ 417.669668][T11368] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 417.736608][T11368] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 417.842992][T11473] overlayfs: failed to resolve './bus': -2 [ 417.884032][T11469] 9pnet: Could not find request transport: fd0x0000000000000003 [ 418.138770][T11480] loop5: detected capacity change from 0 to 128 [ 418.198613][T11480] FAT-fs (loop5): Directory bread(block 32) failed [ 418.226421][T11480] FAT-fs (loop5): Directory bread(block 33) failed [ 418.258185][T11480] FAT-fs (loop5): Directory bread(block 34) failed [ 418.266001][T11480] FAT-fs (loop5): Directory bread(block 35) failed [ 418.274663][T11480] FAT-fs (loop5): Directory bread(block 36) failed [ 418.281724][T11480] FAT-fs (loop5): Directory bread(block 37) failed [ 418.289930][T11480] FAT-fs (loop5): Directory bread(block 38) failed [ 418.296517][T11480] FAT-fs (loop5): Directory bread(block 39) failed [ 418.304523][T11480] FAT-fs (loop5): Directory bread(block 40) failed [ 418.311659][T11480] FAT-fs (loop5): Directory bread(block 41) failed [ 418.563972][T11368] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.573655][T11368] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.582721][T11368] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.593006][T11368] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.732846][T11484] fuse: Unknown parameter 'grou00000000000000000000' [ 419.077122][T11430] device sit0 entered promiscuous mode [ 419.082909][T11430] netlink: 'syz.3.2394': attribute type 1 has an invalid length. [ 419.091155][T11430] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2394'. [ 419.365775][T11500] overlayfs: failed to resolve './file0': -2 [ 419.711725][T11498] 9pnet: Could not find request transport: fd0x0000000000000003 [ 419.808439][T11513] fuse: Unknown parameter 'grou00000000000000000000' [ 420.442065][T11529] overlayfs: missing 'lowerdir' [ 420.869856][T11543] loop2: detected capacity change from 0 to 512 [ 420.877487][T11543] FAT-fs (loop2): Unrecognized mount option "shortname=" or missing value [ 420.921982][T11542] fuse: Unknown parameter 'group_i00000000000000000000' [ 421.011597][T11534] 9pnet: Could not find request transport: fd0x0000000000000003 [ 421.124298][T11550] overlayfs: failed to resolve './bus': -2 [ 421.134038][T11550] overlayfs: failed to resolve './bus': -2 [ 421.565343][T11573] block device autoloading is deprecated and will be removed. [ 421.635322][T11577] fuse: Unknown parameter 'group_i00000000000000000000' [ 421.882607][T11586] 9pnet_fd: Insufficient options for proto=fd [ 422.126291][T11598] overlayfs: failed to resolve './bus': -2 [ 422.153793][T11598] overlayfs: failed to resolve './bus': -2 [ 423.444629][T11628] 9pnet_fd: Insufficient options for proto=fd [ 423.650139][T11632] fuse: Invalid rootmode [ 423.878304][T11635] overlayfs: missing 'lowerdir' [ 425.094766][T11667] fuse: Bad value for 'rootmode' [ 425.167351][T11670] overlayfs: missing 'lowerdir' [ 425.400693][T11679] overlayfs: failed to resolve './bus': -2 [ 425.430407][T11682] sock: sock_set_timeout: `syz.3.2490' (pid 11682) tries to set negative timeout [ 426.038411][T11700] fuse: Bad value for 'rootmode' [ 426.306451][T11706] overlayfs: failed to clone upperpath [ 426.324101][T11706] overlayfs: missing 'lowerdir' [ 426.614275][T11715] fuse: Bad value for 'user_id' [ 426.678448][T11718] overlayfs: failed to resolve './bus': -2 [ 427.051488][T11734] fuse: Bad value for 'rootmode' [ 427.542865][ T26] audit: type=1326 audit(1762504795.786:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11747 comm="syz.3.2514" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f536458f6c9 code=0x0 [ 427.626612][T11754] overlayfs: failed to resolve './bus': -2 [ 427.665347][T11756] fuse: Bad value for 'user_id' [ 427.739677][T11758] netlink: 95 bytes leftover after parsing attributes in process `syz.5.2517'. [ 428.508636][T11785] fuse: Bad value for 'user_id' [ 429.425211][T11820] fuse: Bad value for 'fd' [ 430.315055][T11845] user requested TSC rate below hardware speed [ 430.562462][T11855] overlayfs: failed to clone upperpath [ 431.633805][T11885] netlink: 91 bytes leftover after parsing attributes in process `syz.5.2564'. [ 431.936996][T11891] kvm: pic: non byte write [ 432.648021][T11919] netlink: 91 bytes leftover after parsing attributes in process `syz.4.2577'. [ 433.356015][T11952] overlayfs: missing 'lowerdir' [ 433.727840][T11960] netlink: 91 bytes leftover after parsing attributes in process `syz.4.2592'. [ 433.807542][T11964] overlayfs: failed to clone upperpath [ 434.102719][T11969] kvm: pic: non byte write [ 434.399037][T11985] overlayfs: missing 'lowerdir' [ 434.791766][T11994] overlayfs: failed to resolve './file1': -2 [ 435.925086][T12033] kvm: pic: non byte write [ 436.905009][T12065] fuse: Unknown parameter 'user_id00000000000000000000' [ 438.360989][T12108] overlayfs: missing 'lowerdir' [ 438.917227][T12127] netlink: 19 bytes leftover after parsing attributes in process `syz.5.2654'. [ 438.957460][T12127] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2654'. [ 438.973028][T12127] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2654'. [ 439.575748][T12148] overlayfs: missing 'lowerdir' [ 440.060516][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.067080][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.990030][T12196] DŠ\žPÛPÝg [ 443.970304][T12328] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2730'. [ 444.460937][T12351] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 444.477202][T12351] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 444.492334][T12351] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 444.514720][T12346] fuse: root generation should be zero [ 444.523026][T12354] overlayfs: failed to clone upperpath [ 444.957701][T12372] fuse: Unknown parameter '0x0000000000000004' [ 445.757816][T12402] fuse: Unknown parameter '0x0000000000000004' [ 445.949900][T12410] overlayfs: missing 'lowerdir' [ 445.998853][T12411] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 447.139043][T12442] fuse: Unknown parameter '0x0000000000000004' [ 447.543069][T12459] overlayfs: missing 'lowerdir' [ 447.655900][T12464] fuse: Unknown parameter 'user_i00000000000000000000' [ 448.716785][T12506] fuse: Unknown parameter 'user_i00000000000000000000' [ 448.947684][T12522] fuse: Bad value for 'fd' [ 450.364679][T12539] fuse: Unknown parameter 'fd0x0000000000000004' [ 450.396354][T12541] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 450.421156][T12541] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 450.541128][T12545] fuse: Unknown parameter 'user_id00000000000000000000' [ 450.557613][T12547] fuse: Bad value for 'fd' [ 451.076089][T12570] fuse: Unknown parameter 'fd0x0000000000000004' [ 451.150743][T12574] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 451.162945][T12574] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 451.186849][T12575] overlayfs: invalid redirect (./file0/file1) [ 451.316339][T12577] fuse: Unknown parameter 'user_id00000000000000000000' [ 451.351903][T12580] fuse: Bad value for 'fd' [ 451.879726][T12601] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 451.930672][T12601] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 452.331827][T12609] fuse: Unknown parameter 'user_id00000000000000000000' [ 453.033953][T12622] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2845'. [ 453.371676][ T4278] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 453.381728][ T4278] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 453.391374][ T4278] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 453.399296][ T4278] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 453.412141][ T4278] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 453.419768][ T4278] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 454.209320][T12630] chnl_net:caif_netlink_parms(): no params data found [ 454.420591][T12650] fuse: Bad value for 'fd' [ 454.464259][T12652] overlayfs: missing 'workdir' [ 454.820378][T12630] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.851649][T12630] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.881735][T12630] device bridge_slave_0 entered promiscuous mode [ 455.002596][T12630] bridge0: port 2(bridge_slave_1) entered blocking state [ 455.034172][T12630] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.063990][T12630] device bridge_slave_1 entered promiscuous mode [ 455.109770][T12671] loop6: detected capacity change from 0 to 736 [ 455.353521][T12630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 455.429388][T12630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 455.506827][ T4278] Bluetooth: hci1: command 0x0409 tx timeout [ 455.713353][T12630] team0: Port device team_slave_0 added [ 455.769894][T12630] team0: Port device team_slave_1 added [ 455.816553][T12679] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2863'. [ 455.863959][T12679] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 455.878387][T12686] fuse: Bad value for 'fd' [ 455.914002][T12679] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 455.982477][T12679] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 456.048471][T12688] overlayfs: missing 'workdir' [ 456.300611][T12630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 456.319892][T12630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 456.523516][T12630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 456.610506][T12630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 456.644076][T12630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 456.796730][T12630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 457.012196][T12717] fuse: Bad value for 'fd' [ 457.165506][T12719] overlayfs: missing 'workdir' [ 457.238736][ T47] bond1: (slave ip6gretap1): Releasing backup interface [ 457.250581][T12728] loop2: detected capacity change from 0 to 128 [ 457.363281][T12630] device hsr_slave_0 entered promiscuous mode [ 457.420963][T12630] device hsr_slave_1 entered promiscuous mode [ 457.438072][T12630] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 457.445791][T12630] Cannot create hsr debugfs directory [ 457.577157][ T4278] Bluetooth: hci1: command 0x041b tx timeout [ 458.240588][T12760] loop4: detected capacity change from 0 to 164 [ 458.304231][T12763] overlayfs: missing 'lowerdir' [ 458.315817][ T4266] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 458.612680][T12776] fuse: Bad value for 'fd' [ 459.390000][ T47] device hsr_slave_0 left promiscuous mode [ 459.430083][ T47] device hsr_slave_1 left promiscuous mode [ 459.476989][ T47] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 459.497607][ T47] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 459.656857][ T4278] Bluetooth: hci1: command 0x040f tx timeout [ 459.703427][T12807] overlayfs: missing 'lowerdir' [ 459.728035][ T47] bond10 (unregistering): (slave veth21): Releasing backup interface [ 459.772760][ T47] bond10 (unregistering): Released all slaves [ 459.897869][ T47] bond9 (unregistering): (slave veth19): Releasing backup interface [ 459.945561][ T47] bond9 (unregistering): Released all slaves [ 460.064352][ T47] bond8 (unregistering): (slave veth17): Releasing backup interface [ 460.150215][ T47] bond8 (unregistering): Released all slaves [ 460.322813][ T47] bond7 (unregistering): (slave veth15): Releasing backup interface [ 460.355806][ T47] bond7 (unregistering): Released all slaves [ 460.883503][ T47] bond6 (unregistering): Released all slaves [ 460.974914][T12849] overlayfs: missing 'lowerdir' [ 461.116389][ T47] bond5 (unregistering): Released all slaves [ 461.146206][ T47] bond4 (unregistering): (slave veth9): Releasing backup interface [ 461.426467][ T47] bond4 (unregistering): Released all slaves [ 461.738200][ T4278] Bluetooth: hci1: command 0x0419 tx timeout [ 462.003647][ T47] bond3 (unregistering): Released all slaves [ 462.156904][ T47] bond2 (unregistering): (slave veth5): Releasing backup interface [ 462.173770][ T47] bond2 (unregistering): Released all slaves [ 462.193776][ T47] bond1 (unregistering): Released all slaves [ 462.199943][T12857] overlayfs: filesystem on './file0' not supported as upperdir [ 462.900289][T12877] loop2: detected capacity change from 0 to 512 [ 463.093685][ T47] team0 (unregistering): Port device team_slave_1 removed [ 463.142162][ T47] team0 (unregistering): Port device team_slave_0 removed [ 463.194178][ T47] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 463.274357][ T47] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 463.804502][ T47] bond0 (unregistering): Released all slaves [ 464.070183][T12630] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 464.077740][T12890] overlayfs: filesystem on './file0' not supported as upperdir [ 464.205819][T12630] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 464.231053][T12630] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 464.269789][T12630] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 464.757035][T12630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 464.858278][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 464.877242][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 464.948738][T12934] mmap: syz.5.2936 (12934) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 465.136398][T12630] 8021q: adding VLAN 0 to HW filter on device team0 [ 465.931460][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 465.966420][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 466.021749][ T4746] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.028963][ T4746] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.107461][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 466.152725][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 466.182233][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 466.196173][T12953] overlayfs: filesystem on './file0' not supported as upperdir [ 466.222692][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.229926][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.312137][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 466.368009][T12960] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 466.387080][T12960] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 466.444944][T12960] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 466.462835][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 466.482416][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 466.561278][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 466.614114][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 466.663576][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 466.715325][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 466.730570][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 466.799679][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 466.859376][T12630] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 466.901609][T12630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 466.952708][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 466.967790][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 467.250988][T12989] fuse: Bad value for 'group_id' [ 467.967650][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 467.975215][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 468.079442][T12630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 468.188406][T13027] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 468.217110][T13027] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 468.224874][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 468.227620][T13027] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 468.256275][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 468.311090][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 468.324538][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 468.360311][T12630] device veth0_vlan entered promiscuous mode [ 468.398354][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 468.417702][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 468.444208][T12630] device veth1_vlan entered promiscuous mode [ 468.461880][T13035] fuse: Bad value for 'group_id' [ 468.602349][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 468.651672][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 468.690181][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 468.721285][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 468.735003][T12630] device veth0_macvtap entered promiscuous mode [ 468.753805][T13043] loop6: detected capacity change from 0 to 512 [ 468.786828][T12630] device veth1_macvtap entered promiscuous mode [ 468.887353][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 468.956750][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 468.987004][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.028636][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.042968][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.073109][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.132252][T12630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 469.190551][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 469.219512][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 469.250546][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 469.313583][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 469.343414][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.405690][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.416167][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.435085][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.445965][T12630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.468035][T13069] fuse: Bad value for 'group_id' [ 469.526601][T12630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.548332][T12630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 469.561421][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 469.578595][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 469.654666][T12630] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.675457][T12630] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.694405][T12630] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.703300][T12630] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.966798][ T9228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 469.975011][ T9228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 470.043402][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 470.070228][T10308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 470.087345][T10308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 470.130704][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 470.292611][T13093] loop4: detected capacity change from 0 to 512 [ 470.699027][T13108] fuse: Bad value for 'fd' [ 471.406364][T13119] loop6: detected capacity change from 0 to 8192 [ 471.512615][T13119] loop6: p1 < > p2 p3 < p5 p6 > p4 [ 471.518155][T13119] loop6: partition table partially beyond EOD, truncated [ 471.553967][T13119] loop6: p1 start 100663296 is beyond EOD, truncated [ 471.586584][T13119] loop6: p2 size 134217732 extends beyond EOD, truncated [ 471.650251][T13119] loop6: p4 size 14876672 extends beyond EOD, truncated [ 471.689030][T13119] loop6: p5 size 134217732 extends beyond EOD, truncated [ 471.751951][T13119] loop6: p6 size 14876672 extends beyond EOD, truncated [ 471.867348][ T4278] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 471.877524][ T4278] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 471.887008][ T4278] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 471.896392][ T4278] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 471.904432][ T4278] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 471.911967][ T4278] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 472.193352][T13154] fuse: Bad value for 'fd' [ 472.576170][ T4273] udevd[4273]: inotify_add_watch(7, /dev/loop6p6, 10) failed: No such file or directory [ 472.579649][ T4266] udevd[4266]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 472.600521][ T4284] udevd[4284]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory [ 472.612165][T10958] udevd[10958]: inotify_add_watch(7, /dev/loop6p5, 10) failed: No such file or directory [ 472.649844][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 472.719293][T13145] chnl_net:caif_netlink_parms(): no params data found [ 473.133096][T13145] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.147027][T13145] bridge0: port 1(bridge_slave_0) entered disabled state [ 473.186487][T13145] device bridge_slave_0 entered promiscuous mode [ 473.234331][T13145] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.243261][T13194] loop3: detected capacity change from 0 to 8192 [ 473.251257][T13145] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.278009][T13145] device bridge_slave_1 entered promiscuous mode [ 473.290021][T13194] loop3: p1 < > p2 p3 < p5 p6 > p4 [ 473.296249][T13194] loop3: partition table partially beyond EOD, truncated [ 473.355614][T13194] loop3: p1 start 100663296 is beyond EOD, truncated [ 473.386222][T13194] loop3: p2 size 134217732 extends beyond EOD, truncated [ 473.438865][T13145] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 473.449953][T13194] loop3: p4 size 14876672 extends beyond EOD, truncated [ 473.468148][T13194] loop3: p5 size 134217732 extends beyond EOD, truncated [ 473.483598][T13145] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 473.496609][T13194] loop3: p6 size 14876672 extends beyond EOD, truncated [ 473.600372][T13145] team0: Port device team_slave_0 added [ 473.745670][T13145] team0: Port device team_slave_1 added [ 473.760885][T13207] fuse: Bad value for 'fd' [ 473.815232][ T4273] udevd[4273]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 473.815365][ T4266] udevd[4266]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 473.847819][T10958] udevd[10958]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 473.860575][ T4284] udevd[4284]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 473.873618][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 473.894113][T13145] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 473.935323][T13145] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 473.977436][ T4271] Bluetooth: hci2: command 0x0409 tx timeout [ 474.066411][T13145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 474.085797][T13145] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 474.127848][T13145] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 474.225749][T13145] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 474.438758][T13145] device hsr_slave_0 entered promiscuous mode [ 474.469413][T13145] device hsr_slave_1 entered promiscuous mode [ 474.500360][T13145] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 474.508545][T13145] Cannot create hsr debugfs directory [ 474.892936][T13240] loop5: detected capacity change from 0 to 8192 [ 474.898902][T13145] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 474.958969][T13240] loop5: p1 < > p2 p3 < p5 p6 > p4 [ 474.967048][T13240] loop5: partition table partially beyond EOD, truncated [ 475.000848][T13240] loop5: p1 start 100663296 is beyond EOD, truncated [ 475.010144][T13240] loop5: p2 size 134217732 extends beyond EOD, truncated [ 475.034325][T13240] loop5: p4 size 14876672 extends beyond EOD, truncated [ 475.064687][T13145] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.082344][T13240] loop5: p5 size 134217732 extends beyond EOD, truncated [ 475.098392][T13240] loop5: p6 size 14876672 extends beyond EOD, truncated [ 475.233182][T13145] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.412058][T13145] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.689979][T13264] loop6: detected capacity change from 0 to 16 [ 475.708898][T13264] erofs: (device loop6): mounted with root inode @ nid 36. [ 475.724512][T13145] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 475.766551][T13145] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 475.806148][T13145] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 475.841089][T13145] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 476.056894][ T4271] Bluetooth: hci2: command 0x041b tx timeout [ 476.157146][T13145] 8021q: adding VLAN 0 to HW filter on device bond0 [ 476.245195][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 476.306291][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 476.356338][T13145] 8021q: adding VLAN 0 to HW filter on device team0 [ 476.419838][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 476.441277][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 476.507320][ T4746] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.514567][ T4746] bridge0: port 1(bridge_slave_0) entered forwarding state [ 476.595196][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 476.628031][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 476.637673][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 476.660252][T10307] bridge0: port 2(bridge_slave_1) entered blocking state [ 476.667512][T10307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 476.726415][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 476.761798][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 476.794796][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 476.849397][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 476.911104][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 476.965239][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 476.992784][T13145] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 477.013054][T13145] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 477.026597][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 477.036083][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 477.053830][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 477.072055][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 477.082885][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 477.130887][T13304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3047'. [ 477.159255][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 478.139512][ T4271] Bluetooth: hci2: command 0x040f tx timeout [ 478.334918][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 478.345763][T10307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 478.383164][T13145] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 478.582524][T13344] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3058'. [ 480.216923][ T4271] Bluetooth: hci2: command 0x0419 tx timeout [ 480.328930][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 480.362988][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 480.464997][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 480.484082][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 480.524627][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 480.570912][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 480.609616][T13388] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3071'. [ 480.634593][T13145] device veth0_vlan entered promiscuous mode [ 480.759198][T13145] device veth1_vlan entered promiscuous mode [ 480.900071][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 480.950486][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 481.007430][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 481.031867][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 481.058424][T13145] device veth0_macvtap entered promiscuous mode [ 481.094669][T13145] device veth1_macvtap entered promiscuous mode [ 481.212981][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.282572][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.303676][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.318609][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.330063][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.341558][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.352478][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.364533][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.385834][T13145] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 481.410005][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 481.426901][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 481.455560][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 481.474242][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.495590][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.508774][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.519716][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.530042][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.542597][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.553245][T13145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.564309][T13145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.598841][T13145] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 481.606915][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 481.625193][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 481.660910][T13145] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.683287][T13145] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.734452][T13145] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.754797][T13145] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.011300][ T9228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.027022][ T9228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.069998][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 482.183293][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.207854][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.230019][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 482.550217][T13442] user requested TSC rate below hardware speed [ 482.634920][T13442] kvm [13441]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 482.682012][T13442] kvm [13441]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 483.550014][ T4278] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 483.560240][ T4278] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 483.568486][ T4278] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 483.581598][ T4278] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 483.590844][ T4278] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 483.598406][ T4278] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 483.889710][T13466] chnl_net:caif_netlink_parms(): no params data found [ 484.073196][T13466] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.086356][T13466] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.096309][T13466] device bridge_slave_0 entered promiscuous mode [ 484.105668][T13466] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.113225][T13466] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.122089][T13466] device bridge_slave_1 entered promiscuous mode [ 484.208475][T13466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 484.275757][T13466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 484.384414][T13466] team0: Port device team_slave_0 added [ 484.398468][T13466] team0: Port device team_slave_1 added [ 484.548840][T13466] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 484.557490][T13466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.586543][T13466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 484.613114][T13494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3102'. [ 484.665224][T13466] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 484.678894][T13466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.705466][T13466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 484.864491][T13466] device hsr_slave_0 entered promiscuous mode [ 484.922300][T13466] device hsr_slave_1 entered promiscuous mode [ 484.943433][T13466] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 484.987548][T13509] user requested TSC rate below hardware speed [ 485.007067][T13466] Cannot create hsr debugfs directory [ 485.336421][T13525] fuse: Bad value for 'fd' [ 485.534647][T13466] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 485.657445][ T4271] Bluetooth: hci3: command 0x0409 tx timeout [ 485.796382][T13466] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 485.933389][T13466] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.145710][T13466] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.224786][T13544] loop3: detected capacity change from 0 to 8192 [ 486.559666][T13466] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 486.593514][T13466] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 486.612262][T13466] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 486.680508][T13466] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 487.053953][T13466] 8021q: adding VLAN 0 to HW filter on device bond0 [ 487.070812][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 487.083702][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 487.116814][T13466] 8021q: adding VLAN 0 to HW filter on device team0 [ 487.167377][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 487.185442][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 487.213864][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.221106][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.245326][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 487.265402][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 487.280243][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 487.319526][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.326748][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 487.360999][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 487.373675][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 487.430440][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 487.461857][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 487.530435][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 487.584607][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 487.602898][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 487.620960][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 487.632870][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 487.669093][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 487.685915][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 487.697829][T13466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 487.737002][ T4271] Bluetooth: hci3: command 0x041b tx timeout [ 488.277525][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 488.308176][ T9228] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 488.352652][T13466] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.416220][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 489.436193][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 489.503092][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 489.552182][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 489.592189][T13466] device veth0_vlan entered promiscuous mode [ 489.619140][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 489.691261][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 489.723799][T13466] device veth1_vlan entered promiscuous mode [ 489.842818][ T4271] Bluetooth: hci3: command 0x040f tx timeout [ 489.888562][T13466] device veth0_macvtap entered promiscuous mode [ 489.912938][T13466] device veth1_macvtap entered promiscuous mode [ 489.952933][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 490.002723][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 490.136280][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 490.370918][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 490.628269][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 490.717855][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 490.741851][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.787757][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.818396][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.856345][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.871806][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.882752][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.893413][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.904674][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.919921][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.942524][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.968377][T13466] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 491.022638][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 491.041571][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 491.071019][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.088477][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.139045][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.156315][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.167356][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.179051][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.189517][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.219797][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.244459][T13466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.284081][T13466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.297558][T13466] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 491.306366][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 491.332801][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 491.360732][T13466] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.390336][T13466] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.400392][T13466] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.409356][T13466] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.624203][ T6588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.640607][ T6588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.686318][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 491.722392][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.736773][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.799835][ T6349] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 491.897768][ T4271] Bluetooth: hci3: command 0x0419 tx timeout [ 493.873636][ T4278] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 493.884067][ T4278] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 493.894656][ T4278] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 493.911132][ T4278] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 494.049007][ T4285] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 494.207953][ T4285] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 495.201114][T13755] No such timeout policy "syz1" [ 496.297750][ T4285] Bluetooth: hci4: command 0x0409 tx timeout [ 497.791100][ T8370] bond1: (slave ip6gretap1): Releasing backup interface [ 497.892889][T13734] chnl_net:caif_netlink_parms(): no params data found [ 498.376720][ T4285] Bluetooth: hci4: command 0x041b tx timeout [ 499.833171][T13734] bridge0: port 1(bridge_slave_0) entered blocking state [ 499.851246][T13734] bridge0: port 1(bridge_slave_0) entered disabled state [ 499.932591][T13734] device bridge_slave_0 entered promiscuous mode [ 500.048576][T13734] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.066034][T13734] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.095609][T13734] device bridge_slave_1 entered promiscuous mode [ 500.601275][ T4285] Bluetooth: hci4: command 0x040f tx timeout [ 501.524040][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.530515][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.815278][T13734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 501.968977][T13734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 502.122412][T13734] team0: Port device team_slave_0 added [ 502.470792][T13734] team0: Port device team_slave_1 added [ 502.485080][T13912] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 502.518451][T13912] overlayfs: failed to set xattr on upper [ 502.543498][T13912] overlayfs: ...falling back to index=off,metacopy=off. [ 502.728844][ T4285] Bluetooth: hci4: command 0x0419 tx timeout [ 503.765054][T13734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 503.778346][T13734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 503.898644][T13734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 504.004345][ T8370] device hsr_slave_0 left promiscuous mode [ 504.027036][ T8370] device hsr_slave_1 left promiscuous mode [ 504.041478][ T8370] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 504.088073][ T8370] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 504.105032][ T8370] device bridge_slave_1 left promiscuous mode [ 504.121827][ T8370] bridge0: port 2(bridge_slave_1) entered disabled state [ 504.148246][ T8370] device bridge_slave_0 left promiscuous mode [ 504.163543][ T8370] bridge0: port 1(bridge_slave_0) entered disabled state [ 504.200312][ T8370] bond7 (unregistering): (slave veth15): Releasing backup interface [ 504.243110][ T8370] bond7 (unregistering): Released all slaves [ 504.297099][ T8370] bond6 (unregistering): (slave veth13): Releasing backup interface [ 504.325419][ T8370] bond6 (unregistering): Released all slaves [ 504.367680][ T8370] bond5 (unregistering): (slave veth11): Releasing backup interface [ 504.386132][ T8370] bond5 (unregistering): Released all slaves [ 504.440035][ T8370] bond4 (unregistering): (slave veth9): Releasing backup interface [ 504.463534][ T8370] bond4 (unregistering): Released all slaves [ 504.512309][ T8370] bond3 (unregistering): (slave veth7): Releasing backup interface [ 504.553152][ T8370] bond3 (unregistering): Released all slaves [ 504.614774][ T8370] bond2 (unregistering): (slave veth5): Releasing backup interface [ 504.654674][ T8370] bond2 (unregistering): Released all slaves [ 504.715367][ T8370] bond1 (unregistering): Released all slaves [ 505.275671][ T4510] [ 505.278070][ T4510] ============================================ [ 505.284240][ T4510] WARNING: possible recursive locking detected [ 505.290416][ T4510] syzkaller #0 Not tainted [ 505.294843][ T4510] -------------------------------------------- [ 505.301011][ T4510] kworker/u4:9/4510 is trying to acquire lock: [ 505.307176][ T4510] ffff88807be799e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0x15a/0x550 [ 505.316372][ T4510] [ 505.316372][ T4510] but task is already holding lock: [ 505.323755][ T4510] ffff88807be7a9e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0xb7/0x550 [ 505.332847][ T4510] [ 505.332847][ T4510] other info that might help us debug this: [ 505.340956][ T4510] Possible unsafe locking scenario: [ 505.340956][ T4510] [ 505.348424][ T4510] CPU0 [ 505.351719][ T4510] ---- [ 505.355011][ T4510] lock(rlock-AF_UNIX); [ 505.359289][ T4510] lock(rlock-AF_UNIX); [ 505.363551][ T4510] [ 505.363551][ T4510] *** DEADLOCK *** [ 505.363551][ T4510] [ 505.371716][ T4510] May be due to missing lock nesting notation [ 505.371716][ T4510] [ 505.380055][ T4510] 4 locks held by kworker/u4:9/4510: [ 505.385355][ T4510] #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 505.396537][ T4510] #1: ffffc9000498fd00 (unix_gc_work){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 505.406146][ T4510] #2: ffffffff8de41b78 (unix_gc_lock){+.+.}-{2:2}, at: __unix_gc+0x9e/0x1850 [ 505.415091][ T4510] #3: ffff88807be7a9e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0xb7/0x550 [ 505.424635][ T4510] [ 505.424635][ T4510] stack backtrace: [ 505.430557][ T4510] CPU: 1 PID: 4510 Comm: kworker/u4:9 Not tainted syzkaller #0 [ 505.438130][ T4510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 505.448205][ T4510] Workqueue: events_unbound __unix_gc [ 505.453623][ T4510] Call Trace: [ 505.456923][ T4510] [ 505.459881][ T4510] dump_stack_lvl+0x168/0x22e [ 505.464594][ T4510] ? show_regs_print_info+0x12/0x12 [ 505.469845][ T4510] ? load_image+0x3b0/0x3b0 [ 505.474404][ T4510] __lock_acquire+0x122f/0x7c50 [ 505.479296][ T4510] ? lockdep_lock+0x1e0/0x1e0 [ 505.484023][ T4510] ? verify_lock_unused+0x140/0x140 [ 505.489253][ T4510] ? mark_lock+0x94/0x320 [ 505.493613][ T4510] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 505.499629][ T4510] ? rcu_is_watching+0x11/0xa0 [ 505.504439][ T4510] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 505.510096][ T4510] lock_acquire+0x1b4/0x490 [ 505.514632][ T4510] ? unix_collect_skb+0x15a/0x550 [ 505.519680][ T4510] ? lock_acquire+0x20f/0x490 [ 505.524623][ T4510] ? read_lock_is_recursive+0x10/0x10 [ 505.530012][ T4510] ? do_raw_spin_lock+0x11d/0x280 [ 505.535060][ T4510] ? __rwlock_init+0x140/0x140 [ 505.539833][ T4510] ? mark_lock+0x94/0x320 [ 505.544172][ T4510] _raw_spin_lock+0x2a/0x40 [ 505.548705][ T4510] ? unix_collect_skb+0x15a/0x550 [ 505.553728][ T4510] unix_collect_skb+0x15a/0x550 [ 505.558697][ T4510] __unix_gc+0x106a/0x1850 [ 505.563121][ T4510] ? wait_for_unix_gc+0x190/0x190 [ 505.568159][ T4510] ? lock_acquire+0x20f/0x490 [ 505.572840][ T4510] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 505.578841][ T4510] ? _raw_spin_unlock_irq+0x1f/0x40 [ 505.584071][ T4510] ? process_one_work+0x7a1/0x1160 [ 505.589271][ T4510] process_one_work+0x898/0x1160 [ 505.594215][ T4510] ? worker_detach_from_pool+0x240/0x240 [ 505.599865][ T4510] ? _raw_spin_lock_irq+0xab/0xe0 [ 505.604904][ T4510] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 505.610316][ T4510] ? kthread_data+0x4b/0xc0 [ 505.614829][ T4510] worker_thread+0xaa2/0x1250 [ 505.619521][ T4510] ? _raw_spin_unlock_irqrestore+0xa5/0x100 [ 505.625436][ T4510] ? __kthread_parkme+0x162/0x1c0 [ 505.630483][ T4510] kthread+0x29d/0x330 [ 505.634589][ T4510] ? worker_clr_flags+0x1a0/0x1a0 [ 505.639658][ T4510] ? kthread_blkcg+0xd0/0xd0 [ 505.644270][ T4510] ret_from_fork+0x1f/0x30 [ 505.648700][ T4510] [ 505.838036][ T8370] team0 (unregistering): Port device team_slave_1 removed [ 505.888945][ T8370] team0 (unregistering): Port device team_slave_0 removed [ 505.944159][ T8370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 505.992057][ T8370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 506.438733][ T8370] bond0 (unregistering): Released all slaves [ 506.521388][T13734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 506.528443][T13734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 506.555468][T13734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 506.751549][T13734] device hsr_slave_0 entered promiscuous mode [ 506.763146][T13734] device hsr_slave_1 entered promiscuous mode [ 507.343308][T13734] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 507.352825][T13734] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 507.362728][T13734] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 507.372688][T13734] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 507.432820][T13734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 507.451719][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 507.459660][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 507.474457][T13734] 8021q: adding VLAN 0 to HW filter on device team0 [ 507.484719][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 507.497924][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 507.506404][ T4510] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.513564][ T4510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.522550][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 507.533388][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 507.543507][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 507.552362][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.559543][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 507.582105][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 507.591372][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 507.601150][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 507.611598][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 507.624632][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 507.634425][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 507.654168][T13734] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 507.669247][T13734] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 507.684321][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 507.693651][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 507.702686][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 507.716344][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 507.924327][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 507.932221][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 507.944790][T13734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 507.966313][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 507.975838][ T4510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 508.000797][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 508.011514][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 508.021591][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 508.032297][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 508.043125][T13734] device veth0_vlan entered promiscuous mode [ 508.057192][T13734] device veth1_vlan entered promiscuous mode [ 508.086042][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 508.099639][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 508.109359][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 508.120985][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 508.132329][T13734] device veth0_macvtap entered promiscuous mode [ 508.146626][T13734] device veth1_macvtap entered promiscuous mode [ 508.165823][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.181161][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.192644][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.203408][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.213589][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.224306][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.234363][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.245075][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.255175][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.265909][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.276046][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.287308][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.302017][T13734] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 508.311680][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 508.323022][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 508.332648][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 508.343709][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 508.354529][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.366248][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.376777][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.387880][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.399624][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.412570][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.423066][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.434681][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.444805][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.455551][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.466248][T13734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.477465][T13734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.490471][T13734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 508.499782][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 508.510669][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 508.522614][T13734] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.532544][T13734] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.542097][T13734] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.551327][T13734] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.587202][T13734] ieee80211 phy23: Selected rate control algorithm 'minstrel_ht' [ 508.623653][ T8370] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.633151][T13734] ieee80211 phy24: Selected rate control algorithm 'minstrel_ht' [ 508.641770][ T8370] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.655343][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 508.674057][ T4510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.682888][ T4510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.691383][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready