last executing test programs: 20.993279343s ago: executing program 1 (id=2227): syz_usb_connect$cdc_ecm(0x2, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file1\x00', 0x2004000, &(0x7f0000001180)=ANY=[], 0x9, 0x1f2, &(0x7f00000004c0)="$eJzs28tO1FAcx/Ffy8x0wPtt40YTTXTjFIdJRnbyAL6AOzIUQixixA3EhLLxPXwMd76JWxeS6BPU9MZYpJ1ecFrk+0mG+dP0d86Zhv9wShgBuLRuhl8NGeqGle/7hw8lvX4lqZMb7c1lgQD+Gd+Imj5L7+zD/fwUgIth4efZx63MBv+SFCbvAsBFdry2EO4DvhrSt18fJz/iR7fg/uF4zZSCIbzo+yTfk/qF8kdG+Hy/M80GD0vpAQwvY//yOco/UTq/WHT98fxLp/JLs4LBLVPgyAyfnj5K569IuirpmqTrkm7E91q3JN1ORpB3Mv/GqfnvFVw/UEfw0zdIHSnUtun8IOcEKz8fdM/mtussl5p1qhvnn5fIPP6j7sX5YcX5k/xKxbwV5weTXXcj86yXFUcH8pl/9X85M/s/y+74pKzT/50K/Q8gsrd/8GbddZ335QuzUqqVRb/+1ahbHDZ+Ec67SC5qcKTje5qd+lRprgfxPC14ySWKxXYsI7to6A0JwNzYH3be2Xv7B8+2d9a3nC3n7XC0+mK0MhyNV+3Nsess23V25wDabPpLXyryN/P8fwkCAAAAAAAAAAAAAABNuCPpbtOLAAAAADAX5/OZoe8TKfucpl8jAAAAAAAAAAAAAAAAAAAA8L/4HQAA//+UhDYo") renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) r3 = socket$inet6(0xa, 0x3, 0xff) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, 0x0, 0x0) write$binfmt_script(r3, &(0x7f00000000c0), 0x28) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0) close(0xffffffffffffffff) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_usb_connect(0x4, 0x24, &(0x7f00000002c0)=ANY=[], 0x0) 17.515532892s ago: executing program 0 (id=2237): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaf4, &(0x7f0000000e00)="$eJzs3V2IXFcBAOAzszv7k6RmUhO7prFNrLb1p5tmd40/wSYlQTA0RXwpBF9CmtZgjGAFtRRM8uSbLSWCT1bxqS+limBfJPTJl4INFKH4UH3wwRCxIKLRZMrOnjM7czKTO7M7O7O7831w59x7z7n3nHvnzp37e04ARla5/rmwMFMK4fIbLx/7+4N/m14cc7iRolr/HG8aqoQQSnF4PJvfe2NL4c33XzjdLiyFufpnGg5PXm9MuzWEcCHsDVdCNey+fPWlt+aeOHHx+KV9b7966NraLD0AAIyWr105tLDrL3+8d8eN1+47EibT6MWe+vF5NY7YFo/7j8QD/3T8X45haXJ5nqWm+GQitE43HrvydGu6sTbpmvOpZOnGs/Qp74ks/0qHdJPhzvmPNY1rt9ywkaXtuBpK5dmW4XJ5dnbpnDzUz+snSrPnz5575rkhFRTou3/dH0LY29QdvdQ6vN66wyuetrRWZaofW3SRrjbsdbdRuyODy+tGbcnQl3lAXW37sPdAAEvy+4W3uZBfWVidxtzGu8v/+uPl9tNDHwx6++8p/4kh5x9GPP/8YiWs0mb9/0rLlX5H2+Jwfh8hf36p8++vnM25dWx+P6LSZTk73UfYKPcXOpVzbMDlWKlO5c+3i83qyzFM6+GxLL7595N/pxvlOwba+09+/V+n061ZV+nHfELLcGU186oNef8DrF/5c3O1dH80yp/ry+MnC+KnCuKnC+K3FMRvLYiHUfab7/0kvFhaPs/Pz+l7vR6errPdFcMP9Vie/Hpkr/nnz/32arX5u0TPRvK7U0+d+cLTJ68uPf9famz/t+L2nk43qvG3dSUmSNcL8+vqjWf/q635lDukuzsrz11t0tf7d7amK+1cnk9o2s/cVo6Z1um2d0q3pzVdNUs3HbuprLz58cmWbLp0/JH2q2l9jWfLW8mWYyIrR9qv7IhhXg5YibQ9dnr+P22fM6FSeubsuTOPxuG0nf5hrDK5OP7AgMsNrF637//MhNb3f7Y1xlfKzfuF7cvjS0v7hdfj/FrHzzXyaR0/H4fT/9w3x6br42dPf+fc0/1ffBhpz/3w+W+dOnfuzHd77Fk8Hu19qjv1zE+H0NcZDqznK+WwHorRS086bVkv5dGz7nqGvGMC1tz+Hy0dBDxy9tunnj3z7Jnz8wcPzs/NHfzi/ML++nH9/uaj+2YXhlBaoJ+W//SHXRIAAAAAAAAAAACgW98/fuzqO29+/t2l9/+X3/9L7/+nJ3/T+/8/zt7/z9+TT+/Bp/cAd7SJr6fJKlidyNJVYvfhrLw7s3x2ZdN9JIaNdvzi+/8pu7xe11See7LxlQ6DWXUCt9WXMpHVQZK3F/jxGF6K4S8DDFFpuv3oGBbVb5229VQ/RVO9FDX1A28c6XtLW0OqxyS9/922XqemL3vHAMpI/w3idcJhLyPQ3j9Gqv7vfy4v+NDLouvcjaf+6kDy+9nobhO1jkfp3bZgA9Afw27/M133TOH53391arFLya4/3rq/zOsvhV786Z3W4XXd/uQA8s/b7Rt0/sNY/qke8v/Vxf7m32j/Ltv//TmOvn3/19JiXvuLx13478+vvduUbdjd7f43X/5UD/TO3vK/EfNPS/NQ6C7/2i+y/PMbQl36X5b/li7zv23596ws///H/NNqe/iBbvOvl3gylFvLkV83Tvf/8uvGyc1s+VPdnnfI/+vPt1v+FTbUeCvmD6Nso7Qz26vsOKJx0L7y9n+jC/1t/7dR2Gy3lj+H8bk4nHbE6TmHvL2TXsufnq9I/wO7svmXCv7ftP+7sX0phkW/h9T+b9oeq/Evv2m4vi7TcKXNut2s+xrYqN5b6/t/8/+u1dbBfY6+dSfXPI+poS/juu+OrHoerzzWt/LUxlYwXaOduCGvy1qttrYX1AoMNXOGvv6HfZ4w7PyHvf6L5O3/5sfwefu/eXze/m8en7f/m8dPx2+oU3ze/m++PvP2f/P4e7L55u0DzxTEf7Qgfnf7+MZp+70F0+8piP9YQfy+RvzhlhQp/r6C6e8viL+7IP6BgvhPFMR/siD+wYL4h5vim9uATvGfKph+s0vvo4zq8sMoy9/P8/uH0VG//9PUaH3++0/3hewfYPP56WsHjp789TeqS+//TzSuh6T7eEficCWeP/0gDuf3vUPT8GLcm3H4r1n8er/eAaMkrz8j/39/qCAe2LjSc15+3zCCSlPtR8ewqN6qTsf5bCyfjuFnYvjZGD4Sw9kY7o/hgRjODah8rI2jr//20Iul5fP97Vl8t8+Tl7L3gVrqiQohzHdZnvz6QK/Ps+f1+PVqtfmv8HUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoSnXPxcWZkohXH7j5WNPnTi7f3HM4UaKav1zvGmo0pguhEdjOBbDV2LPzfdfON0c3ophKcyFUig1xocnrzdy2hpCuBD2hiuhGnZfvvrSW3NPnLh4/NK+t189dG3t1gAAAABsfh8EAAD//9SuCeg=") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x600000, 0x9) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) prctl$PR_SET_SECCOMP(0x3f, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x90e7d000) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340)) dup(r3) 15.50069813s ago: executing program 1 (id=2241): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x1d}, {0x2, [{@none, 0x4, 0xa, "1520bd", 0x4, 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8, 0x1, "36d0ca", 0x8, 0x8}]}}}, 0x20) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000023c0)={{0x14}, [@NFT_MSG_DELSETELEM={0x808, 0xe, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x7d0, 0x3, 0x0, 0x1, [{0x70, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x886}, @NFTA_SET_ELEM_KEY={0x34, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_KEY_END={0x4}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, {0x2a8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x65, 0x6, 0x1, 0x0, "98aa6f8f3280c26e2a7b6e61ad907f1f7000774fc0d6cc081899f122e19cc14c3c2db2329b97cad6fae136e2beda3f05d7cbd1a52dbe4c734986fc2ba2cad27a3866827588a3fd0a388a54562b0630777e1a94909dce9432ca4d565eb5c09f9ed4"}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @notrack={{0xc}, @void}}, @NFTA_SET_ELEM_EXPRESSIONS={0x54, 0xb, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x94, 0xb, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SYNPROXY_WSCALE={0x5}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0xf}]}}}, {0x40, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0x2}]}}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPR={0x130, 0x7, 0x0, 0x1, @target={{0xb}, @val={0x120, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}, @NFTA_TARGET_INFO={0x77, 0x3, "7a3dc5d7d4a3dee097ba97ba21dbeac7e68c1be4bb6eb65c62d6f8f70abfabba1b8034a2e922036744faf9bd5fc93fe0a85e6fc234a549bf754326f441700e734ffdfc83e05b6b27457f4224a235563f6db0ec3ca8825f662e28b57007644aeecf002a36a9f47cfa2cd061985d27c77a37026e"}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}, @NFTA_TARGET_INFO={0x87, 0x3, "8c4fd86c299ff615483d3b612872f50e82a0d017f025635a5b134adfc0ca1431d00ef29d6b4e5bb5f33acf62e493396396b4fe00ebdea6c9127cc43fd4d4492b63ef6d6c7fdbcb5a85256f3d700ebd4be244dc218cb14afd31853cd93c4d52c434fd57fbef742dac64eef181067d44d6d919608aa9dd42f0e5e3d6932d46a99479c836"}]}}}]}, {0x4b4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_KEY={0x138, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xf, 0x1, "9ee32ee0411d078d91b807"}, @NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VALUE={0x19, 0x1, "d6c14cf7b3bd7eb3a036d82dc30ab528f5a147fd44"}, @NFTA_DATA_VALUE={0x6f, 0x1, "e821a6fd24eaaed93eb4ba293ba8a57b22a6889f91477f6b4822c4c0a2be979e13932d6bc1f2cf448ea2a7c97319c12f59d9f6ed7f0de368015a8d09edea5b4fda6b9fdd35cda916562470143f02b009af082b9aa938d9c4ac2f7a78ce9fa4468aa575252feebc4789d6cb"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x54, 0x1, "66e11d35771781fbbbd87b767fc49ab85b7a77586a1efd5e7d020f6eaa7f17a095fb72dce5d181ea197be11c1c2906cdc72dcd5c7cb7a15a24cca17bfcc1ff7463c053559e4d121c3f62a4c63de7cda1"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPR={0x1e0, 0x7, 0x0, 0x1, @dynset={{0xb}, @val={0x1d0, 0x2, 0x0, 0x1, [@NFTA_DYNSET_EXPR={0x44, 0x7, 0x0, 0x1, {{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0x15}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xb}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz2\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x9}]}}}, @NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x4}, @NFTA_DYNSET_EXPR={0x4c, 0x7, 0x0, 0x1, {{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz2\x00'}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}, @NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0x6}, @NFTA_DYNSET_EXPR={0x3c, 0x7, 0x0, 0x1, {{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0x17}]}}}, @NFTA_DYNSET_EXPRESSIONS={0xec, 0xa, 0x0, 0x1, [{0x7c, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x64, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x50, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}]}}}, @NFTA_SET_ELEM_KEY_END={0x178, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x32, 0x1, "cd276c532a36ffd6c8632e81431bdbad5084caa699377fdb3c8581f22d513d82da17e8c50155b2dadefdc85ab691"}, @NFTA_DATA_VALUE={0x10, 0x1, "fb538fd3aa7b7307e832a5ae"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VERDICT={0x5c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x5}]}]}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELSET={0x9c, 0xb, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x40}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_USERDATA={0x69, 0xd, 0x1, 0x0, "5754cddc9204f4134040799e867f76d5240882809b6ba5f8088788687c0aae525839feeaabc733129e275c90b289a94beb88615b01868b3f921e101fc0becd3b11bee820859651ddf5aadbc032295669ea364f37656b1f16a2ef198f718cbd6a07ab871016"}]}], {0x14}}, 0x8ec}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) syz_emit_ethernet(0xfc1, &(0x7f00000013c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa10080045000fb30000000000849078ac1414bbac14140edd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f84123914bea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc3"], 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[], 0x14}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x40c4}, 0x20040840) 15.417436809s ago: executing program 0 (id=2242): r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) getpgid(r0) r1 = getpgrp(0xffffffffffffffff) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$int_in(r5, 0x5452, &(0x7f0000b28000)=0x3) fcntl$setsig(r5, 0xa, 0x12) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0) 13.436627503s ago: executing program 0 (id=2244): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mq_open(0x0, 0x42, 0x1f0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) write$P9_RSTATu(0xffffffffffffffff, 0x0, 0xe9) io_uring_setup(0x2d46, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) socket$caif_stream(0x25, 0x1, 0x0) ioperm(0x1, 0x3, 0x1000) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x2) fcntl$setlease(r5, 0x400, 0x1) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 13.435420033s ago: executing program 1 (id=2245): syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x0, 0x0, &(0x7f0000000bc0)) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x80c0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) fstat(r1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000003008000240000000030800014000000012080003"], 0x122}}, 0x0) 10.802157465s ago: executing program 2 (id=2256): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x80040000}}], 0x1, 0x20000810) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$int_in(r1, 0x73, &(0x7f0000000180)=0x5) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000020000000000000000000000850000000f0000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x4c) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, 0x0, 0x50) mq_notify(0xffffffffffffffff, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r5, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x3, 0x5, 0x5}, 0x42, [0x9, 0x2, 0x8, 0x6, 0x2, 0x6, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x2, 0xfffffffb, 0x39, 0x747d5e13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4004, 0xfffffffb, 0x2004, 0x3, 0x4, 0x34a9ddcd, 0x80, 0x800, 0x300000, 0x7, 0xe, 0x4623f, 0x0, 0x0, 0x1ff, 0x8000, 0x0, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x2, 0x2, 0x4, 0xe, 0x4, 0x2, 0x6, 0x8, 0x9, 0x1, 0x1, 0x8, 0x3, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x8, 0xa, 0x5], [0x7, 0x6, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x25, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c32, 0x3, 0x5, 0x10000, 0x400, 0x8001, 0x3, 0xfffffffd, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3fb, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x1, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x37a, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x204, 0x3], [0x401, 0xc584, 0xffff, 0xcd5, 0x7, 0x7, 0x404, 0x4, 0x8, 0x8001, 0x7, 0x9, 0x800e8b, 0x2000005, 0x80000001, 0x48, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x1, 0x1000, 0x80040101, 0x4, 0x4, 0x5, 0x200003, 0x2, 0x5, 0x80, 0x9, 0x8001, 0x3, 0x0, 0x7fff, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x956, 0xf5c1, 0x3ff, 0x3, 0xcac, 0x100fffd, 0x2005, 0x9, 0x2, 0xea, 0x9, 0x20000005, 0x3, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x4, 0x88, 0x2, 0x4000000, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x8320fb05, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x6, 0x4, 0xe47, 0x3, 0x1654, 0x4, 0x8, 0x2851, 0x3b, 0x20000002, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x8, 0x20008, 0x8a8, 0x6, 0x44, 0x409, 0x3, 0x744, 0x4, 0x12, 0x4, 0x10, 0x7fff, 0x2, 0xfffffff8, 0x401, 0xf, 0x200, 0xfff, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x2, 0xf, 0xf, 0x136, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r5, 0x5501) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000300)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)='f2fs\x00', 0x0, &(0x7f00000035c0)='quota') 8.516719041s ago: executing program 1 (id=2249): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x0, &(0x7f0000000200)}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x24000805}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48) r2 = syz_open_procfs(0x0, 0x0) read$eventfd(r2, &(0x7f0000000180), 0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) sendmsg$NL80211_CMD_SET_MPATH(r2, 0x0, 0x40000) r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$nci(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x4, r0}) r7 = syz_open_dev$dri(0x0, 0x1ff, 0x80100) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r7, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r6}) close_range(r0, 0xffffffffffffffff, 0x0) 8.455537708s ago: executing program 2 (id=2251): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200)=0x2, 0x12) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4, 0x0, 0x6}, 0x10) r5 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x0, 0x1}, 0x10) close(r5) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFLA_IPTUN_TTL={0x5}]}}}]}, 0x40}}, 0x0) lseek(r0, 0x10, 0x3) 7.635825502s ago: executing program 3 (id=2253): ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x50) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000340)={@hci={0x1f, 0x1, 0x3}, {0x0}, &(0x7f00000001c0), 0x8}, 0xa0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r4) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r5, &(0x7f0000000200)=""/85, 0xaa) getdents(r5, 0xfffffffffffffffd, 0x58) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 6.997590288s ago: executing program 0 (id=2254): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x8) syz_pidfd_open(0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x2000, 0x3, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f0000000300)={0x0, 0x80, 0x0, 'queue0\x00'}) socket$inet_smc(0x2b, 0x1, 0x0) r2 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) r4 = gettid() fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0) read$msr(r5, &(0x7f0000048040)=""/102392, 0x18ff8) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) tkill(r4, 0xb) memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) 6.579528241s ago: executing program 2 (id=2255): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @sk_msg}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) pwritev(r3, 0x0, 0x0, 0x8040000, 0x0) r4 = socket(0x40000000015, 0x5, 0x0) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) syz_genetlink_get_family_id$mptcp(0x0, r4) bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e23, @loopback}, 0x10) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[], 0x1a000}}, 0x0) 6.264188503s ago: executing program 3 (id=2257): syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x600, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$inet6(0xa, 0x2, 0xc4) socket(0x10, 0x3, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000007, 0x13, r0, 0x0) readlink(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs/file0\x00', &(0x7f0000000500)=""/250, 0xfa) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101900, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000080)) mprotect(&(0x7f0000387000/0x4000)=nil, 0x4000, 0x5) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000002540)=0x1) socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000000)=0xffffffff, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000340)='net/if_inet6\x00') sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x20) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000030301018521570d0e0000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004004) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r2, 0x8983, &(0x7f0000000080)={0x7, 'vlan0\x00', {0xa}, 0x6}) 4.677434338s ago: executing program 0 (id=2258): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) pipe(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x40, 0x40, 0x41}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)="7a47aa3dcdb26a85f3a4dcf01fe80d2c1a7b", &(0x7f0000002500), 0xc, r4}, 0x38) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000b80)={r4, &(0x7f00000014c0), &(0x7f0000000100)=""/31}, 0x20) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102}) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000180)=0x80) io_setup(0x6, &(0x7f00000000c0)=0x0) io_submit(r5, 0x0, 0x0) io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) 3.58425899s ago: executing program 0 (id=2259): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="8300d1c4c9036e8866400fe2de0fae4e0afaf2466ff00fc01e63df", 0xdc000006, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x1000000) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x138a, 0x1000000003}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) ioctl$int_in(r5, 0x5452, &(0x7f0000000080)=0x10000) listen(r5, 0x5) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) 3.58395326s ago: executing program 2 (id=2260): syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x0, 0x0, &(0x7f0000000bc0)) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x80c0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) fstat(r1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000003008000240000000030800014000000012080003"], 0x122}}, 0x0) 3.58372977s ago: executing program 3 (id=2261): r0 = socket(0x9, 0x5, 0x551) syz_io_uring_setup(0x512, 0x0, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x2121, 0x0, {0x6}}) r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x8ad01, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = socket(0x28, 0x5, 0x0) dup(r4) r5 = syz_io_uring_setup(0x10e, 0x0, &(0x7f0000000480)=0x0, &(0x7f0000000100)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, 0x0, 0x0, 0x4) io_uring_enter(r5, 0x3e79, 0x0, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x110, 0xffffffffffffffff, 0x0) r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendfile(0xffffffffffffffff, r8, 0x0, 0x80009) write(r3, 0x0, 0x0) 3.407707749s ago: executing program 3 (id=2262): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) read$msr(0xffffffffffffffff, 0x0, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000100)=r3) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2) fcntl$setlease(r4, 0x400, 0x0) truncate(&(0x7f00000000c0)='./file0\x00', 0x1000000) bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000040)={0x9, {0x22, 0xff, 0x4, 0x7, 0x800}}) sendto(r0, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d26e9ff34b83f38a2ae8b1c6748ef8b87ef2a359249c3e294931489ba57f83f96048684434854ab3b6ad5", 0x8e, 0x0, 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000240)='}', 0x1) sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x52, 0x0, 0x0) 2.660894826s ago: executing program 2 (id=2263): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2) socket$inet6(0xa, 0x80002, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) prlimit64(0x0, 0xb, &(0x7f0000000000)={0x0, 0x5}, 0x0) tkill(0x0, 0x12) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xfffffc99}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000) listen(r3, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x43) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20) sendmmsg$inet6(r3, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)}}], 0x56, 0x10) 1.611831284s ago: executing program 3 (id=2264): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200)=0x2, 0x12) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4, 0x0, 0x6}, 0x10) r5 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x0, 0x1}, 0x10) close(r5) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFLA_IPTUN_TTL={0x5}]}}}]}, 0x40}}, 0x0) lseek(r0, 0x10, 0x3) 1.564300389s ago: executing program 1 (id=2265): keyctl$set_reqkey_keyring(0x6, 0xfffffffffffffffd) unshare(0x22020600) socket$rds(0x15, 0x5, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, &(0x7f00000001c0)={0x980901, 0x8081, @name="6736516728a5678c18a4ec047f3f1fa52fe9a9987d0406b3a0c705c611b66f06"}) prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x0) ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2) close_range(r2, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, 0x0, 0x0, 0x12}) r3 = inotify_init() r4 = creat(0x0, 0x0) write$P9_RVERSION(r4, &(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRES32=r3], 0x13) io_uring_enter(0xffffffffffffffff, 0x28ad, 0x0, 0xe, 0x0, 0x0) 1.442633801s ago: executing program 2 (id=2266): openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=0x0, &(0x7f0000000300)=0x0) syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345}) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) io_uring_enter(r3, 0x7277, 0x0, 0x0, 0x0, 0x0) r6 = openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2) r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002) dup3(r7, r6, 0x0) ptrace(0x10, r0) ptrace$cont(0x9, r0, 0x100000001, 0xffffffffffffffff) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)={'#! ', './file0', [{0x20, '@)'}, {}]}, 0xf) syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/crypto\x00', 0x0, 0x0) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0xc0145b0e, &(0x7f0000000040)) 327.860776ms ago: executing program 3 (id=2267): ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0) r0 = add_key(&(0x7f0000000000)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0) io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000000)={0x1}, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cuse(0xffffff9c, 0x0, 0x2, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', 0x0, 0x0, 0x0) modify_ldt$write(0x1, &(0x7f0000000500)={0x38, 0x0, 0x600}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendfile(r4, r4, 0x0, 0x200900) keyctl$KEYCTL_WATCH_KEY(0x20, r0, 0xffffffffffffffff, 0xa0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 0s ago: executing program 1 (id=2268): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap$KVM_VCPU(&(0x7f0000f3d000/0x4000)=nil, 0x930, 0xc, 0x8010, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r5, &(0x7f0000000080)="b3", 0x1) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-256\x00'}, 0x58) r7 = accept4(r6, 0x0, 0x0, 0x80800) splice(r4, 0x0, r7, 0x0, 0x8001, 0x2) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010004, &(0x7f0000000040)=ANY=[@ANYRES64], 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==") r8 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0xf00, 0x0) ioctl$FS_IOC_SETFLAGS(r8, 0x40081271, &(0x7f00000000c0)=0x10000000) rename(&(0x7f00000003c0)='./file0\x00', 0x0) open(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x3f3) kernel console output (not intermixed with test programs): MGMT ver 1.22 [ 319.869126][ T8435] netlink: 'syz.3.680': attribute type 1 has an invalid length. [ 320.202909][ T8444] loop2: detected capacity change from 0 to 8 [ 320.448916][ T8444] SQUASHFS error: lzo decompression failed, data probably corrupt [ 320.457334][ T8444] SQUASHFS error: Failed to read block 0x91: -5 [ 320.463596][ T8444] SQUASHFS error: Unable to read metadata cache entry [8f] [ 320.470931][ T8444] SQUASHFS error: Unable to read inode 0x11f [ 320.509982][ T8448] syzkaller0: entered promiscuous mode [ 320.515932][ T8448] syzkaller0: entered allmulticast mode [ 320.538322][ T6422] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 320.902095][ T8455] loop2: detected capacity change from 0 to 1024 [ 324.367301][ T8491] bridge0: port 3(syz_tun) entered blocking state [ 324.376438][ T8491] bridge0: port 3(syz_tun) entered disabled state [ 324.390138][ T8491] syz_tun: entered allmulticast mode [ 324.408327][ T8491] syz_tun: entered promiscuous mode [ 324.427352][ T8491] bridge0: port 3(syz_tun) entered blocking state [ 324.433973][ T8491] bridge0: port 3(syz_tun) entered forwarding state [ 325.325520][ T8496] netlink: 'syz.2.695': attribute type 10 has an invalid length. [ 325.357028][ T8496] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 332.661451][ T8516] pim6reg: entered allmulticast mode [ 333.981198][ T8530] af_packet: tpacket_rcv: packet too big, clamped from 88 to 4294967272. macoff=96 [ 334.031630][ T8530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.704'. [ 334.466095][ T8542] sctp: [Deprecated]: syz.3.706 (pid 8542) Use of struct sctp_assoc_value in delayed_ack socket option. [ 334.466095][ T8542] Use struct sctp_sack_info instead [ 335.383521][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.707'. [ 335.392571][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'. [ 335.401646][ T8549] netlink: 'syz.2.707': attribute type 18 has an invalid length. [ 335.789411][ T8549] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 335.798289][ T8549] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 335.807047][ T8549] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 335.815866][ T8549] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 335.830327][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.707'. [ 335.839349][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'. [ 335.848339][ T8549] netlink: 'syz.2.707': attribute type 18 has an invalid length. [ 335.856779][ T8550] lo: entered allmulticast mode [ 335.878249][ T8550] tunl0: entered allmulticast mode [ 335.884140][ T8550] gre0: entered allmulticast mode [ 335.889854][ T8550] gretap0: entered allmulticast mode [ 335.896451][ T8550] erspan0: entered allmulticast mode [ 335.902416][ T8550] ip_vti0: entered allmulticast mode [ 335.908707][ T8550] ip6_vti0: entered allmulticast mode [ 335.914806][ T8550] sit0: entered allmulticast mode [ 335.920464][ T8550] ip6tnl0: entered allmulticast mode [ 335.928567][ T8550] ip6gre0: entered allmulticast mode [ 335.934803][ T8550] ip6gretap0: entered allmulticast mode [ 335.940948][ T8550] bridge0: entered allmulticast mode [ 335.946951][ T8550] bond0: entered allmulticast mode [ 335.952084][ T8550] bond_slave_0: entered allmulticast mode [ 335.957885][ T8550] bond_slave_1: entered allmulticast mode [ 335.964733][ T8550] team0: entered allmulticast mode [ 335.969869][ T8550] team_slave_0: entered allmulticast mode [ 335.975697][ T8550] team_slave_1: entered allmulticast mode [ 335.982430][ T8550] dummy0: entered allmulticast mode [ 335.988256][ T8550] nlmon0: entered allmulticast mode [ 335.994913][ T8550] caif0: entered allmulticast mode [ 336.000178][ T8550] batadv0: entered allmulticast mode [ 336.006514][ T8550] vxcan0: entered allmulticast mode [ 336.012063][ T8550] vxcan1: entered allmulticast mode [ 336.017675][ T8550] veth0: entered allmulticast mode [ 336.023468][ T8550] veth1: entered allmulticast mode [ 336.029429][ T8550] wg0: entered allmulticast mode [ 336.035079][ T8550] wg1: entered allmulticast mode [ 336.040648][ T8550] wg2: entered allmulticast mode [ 336.046238][ T8550] veth0_to_bridge: entered allmulticast mode [ 336.053984][ T8550] veth1_to_bridge: entered allmulticast mode [ 336.062359][ T8550] veth0_to_bond: entered allmulticast mode [ 336.069494][ T8550] veth1_to_bond: entered allmulticast mode [ 336.076690][ T8550] veth0_to_team: entered allmulticast mode [ 336.083989][ T8550] veth1_to_team: entered allmulticast mode [ 336.091312][ T8550] veth0_to_batadv: entered allmulticast mode [ 336.099498][ T8550] batadv_slave_0: entered allmulticast mode [ 336.106200][ T8550] veth1_to_batadv: entered allmulticast mode [ 336.112823][ T8550] batadv_slave_1: entered allmulticast mode [ 336.120020][ T8550] veth0_to_hsr: entered allmulticast mode [ 336.126490][ T8550] hsr_slave_0: entered allmulticast mode [ 336.133426][ T8550] veth1_to_hsr: entered allmulticast mode [ 336.139997][ T8550] hsr_slave_1: entered allmulticast mode [ 336.146356][ T8550] hsr0: entered allmulticast mode [ 336.152021][ T8550] veth1_virt_wifi: entered allmulticast mode [ 336.158778][ T8550] veth0_virt_wifi: entered allmulticast mode [ 336.165454][ T8550] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 336.172899][ T8550] veth1_vlan: entered allmulticast mode [ 336.179278][ T8550] veth0_vlan: entered allmulticast mode [ 336.185813][ T8550] vlan0: entered allmulticast mode [ 336.191610][ T8550] vlan1: entered allmulticast mode [ 336.197426][ T8550] macvlan0: entered allmulticast mode [ 336.204221][ T8550] macvlan1: entered allmulticast mode [ 336.210218][ T8550] ipvlan0: entered allmulticast mode [ 336.215775][ T8550] ipvlan1: entered allmulticast mode [ 336.221258][ T8550] veth1_macvtap: entered allmulticast mode [ 336.227814][ T8550] veth0_macvtap: entered allmulticast mode [ 336.234393][ T8550] macvtap0: entered allmulticast mode [ 336.240440][ T8550] macsec0: entered allmulticast mode [ 336.246437][ T8550] geneve0: entered allmulticast mode [ 336.253105][ T8550] geneve1: entered allmulticast mode [ 336.259137][ T8550] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 336.267234][ T8550] netdevsim netdevsim0 netdevsim1: entered allmulticast mode [ 336.275329][ T8550] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 336.283274][ T8550] netdevsim netdevsim0 netdevsim3: entered allmulticast mode [ 336.291329][ T8550] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 336.299068][ T8550] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 336.307402][ T8550] vxlan0: entered allmulticast mode [ 336.313134][ T8550] syztnl2: entered allmulticast mode [ 338.223769][ T8567] pim6reg: entered allmulticast mode [ 338.244707][ T8565] pim6reg: left allmulticast mode [ 338.933842][ T5792] Bluetooth: Wrong link type (-71) [ 339.665048][ T8590] loop0: detected capacity change from 0 to 1024 [ 340.025867][ T8596] (null): rxe_set_mtu: Set mtu to 1024 [ 340.036160][ T8596] rdma_rxe: rxe_newlink: failed to add wg2 [ 340.785950][ T8590] EXT4-fs: Ignoring removed bh option [ 340.791502][ T8590] EXT4-fs: Ignoring removed nobh option [ 340.840064][ T8590] EXT4-fs: Ignoring removed bh option [ 340.884631][ T8590] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 341.674224][ T8590] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 342.388822][ T8590] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4031: comm syz.0.719: Allocating blocks 497-513 which overlap fs metadata [ 342.405054][ T8590] EXT4-fs (loop0): pa ffff888078246910: logic 256, phys. 385, len 8 [ 342.413060][ T8590] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 343.437222][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.958730][ T8636] loop2: detected capacity change from 0 to 256 [ 346.090087][ T8636] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 346.288180][ T8638] loop1: detected capacity change from 0 to 256 [ 346.310388][ T8638] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 346.337439][ T8638] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 346.413454][ T8638] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 346.706301][ T8643] IPVS: nq: FWM 3 0x00000003 - no destination available [ 347.094835][ T5847] IPVS: starting estimator thread 0... [ 347.194062][ T8647] IPVS: using max 21 ests per chain, 50400 per kthread [ 351.541335][ T8685] binder: 8684:8685 ioctl c0306201 0 returned -14 [ 352.508054][ T8700] loop0: detected capacity change from 0 to 1024 [ 354.195510][ T8714] (null): rxe_set_mtu: Set mtu to 1024 [ 354.201467][ T8714] rdma_rxe: rxe_newlink: failed to add wg2 [ 354.698592][ T8709] kvm: pic: non byte write [ 354.710579][ T8709] kvm: vcpu 0: requested 3328 ns lapic timer period limited to 200000 ns [ 356.165700][ T8742] loop1: detected capacity change from 0 to 32768 [ 356.190772][ T8742] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.760 (8742) [ 356.256792][ T8742] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 356.267446][ T8742] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 356.277657][ T8742] BTRFS info (device loop1): using free space tree [ 362.014241][ T8742] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 362.017024][ T8742] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 362.159402][ T8742] BTRFS error (device loop1): open_ctree failed: -12 [ 362.274949][ T6425] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (6425) [ 363.249853][ T8785] lo: entered allmulticast mode [ 363.324344][ T8785] tunl0: entered allmulticast mode [ 363.365892][ T8785] gre0: entered allmulticast mode [ 363.389872][ T8785] gretap0: entered allmulticast mode [ 363.396007][ T8785] erspan0: entered allmulticast mode [ 363.402045][ T8785] ip_vti0: entered allmulticast mode [ 363.408100][ T8785] ip6_vti0: entered allmulticast mode [ 363.414253][ T8785] sit0: entered allmulticast mode [ 363.420042][ T8785] ip6tnl0: entered allmulticast mode [ 363.426133][ T8785] ip6gre0: entered allmulticast mode [ 363.432192][ T8785] ip6gretap0: entered allmulticast mode [ 363.439075][ T8785] bridge0: entered allmulticast mode [ 363.444702][ T8785] vcan0: entered allmulticast mode [ 363.450249][ T8785] bond0: entered allmulticast mode [ 363.455520][ T8785] bond_slave_0: entered allmulticast mode [ 363.461370][ T8785] bond_slave_1: entered allmulticast mode [ 363.468423][ T8785] team0: entered allmulticast mode [ 363.473742][ T8785] team_slave_0: entered allmulticast mode [ 363.480164][ T8785] team_slave_1: entered allmulticast mode [ 363.487075][ T8785] dummy0: entered allmulticast mode [ 363.492892][ T8785] nlmon0: entered allmulticast mode [ 363.498863][ T8785] caif0: entered allmulticast mode [ 363.504183][ T8785] batadv0: entered allmulticast mode [ 363.510421][ T8785] vxcan0: entered allmulticast mode [ 363.516634][ T8785] vxcan1: entered allmulticast mode [ 363.522155][ T8785] veth0: entered allmulticast mode [ 363.528014][ T8785] veth1: entered allmulticast mode [ 363.533880][ T8785] wg0: entered allmulticast mode [ 363.540093][ T8785] wg1: entered allmulticast mode [ 363.545710][ T8785] wg2: entered allmulticast mode [ 363.551010][ T8785] infiniband syz2: set active [ 363.556065][ T8785] infiniband syz2: set active [ 363.561549][ T8785] veth0_to_bridge: entered allmulticast mode [ 363.568962][ T8785] veth1_to_bridge: entered allmulticast mode [ 363.576384][ T8785] veth0_to_bond: entered allmulticast mode [ 363.583442][ T8785] veth1_to_bond: entered allmulticast mode [ 363.590569][ T8785] veth0_to_team: entered allmulticast mode [ 363.598017][ T8785] veth1_to_team: entered allmulticast mode [ 363.605447][ T8785] veth0_to_batadv: entered allmulticast mode [ 363.612108][ T8785] batadv_slave_0: entered allmulticast mode [ 363.618744][ T8785] veth1_to_batadv: entered allmulticast mode [ 363.625466][ T8785] batadv_slave_1: entered allmulticast mode [ 363.631982][ T8785] xfrm0: entered allmulticast mode [ 363.637883][ T8785] veth0_to_hsr: entered allmulticast mode [ 363.644856][ T8785] hsr_slave_0: entered allmulticast mode [ 363.651099][ T8785] veth1_to_hsr: entered allmulticast mode [ 363.657582][ T8785] hsr_slave_1: entered allmulticast mode [ 363.663964][ T8785] hsr0: entered allmulticast mode [ 363.669652][ T8785] veth1_virt_wifi: entered allmulticast mode [ 363.678568][ T8785] veth0_virt_wifi: entered allmulticast mode [ 363.685350][ T8785] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 363.692804][ T8785] veth1_vlan: entered allmulticast mode [ 363.699250][ T8785] veth0_vlan: entered allmulticast mode [ 363.706562][ T8785] vlan0: entered allmulticast mode [ 363.712357][ T8785] vlan1: entered allmulticast mode [ 363.718248][ T8785] macvlan0: entered allmulticast mode [ 363.724376][ T8785] macvlan1: entered allmulticast mode [ 363.730429][ T8785] ipvlan0: entered allmulticast mode [ 363.735990][ T8785] ipvlan1: entered allmulticast mode [ 363.741454][ T8785] veth1_macvtap: entered allmulticast mode [ 363.748643][ T8785] veth0_macvtap: entered allmulticast mode [ 363.755242][ T8785] macvtap0: entered allmulticast mode [ 363.762092][ T8785] macsec0: entered allmulticast mode [ 363.768100][ T8785] geneve0: entered allmulticast mode [ 363.774141][ T8785] geneve1: entered allmulticast mode [ 363.780114][ T8785] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 363.789507][ T8785] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 363.797716][ T8785] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 363.805789][ T8785] netdevsim netdevsim1 netdevsim3: entered allmulticast mode [ 363.813965][ T8785] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 363.821703][ T8785] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 363.829492][ T8785] bond1: entered allmulticast mode [ 363.834714][ T8785] gretap1: entered allmulticast mode [ 363.840130][ T8785] bridge1: entered allmulticast mode [ 363.944979][ T9] wg2 speed is unknown, defaulting to 1000 [ 363.951465][ T9] wg2 speed is unknown, defaulting to 1000 [ 366.344409][ T788] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 367.265155][ T8816] overlayfs: failed to clone upperpath [ 367.303952][ T788] usb 2-1: Using ep0 maxpacket: 16 [ 367.842072][ T788] usb 2-1: device descriptor read/all, error -71 [ 369.294186][ T5792] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 372.534004][ T8862] loop1: detected capacity change from 0 to 64 [ 372.586175][ T8862] hfs: get root inode failed [ 374.498618][ T5792] Bluetooth: Wrong link type (-71) [ 375.275034][ T8877] loop0: detected capacity change from 0 to 32768 [ 375.297903][ T8877] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 375.308226][ T8877] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 375.317638][ T8877] BTRFS info (device loop0): using free space tree [ 375.455963][ T8877] BTRFS info (device loop0): enabling ssd optimizations [ 375.463024][ T8877] BTRFS info (device loop0): auto enabling async discard [ 375.653009][ T8899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'. [ 375.662184][ T8899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.790'. [ 375.671439][ T8899] netlink: 'syz.1.790': attribute type 18 has an invalid length. [ 375.803723][ T8899] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 375.812496][ T8899] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 375.821259][ T8899] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 375.830622][ T8899] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 375.861618][ T8899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'. [ 375.870658][ T8899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.790'. [ 375.879996][ T8899] netlink: 'syz.1.790': attribute type 18 has an invalid length. [ 377.643714][ T27] audit: type=1800 audit(1763152190.934:37): pid=8904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.789" name="file2" dev="loop0" ino=261 res=0 errno=0 [ 378.781585][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.790404][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.823409][ T5783] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 381.169943][ T8923] lo: entered allmulticast mode [ 381.180952][ T8923] tunl0: entered allmulticast mode [ 381.190917][ T8923] gre0: entered allmulticast mode [ 381.201425][ T8923] gretap0: entered allmulticast mode [ 381.217883][ T8923] erspan0: entered allmulticast mode [ 381.228162][ T8923] ip_vti0: entered allmulticast mode [ 381.239450][ T8923] ip6_vti0: entered allmulticast mode [ 381.250479][ T8923] sit0: entered allmulticast mode [ 381.261788][ T8923] ip6tnl0: entered allmulticast mode [ 381.271828][ T8923] ip6gre0: entered allmulticast mode [ 381.281622][ T8923] syz_tun: entered allmulticast mode [ 381.292145][ T8923] ip6gretap0: entered allmulticast mode [ 381.302489][ T8923] bridge0: entered allmulticast mode [ 381.309409][ T8923] vcan0: entered allmulticast mode [ 381.320375][ T8923] bond0: entered allmulticast mode [ 381.325730][ T8923] bond_slave_0: entered allmulticast mode [ 381.331633][ T8923] bond_slave_1: entered allmulticast mode [ 381.337564][ T8923] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 381.346426][ T8923] dummy0: entered allmulticast mode [ 381.357710][ T8923] nlmon0: entered allmulticast mode [ 381.368927][ T8923] caif0: entered allmulticast mode [ 381.375761][ T8923] batadv0: entered allmulticast mode [ 381.389774][ T8923] vxcan0: entered allmulticast mode [ 381.399015][ T8923] vxcan1: entered allmulticast mode [ 381.407844][ T8923] veth0: entered allmulticast mode [ 381.417969][ T8923] veth1: entered allmulticast mode [ 381.428545][ T8923] wg0: entered allmulticast mode [ 381.438666][ T8923] wg1: entered allmulticast mode [ 381.448569][ T8923] wg2: entered allmulticast mode [ 381.458489][ T8923] veth0_to_bridge: entered allmulticast mode [ 381.478195][ T8923] veth1_to_bridge: entered allmulticast mode [ 381.499250][ T8923] veth0_to_bond: entered allmulticast mode [ 381.515008][ T8923] veth1_to_bond: entered allmulticast mode [ 381.530193][ T8923] veth0_to_team: entered allmulticast mode [ 381.541872][ T8923] team_slave_0: entered allmulticast mode [ 381.577503][ T8923] veth1_to_team: entered allmulticast mode [ 381.584727][ T8923] team_slave_1: entered allmulticast mode [ 381.590694][ T8923] veth0_to_batadv: entered allmulticast mode [ 381.597492][ T8923] batadv_slave_0: entered allmulticast mode [ 381.604365][ T8923] veth1_to_batadv: entered allmulticast mode [ 381.611077][ T8923] batadv_slave_1: entered allmulticast mode [ 381.617689][ T8923] xfrm0: entered allmulticast mode [ 381.623481][ T8923] veth0_to_hsr: entered allmulticast mode [ 381.629993][ T8923] hsr_slave_0: entered allmulticast mode [ 381.636403][ T8923] veth1_to_hsr: entered allmulticast mode [ 381.642838][ T8923] hsr_slave_1: entered allmulticast mode [ 381.649241][ T8923] hsr0: entered allmulticast mode [ 381.655278][ T8923] veth1_virt_wifi: entered allmulticast mode [ 381.661964][ T8923] veth0_virt_wifi: entered allmulticast mode [ 381.669332][ T8923] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 381.676905][ T8923] veth1_vlan: entered allmulticast mode [ 381.683852][ T8923] veth0_vlan: entered allmulticast mode [ 381.690402][ T8923] vlan0: entered allmulticast mode [ 381.696845][ T8923] vlan1: entered allmulticast mode [ 381.762515][ T8923] macvlan0: entered allmulticast mode [ 381.769262][ T8923] macvlan1: entered allmulticast mode [ 381.775390][ T8923] ipvlan0: entered allmulticast mode [ 381.780849][ T8923] ipvlan1: entered allmulticast mode [ 381.787341][ T8923] veth1_macvtap: entered allmulticast mode [ 381.794062][ T8923] veth0_macvtap: entered allmulticast mode [ 381.800524][ T8923] macvtap0: entered allmulticast mode [ 381.806661][ T8923] macsec0: entered allmulticast mode [ 381.812617][ T8923] geneve0: entered allmulticast mode [ 381.818634][ T8923] geneve1: entered allmulticast mode [ 381.833418][ T8923] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 381.841222][ T8923] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 381.849019][ T8923] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 381.856797][ T8923] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 381.864536][ T8923] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 381.872433][ T8923] syztnl1: entered allmulticast mode [ 381.877985][ T8923] syztnl2: entered allmulticast mode [ 381.983242][ T8926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.804'. [ 386.738908][ T8966] 9pnet_fd: p9_fd_create_tcp (8966): problem connecting socket to 127.0.0.1 [ 387.700389][ T8968] loop2: detected capacity change from 0 to 2048 [ 387.756991][ T8968] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 390.458413][ T8985] lo: entered allmulticast mode [ 390.495421][ T8985] tunl0: entered allmulticast mode [ 390.502220][ T8985] gre0: entered allmulticast mode [ 390.508056][ T8985] gretap0: entered allmulticast mode [ 390.514133][ T8985] erspan0: entered allmulticast mode [ 390.520109][ T8985] ip_vti0: entered allmulticast mode [ 390.526190][ T8985] ip6_vti0: entered allmulticast mode [ 390.532300][ T8985] sit0: entered allmulticast mode [ 390.538073][ T8985] ip6tnl0: entered allmulticast mode [ 390.544163][ T8985] ip6gre0: entered allmulticast mode [ 390.551252][ T8985] ip6gretap0: entered allmulticast mode [ 390.566649][ T8985] bridge0: entered allmulticast mode [ 390.572577][ T8985] bond0: entered allmulticast mode [ 390.578805][ T8985] bond_slave_0: entered allmulticast mode [ 390.584878][ T8985] bond_slave_1: entered allmulticast mode [ 390.591146][ T8985] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 390.598472][ T8985] dummy0: entered allmulticast mode [ 390.604413][ T8985] nlmon0: entered allmulticast mode [ 390.610851][ T8985] caif0: entered allmulticast mode [ 390.616197][ T8985] batadv0: entered allmulticast mode [ 390.622512][ T8985] vxcan0: entered allmulticast mode [ 390.628132][ T8985] vxcan1: entered allmulticast mode [ 390.633742][ T8985] veth0: entered allmulticast mode [ 390.639538][ T8985] veth1: entered allmulticast mode [ 390.645426][ T8985] wg0: entered allmulticast mode [ 390.652863][ T8985] wg1: entered allmulticast mode [ 390.659965][ T8985] wg2: entered allmulticast mode [ 390.667306][ T8985] veth0_to_bridge: entered allmulticast mode [ 390.680090][ T8985] veth1_to_bridge: entered allmulticast mode [ 390.691090][ T8985] veth0_to_bond: entered allmulticast mode [ 390.701114][ T8985] veth1_to_bond: entered allmulticast mode [ 390.712033][ T8985] veth0_to_team: entered allmulticast mode [ 390.720481][ T8985] team_slave_0: entered allmulticast mode [ 390.727011][ T8985] veth1_to_team: entered allmulticast mode [ 390.735154][ T8985] team_slave_1: entered allmulticast mode [ 390.741499][ T8985] veth0_to_batadv: entered allmulticast mode [ 390.749702][ T8985] batadv_slave_0: entered allmulticast mode [ 390.757826][ T8985] veth1_to_batadv: entered allmulticast mode [ 390.766140][ T8985] batadv_slave_1: entered allmulticast mode [ 390.775969][ T8985] xfrm0: entered allmulticast mode [ 390.783997][ T8985] veth0_to_hsr: entered allmulticast mode [ 390.791850][ T8985] hsr_slave_0: entered allmulticast mode [ 390.799911][ T8985] veth1_to_hsr: entered allmulticast mode [ 390.807929][ T8985] hsr_slave_1: entered allmulticast mode [ 390.815762][ T8985] hsr0: entered allmulticast mode [ 390.823248][ T8985] veth1_virt_wifi: entered allmulticast mode [ 390.831760][ T8985] veth0_virt_wifi: entered allmulticast mode [ 390.840125][ T8985] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 390.848220][ T8985] veth1_vlan: entered allmulticast mode [ 390.855906][ T8985] veth0_vlan: entered allmulticast mode [ 390.865132][ T8985] vlan0: entered allmulticast mode [ 390.872503][ T8985] vlan1: entered allmulticast mode [ 390.879944][ T8985] macvlan0: entered allmulticast mode [ 390.888280][ T8985] macvlan1: entered allmulticast mode [ 390.896297][ T8985] ipvlan0: entered allmulticast mode [ 390.902437][ T8985] ipvlan1: entered allmulticast mode [ 390.908516][ T8985] veth1_macvtap: entered allmulticast mode [ 390.917044][ T8985] veth0_macvtap: entered allmulticast mode [ 390.925222][ T8985] macvtap0: entered allmulticast mode [ 390.932860][ T8985] macsec0: entered allmulticast mode [ 390.940814][ T8985] geneve0: entered allmulticast mode [ 390.948758][ T8985] geneve1: entered allmulticast mode [ 390.956291][ T8985] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 390.966349][ T8985] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 390.976077][ T8985] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 390.986308][ T8985] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 390.996272][ T8985] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 391.008336][ T8985] vxlan0: entered allmulticast mode [ 391.426120][ T8993] loop2: detected capacity change from 0 to 1024 [ 391.433588][ T8993] EXT4-fs: Ignoring removed bh option [ 391.476867][ T8993] EXT4-fs: Ignoring removed nobh option [ 391.482480][ T8993] EXT4-fs: Ignoring removed bh option [ 391.525942][ T8993] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 391.692666][ T8993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.311489][ T9007] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.811: Allocating blocks 497-513 which overlap fs metadata [ 392.356621][ T9007] EXT4-fs (loop2): pa ffff888078177d98: logic 256, phys. 385, len 8 [ 392.365130][ T9007] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 392.997572][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.256061][ T9045] netlink: 'syz.2.825': attribute type 12 has an invalid length. [ 400.376905][ T9057] loop0: detected capacity change from 0 to 8 [ 400.707190][ T9059] block device autoloading is deprecated and will be removed. [ 401.490614][ T9065] loop0: detected capacity change from 0 to 64 [ 401.511263][ T9065] hfs: get root inode failed [ 401.664748][ T9066] loop1: detected capacity change from 0 to 1024 [ 406.692026][ T9091] loop0: detected capacity change from 0 to 256 [ 406.788343][ T9091] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 406.833792][ T9091] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 406.861304][ T9091] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 409.400937][ T9115] xt_ecn: cannot match TCP bits for non-tcp packets [ 409.545097][ T9118] overlayfs: overlapping lowerdir path [ 411.403062][ T9128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.844'. [ 416.708693][ T9168] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 416.722044][ T9168] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 418.718769][ T9187] fuse: Bad value for 'fd' [ 430.352293][ T9244] loop1: detected capacity change from 0 to 128 [ 430.603006][ T9251] overlayfs: failed to clone lowerpath [ 430.658039][ T9252] overlayfs: failed to clone lowerpath [ 431.223176][ T9244] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 431.465576][ T9244] ext4 filesystem being mounted at /210/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 431.497076][ C1] vkms_vblank_simulate: vblank timer overrun [ 431.640926][ T5778] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 433.137633][ T9271] netlink: 100 bytes leftover after parsing attributes in process `syz.0.880'. [ 434.580315][ T9283] netlink: 'syz.0.890': attribute type 3 has an invalid length. [ 435.365550][ T9287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.883'. [ 436.807303][ T9302] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 436.828370][ T9302] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 437.511783][ T9306] loop2: detected capacity change from 0 to 1024 [ 437.662814][ T9312] loop0: detected capacity change from 0 to 256 [ 437.679996][ T9312] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 437.730852][ T9312] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 437.775556][ T9310] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 437.805311][ T9254] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 437.824320][ T9312] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 438.634670][ T8] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 438.911047][ T8] usb 2-1: config 0 has an invalid interface number: 214 but max is 0 [ 439.248947][ T8] usb 2-1: config 0 has no interface number 0 [ 439.259781][ T8] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 439.326457][ T8] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 439.349192][ T8] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 439.363962][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 439.489749][ T8] usb 2-1: Product: syz [ 439.494282][ T8] usb 2-1: Manufacturer: syz [ 439.498906][ T8] usb 2-1: SerialNumber: syz [ 439.507840][ T8] usb 2-1: config 0 descriptor?? [ 439.674343][ T9333] overlayfs: overlapping lowerdir path [ 440.178568][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.201647][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.289925][ T9341] relay: one or more items not logged [item size (56) > sub-buffer size (10)] [ 440.495977][ T8] usbtouchscreen 2-1:0.214: Failed to read FW rev: -71 [ 440.524841][ T8] usbtouchscreen: probe of 2-1:0.214 failed with error -71 [ 440.537631][ T8] usb 2-1: USB disconnect, device number 4 [ 442.332010][ T9357] overlayfs: failed to clone lowerpath [ 442.691207][ T9360] loop0: detected capacity change from 0 to 32768 [ 442.706536][ T9361] overlayfs: failed to clone lowerpath [ 442.826593][ T9360] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 443.036651][ T9377] tipc: Failed to remove unknown binding: 66,1,1/0:4054989247/4054989249 [ 443.063173][ T9377] tipc: Failed to remove unknown binding: 66,1,1/0:4054989247/4054989249 [ 443.112613][ T9360] XFS (loop0): Ending clean mount [ 443.232338][ T9377] tipc: Failed to remove unknown binding: 66,1,1/0:4054989247/4054989249 [ 443.356608][ T5783] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 448.721630][ T9428] overlayfs: failed to clone upperpath [ 452.048074][ T9455] wg2 speed is unknown, defaulting to 1000 [ 453.944495][ T9461] loop1: detected capacity change from 0 to 1024 [ 453.953444][ T9461] EXT4-fs: Ignoring removed bh option [ 453.959631][ T9461] EXT4-fs: Ignoring removed nobh option [ 453.973823][ T9461] EXT4-fs: Ignoring removed bh option [ 454.209404][ T9461] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 454.634246][ T9461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.398249][ T9476] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.925: Allocating blocks 497-513 which overlap fs metadata [ 455.470225][ T9476] EXT4-fs (loop1): pa ffff888078246bc8: logic 256, phys. 385, len 8 [ 455.478403][ T9476] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 456.039776][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.413682][ T9493] netlink: 320 bytes leftover after parsing attributes in process `syz.3.932'. [ 460.725888][ T8] IPVS: starting estimator thread 0... [ 460.923990][ T9508] IPVS: using max 20 ests per chain, 48000 per kthread [ 462.651248][ T9524] loop0: detected capacity change from 0 to 128 [ 462.799707][ T9318] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 465.271895][ T9533] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3909473598/3909473600 [ 465.305298][ T9528] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3909473598/3909473600 [ 465.332899][ T9528] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3909473598/3909473600 [ 466.653521][ T9549] netlink: 'syz.3.950': attribute type 1 has an invalid length. [ 466.745874][ T9549] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 466.757690][ T9549] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 466.888016][ T9553] bond1: (slave gretap1): making interface the new active one [ 466.915596][ T9553] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 467.031236][ T9553] macvlan2: entered promiscuous mode [ 467.177053][ T9553] macvlan2: entered allmulticast mode [ 467.396639][ T9553] bond1: entered promiscuous mode [ 467.574488][ T9553] gretap1: entered promiscuous mode [ 467.581006][ T9553] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 467.654339][ T9553] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 467.690343][ T9553] bond1: left promiscuous mode [ 467.717097][ T9553] gretap1: left promiscuous mode [ 471.972515][ T9592] warning: `syz.1.959' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 472.941616][ T9602] loop1: detected capacity change from 0 to 256 [ 473.041081][ T9602] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 473.093524][ T9602] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 473.207675][ T9602] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 473.365979][ T9610] netlink: 320 bytes leftover after parsing attributes in process `syz.2.962'. [ 478.345083][ T9659] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 478.467841][ T9659] wg2 speed is unknown, defaulting to 1000 [ 479.236707][ T9657] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 479.243266][ T9657] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 479.260387][ T9657] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 480.108839][ T9657] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 480.183572][ T9657] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 480.337000][ T9657] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 480.343194][ T9657] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 480.359234][ T9657] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 481.293843][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 481.300749][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 482.454508][ T5792] Bluetooth: hci3: command 0x0406 tx timeout [ 482.460799][ T5794] Bluetooth: hci2: command 0x0406 tx timeout [ 483.412995][ T5792] Bluetooth: hci0: command 0x0406 tx timeout [ 483.419257][ T5792] Bluetooth: hci1: command 0x0406 tx timeout [ 483.770613][ T9696] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 484.494195][ T5794] Bluetooth: hci2: command 0x0406 tx timeout [ 485.454973][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 489.254142][ T9732] xt_CT: You must specify a L4 protocol and not use inversions on it [ 491.902815][ T9750] loop0: detected capacity change from 0 to 2048 [ 491.995913][ T9750] NILFS (loop0): invalid segment: Inconsistency found [ 492.023533][ T9750] NILFS (loop0): trying rollback from an earlier position [ 493.264577][ T9750] NILFS (loop0): recovery complete [ 493.297238][ T9757] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 493.759483][ T9767] xt_socket: unknown flags 0x50 [ 493.811562][ T9767] overlayfs: missing 'lowerdir' [ 495.871591][ T9787] netlink: 320 bytes leftover after parsing attributes in process `syz.1.1001'. [ 498.448327][ T9808] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 500.422829][ T9828] loop2: detected capacity change from 0 to 512 [ 500.441165][ T9828] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 500.718302][ T9827] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 501.652682][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.659209][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.909964][ T9835] loop0: detected capacity change from 0 to 4096 [ 502.058040][ T9835] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 502.067249][ T9835] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 502.080639][ T9835] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 502.097486][ T9835] ntfs: volume version 3.1. [ 502.110075][ T9835] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 502.121418][ T9835] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 502.134147][ T9835] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 502.301294][ T9841] can0: slcan on pty20. [ 503.554994][ T9831] can0 (unregistered): slcan off pty20. [ 504.402396][ T9856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 504.522473][ T9856] bond0: (slave rose0): Enslaving as an active interface with an up link [ 505.376532][ C1] llc_conn_state_process: llc_conn_service failed [ 506.248876][ T9873] wg2 speed is unknown, defaulting to 1000 [ 506.413881][ C1] llc_conn_state_process: llc_conn_service failed [ 508.377113][ T9880] wg2 speed is unknown, defaulting to 1000 [ 513.394077][ T5848] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 513.594964][ T5848] usb 1-1: unable to get BOS descriptor or descriptor too short [ 513.603444][ T5848] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 513.611119][ T5848] usb 1-1: can't read configurations, error -71 [ 514.293089][ T9967] loop0: detected capacity change from 0 to 1024 [ 514.305784][ T9967] EXT4-fs: Ignoring removed bh option [ 514.320035][ T9967] EXT4-fs: Ignoring removed nobh option [ 514.326203][ T9967] EXT4-fs: Ignoring removed bh option [ 514.359251][ T9967] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 514.437341][ T9970] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 515.789568][ T9969] loop2: detected capacity change from 0 to 2048 [ 515.964496][ T9969] NILFS (loop2): invalid segment: Inconsistency found [ 516.005073][ T9969] NILFS (loop2): trying rollback from an earlier position [ 516.543710][ T9969] NILFS (loop2): recovery complete [ 516.549356][ T9967] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.567413][ T9979] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 516.961658][ T9983] (null): rxe_set_mtu: Set mtu to 1024 [ 516.972668][ T9983] rdma_rxe: rxe_newlink: failed to add ip6gretap0 [ 517.191025][ T9985] xt_socket: unknown flags 0x50 [ 517.220948][ T9985] overlayfs: missing 'lowerdir' [ 517.590064][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.680967][ T9989] loop2: detected capacity change from 0 to 512 [ 517.887828][ T9989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 517.901562][ T9989] ext4 filesystem being mounted at /251/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 518.570358][ T9989] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.1050: corrupted inode contents [ 518.601259][ T9989] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #4: comm syz.2.1050: mark_inode_dirty error [ 518.732994][ T9996] xt_recent: hitcount (4294901760) is larger than allowed maximum (255) [ 519.786709][ T9989] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.1050: corrupted inode contents [ 520.165896][ T9989] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.1050: mark_inode_dirty error [ 520.187424][ T9989] Quota error (device loop2): write_blk: dquota write failed [ 520.725065][T10011] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 521.104571][ T9989] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 521.134470][ T9989] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1050: Failed to acquire dquot type 1 [ 521.358117][T10015] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.1050: corrupted inode contents [ 521.688400][T10015] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #4: comm syz.2.1050: mark_inode_dirty error [ 521.731944][T10015] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.1050: corrupted inode contents [ 521.863443][T10015] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.1050: mark_inode_dirty error [ 521.875346][T10015] Quota error (device loop2): write_blk: dquota write failed [ 521.886822][T10015] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 521.896226][T10015] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 522.648526][T10015] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1050: Failed to acquire dquot type 1 [ 522.698029][T10024] loop0: detected capacity change from 0 to 2048 [ 522.722910][T10016] Quota error (device loop2): write_blk: dquota write failed [ 522.747487][T10016] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 522.808473][T10024] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 523.041581][T10031] wg2 speed is unknown, defaulting to 1000 [ 524.129177][T10029] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 524.161189][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.171945][T10029] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 524.197484][T10029] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 524.369699][T10029] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 524.897290][T10028] wg2 speed is unknown, defaulting to 1000 [ 525.907860][T10047] 9pnet_virtio: no channels available for device syz [ 526.175242][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 526.255599][ T5794] Bluetooth: hci2: command 0x0406 tx timeout [ 526.271240][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 526.426476][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 528.511339][T10084] overlayfs: failed to resolve './file1': -2 [ 530.000285][ T27] audit: type=1326 audit(1763152342.994:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.120105][T10094] loop2: detected capacity change from 0 to 256 [ 530.135102][ T27] audit: type=1326 audit(1763152342.994:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.170118][ T27] audit: type=1326 audit(1763152343.144:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.199553][ T27] audit: type=1326 audit(1763152343.144:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.252860][ T27] audit: type=1326 audit(1763152343.144:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.313760][ T27] audit: type=1326 audit(1763152343.344:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff3e3d8df10 code=0x7ffc0000 [ 530.361390][ T27] audit: type=1326 audit(1763152343.344:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff3e3d90ef7 code=0x7ffc0000 [ 530.391525][ T27] audit: type=1326 audit(1763152343.344:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3e3d8f6c9 code=0x7ffc0000 [ 530.421974][ T27] audit: type=1326 audit(1763152343.344:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff3e3d90ef7 code=0x7ffc0000 [ 530.470808][ T27] audit: type=1326 audit(1763152343.344:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10086 comm="syz.1.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff3e3d8e32a code=0x7ffc0000 [ 532.277354][T10104] syz_tun: left promiscuous mode [ 532.282593][T10104] bridge0: port 3(syz_tun) entered disabled state [ 532.429079][T10104] bridge_slave_0: left promiscuous mode [ 532.436084][T10104] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.449639][T10104] bridge_slave_1: left promiscuous mode [ 532.458902][T10104] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.244948][T10104] bond0: (slave bond_slave_0): Releasing backup interface [ 533.304756][T10104] bond0: (slave bond_slave_1): Releasing backup interface [ 533.344653][T10104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.358352][T10104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 533.400388][T10104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 533.409175][T10104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 533.439082][T10104] bond0: (slave wlan1): Releasing backup interface [ 533.528895][T10111] netlink: 'syz.2.1073': attribute type 10 has an invalid length. [ 533.551746][T10111] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 533.593288][T10111] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 533.624345][T10111] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 533.644909][T10103] wg2 speed is unknown, defaulting to 1000 [ 534.083225][T10126] overlayfs: failed to resolve './bus': -2 [ 543.518348][T10157] binder: 10147:10157 ioctl c0306201 0 returned -14 [ 545.352774][T10159] wg2 speed is unknown, defaulting to 1000 [ 552.284772][T10200] netlink: 'syz.1.1095': attribute type 6 has an invalid length. [ 552.531817][T10200] Invalid option length (65058) for dns_resolver key [ 553.872641][T10213] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0 [ 554.609734][T10221] loop0: detected capacity change from 0 to 16 [ 554.640958][T10221] erofs: (device loop0): mounted with root inode @ nid 36. [ 557.128444][T10237] blktrace: Concurrent blktraces are not allowed on sg0 [ 561.308926][T10286] netlink: 'syz.2.1114': attribute type 1 has an invalid length. [ 561.316874][T10286] netlink: 'syz.2.1114': attribute type 2 has an invalid length. [ 563.001557][T10296] loop1: detected capacity change from 0 to 256 [ 563.068228][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.077389][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.401820][T10315] loop0: detected capacity change from 0 to 2048 [ 565.664202][T10317] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 565.863978][T10314] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 565.982465][T10314] Remounting filesystem read-only [ 566.180826][T10316] blktrace: Concurrent blktraces are not allowed on sg0 [ 566.897449][ T5783] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 566.914703][ T5783] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 566.922065][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 566.950059][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 566.993808][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 567.058691][ T5783] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 567.133406][ T5783] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 567.264302][ T5783] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 567.319345][ T5783] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 567.396290][ T5783] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 567.423379][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 568.436992][T10344] loop2: detected capacity change from 0 to 40427 [ 568.486616][T10344] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 568.495039][T10344] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 568.714860][T10344] F2FS-fs (loop2): invalid crc value [ 568.743456][T10344] F2FS-fs (loop2): Found nat_bits in checkpoint [ 568.845104][T10344] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 568.853423][T10344] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 569.108183][T10356] loop1: detected capacity change from 0 to 2048 [ 569.150130][T10356] NILFS (loop1): invalid segment: Inconsistency found [ 569.190181][T10356] NILFS (loop1): trying rollback from an earlier position [ 569.245063][T10362] capability: warning: `syz.2.1133' uses deprecated v2 capabilities in a way that may be insecure [ 570.224030][T10356] NILFS (loop1): recovery complete [ 570.273939][T10367] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 570.746410][T10371] xt_socket: unknown flags 0x50 [ 570.775501][T10371] overlayfs: missing 'lowerdir' [ 571.526221][T10373] netlink: 'syz.3.1140': attribute type 6 has an invalid length. [ 573.519116][T10399] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 574.192874][T10401] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 575.692032][T10405] loop2: detected capacity change from 0 to 4096 [ 575.773352][T10405] EXT4-fs (loop2): Test dummy encryption mode enabled [ 575.786633][T10409] netlink: 'syz.3.1148': attribute type 1 has an invalid length. [ 575.794568][T10409] netlink: 'syz.3.1148': attribute type 2 has an invalid length. [ 578.444919][T10405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.054891][T10405] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 581.119249][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.347240][T10448] loop0: detected capacity change from 0 to 256 [ 582.359924][T10448] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 582.377967][T10448] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 582.485445][T10448] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 583.707691][T10453] 9pnet_fd: Insufficient options for proto=fd [ 583.796426][T10455] No such timeout policy "syz1" [ 584.903769][T10463] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1158'. [ 585.718879][T10471] loop1: detected capacity change from 0 to 512 [ 585.746871][T10471] EXT4-fs: Ignoring removed nobh option [ 585.889260][T10471] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1163: iget: bad i_size value: 38620345925642 [ 585.930037][T10471] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1163: couldn't read orphan inode 15 (err -117) [ 586.079125][T10471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 586.581095][T10478] loop0: detected capacity change from 0 to 512 [ 586.974120][T10474] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 587.038968][T10478] EXT4-fs: Ignoring removed oldalloc option [ 587.051017][T10478] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 587.076055][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.090740][T10478] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 587.250554][T10478] EXT4-fs (loop0): 1 truncate cleaned up [ 587.291822][T10478] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 589.157960][T10502] overlayfs: failed to resolve './bus': -2 [ 590.173931][T10504] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1170'. [ 590.830041][T10499] ªªªªªª: renamed from wg2 (while UP) [ 591.601369][T10510] loop2: detected capacity change from 0 to 8192 [ 591.612971][T10510] FAT-fs (loop2): Unrecognized mount option "ÿÿÿÿ" or missing value [ 593.441864][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.798640][T10541] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 595.129211][T10543] loop2: detected capacity change from 0 to 512 [ 595.136590][T10543] ext2: Unknown parameter 'smackfsfloor' [ 595.814276][T10565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1182'. [ 595.823707][T10565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1182'. [ 595.913406][T10560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1186'. [ 603.387057][T10618] loop1: detected capacity change from 0 to 1764 [ 603.459270][T10225] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 604.002811][T10642] xt_socket: unknown flags 0x50 [ 604.049424][T10642] overlayfs: missing 'lowerdir' [ 604.878996][T10649] loop2: detected capacity change from 0 to 256 [ 605.190016][T10658] overlayfs: failed to resolve './bus': -2 [ 606.266491][T10649] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 606.453862][T10649] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 606.569529][T10649] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 607.268879][T10673] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0 [ 608.146567][T10674] No such timeout policy "syz1" [ 609.664514][T10703] 9pnet_fd: Insufficient options for proto=fd [ 612.219932][T10720] loop1: detected capacity change from 0 to 1024 [ 612.886336][T10720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 613.381096][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 614.156330][T10739] xt_CT: No such helper "snmp" [ 614.387987][T10745] fuse: Bad value for 'fd' [ 614.502791][T10746] loop1: detected capacity change from 0 to 2048 [ 614.537352][T10746] NILFS (loop1): invalid segment: Inconsistency found [ 614.572997][T10746] NILFS (loop1): trying rollback from an earlier position [ 615.452362][T10746] NILFS (loop1): recovery complete [ 615.546238][T10753] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 615.872883][T10757] loop0: detected capacity change from 0 to 64 [ 616.173347][T10757] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 616.994035][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 616.994048][ T27] audit: type=1800 audit(1763152430.794:50): pid=10763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1225" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 618.342048][T10775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.038678][T10775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.109716][T10777] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.146200][T10775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.160599][T10775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1231'. [ 620.349701][T10794] netlink: 'syz.2.1233': attribute type 6 has an invalid length. [ 622.880127][T10811] loop1: detected capacity change from 0 to 16 [ 624.436945][T10811] erofs: (device loop1): mounted with root inode @ nid 36. [ 624.804401][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.810990][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.259576][T10813] loop0: detected capacity change from 0 to 1024 [ 625.269453][T10813] EXT4-fs: Ignoring removed oldalloc option [ 625.275993][T10813] EXT4-fs: Ignoring removed orlov option [ 625.781816][T10813] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 626.186046][T10813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.313546][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.758796][T10850] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1246'. [ 634.645268][T10859] netlink: 'syz.1.1248': attribute type 6 has an invalid length. [ 635.648632][T10871] loop1: detected capacity change from 0 to 64 [ 635.825280][T10871] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 635.918032][T10874] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 640.233977][T10058] Bluetooth: hci3: command 0x0406 tx timeout [ 642.525968][T10912] loop2: detected capacity change from 0 to 164 [ 643.239905][T10912] Unable to read rock-ridge attributes [ 643.706839][T10904] fuse: Unknown parameter 'fd0xffffffffffffffff0000000000000000000000000000000000000000' [ 645.056523][T10922] loop1: detected capacity change from 0 to 40427 [ 645.067907][T10922] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 645.075812][T10922] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 646.017729][T10922] F2FS-fs (loop1): invalid crc value [ 646.076844][T10933] sp0: Synchronizing with TNC [ 646.098123][T10933] loop0: detected capacity change from 0 to 8 [ 646.280765][T10922] F2FS-fs (loop1): Found nat_bits in checkpoint [ 646.317272][T10922] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 646.324406][T10922] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 647.996822][T10954] loop2: detected capacity change from 0 to 16 [ 649.441636][T10954] erofs: (device loop2): mounted with root inode @ nid 36. [ 650.586837][T10960] loop0: detected capacity change from 0 to 64 [ 650.616270][T10960] hfs: get root inode failed [ 651.221458][T10969] netlink: 'syz.3.1272': attribute type 5 has an invalid length. [ 654.136668][T10986] loop1: detected capacity change from 0 to 24 [ 654.146983][T10986] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 654.868818][T10986] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 656.666231][T11004] netlink: 2384 bytes leftover after parsing attributes in process `syz.3.1282'. [ 659.881285][T11020] netlink: 'syz.1.1285': attribute type 5 has an invalid length. [ 662.126400][T11034] hub 1-0:1.0: USB hub found [ 662.134491][T11034] hub 1-0:1.0: 1 port detected [ 667.972355][T11050] loop2: detected capacity change from 0 to 1024 [ 668.055287][T11050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 668.882966][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 669.209771][T11062] loop2: detected capacity change from 0 to 64 [ 669.310844][T11062] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 670.921231][T11072] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 670.934136][T11072] Cannot find add_set index 0 as target [ 672.337289][T11083] UBIFS error (pid: 11083): cannot open "./file0", error -22 [ 674.182482][T11091] o2cb: This node has not been configured. [ 674.196228][T11091] o2cb: Cluster check failed. Fix errors before retrying. [ 674.203670][T11091] (syz.0.1303,11091,0):user_dlm_register:674 ERROR: status = -22 [ 674.211498][T11091] (syz.0.1303,11091,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 676.516784][T11105] netlink: 'syz.2.1310': attribute type 3 has an invalid length. [ 680.892286][T11116] loop2: detected capacity change from 0 to 512 [ 680.991708][T11116] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 682.175025][ T49] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 685.940209][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.948056][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.056913][T11176] veth0_to_team: entered promiscuous mode [ 687.062652][T11176] veth0_to_team: left allmulticast mode [ 688.619364][T11196] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 688.625925][T11196] PKCS7: Only support pkcs7_signedData type [ 688.947187][T11175] loop1: detected capacity change from 0 to 8 [ 691.233446][T11218] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 691.906441][T11215] can0: slcan on pty24. [ 696.334536][T11208] can0 (unregistered): slcan off pty24. [ 697.653943][T10058] Bluetooth: hci3: unexpected event for opcode 0x0000 [ 700.416128][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 701.886210][ T5794] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 701.905323][ T5794] Bluetooth: hci3: Injecting HCI hardware error event [ 701.915586][ T5794] Bluetooth: hci3: hardware error 0x00 [ 702.215857][T11278] loop1: detected capacity change from 0 to 512 [ 702.265212][T11278] EXT4-fs: Ignoring removed nobh option [ 702.368018][T11278] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1350: iget: bad i_size value: 38620345925642 [ 702.431379][T11278] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1350: couldn't read orphan inode 15 (err -117) [ 702.473358][T11278] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 702.511098][T11286] loop2: detected capacity change from 0 to 512 [ 702.543749][T11286] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 703.503784][T11048] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 703.515660][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 704.459143][ T5794] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 706.039183][T11326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1356'. [ 707.085202][T11332] loop1: detected capacity change from 0 to 32768 [ 707.532085][T11332] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1358 (11332) [ 707.597227][T11332] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 707.608784][T11332] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 707.617897][T11332] BTRFS info (device loop1): using free space tree [ 707.731138][T11332] BTRFS info (device loop1): enabling ssd optimizations [ 707.738260][T11332] BTRFS info (device loop1): auto enabling async discard [ 708.925176][ T5778] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 709.182786][T11369] bridge0: port 3(erspan0) entered blocking state [ 709.214631][T11369] bridge0: port 3(erspan0) entered disabled state [ 709.257397][T11369] erspan0: entered promiscuous mode [ 709.268024][T11369] bridge0: port 3(erspan0) entered blocking state [ 709.274671][T11369] bridge0: port 3(erspan0) entered forwarding state [ 710.092241][T11375] netlink: 'syz.0.1364': attribute type 10 has an invalid length. [ 710.100227][T11375] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1364'. [ 710.114586][T11375] net veth1_virt_wifi virt_wifi0: left allmulticast mode [ 710.139362][T11375] batman_adv: batadv0: Adding interface: virt_wifi0 [ 710.146207][T11375] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 710.172614][T11375] batman_adv: batadv0: Interface activated: virt_wifi0 [ 712.621842][T11397] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 713.436348][ T5928] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 713.641349][ T5928] usb 2-1: config 0 has no interfaces? [ 713.720872][ T5928] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 713.870723][ T5928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.279844][ T5928] usb 2-1: config 0 descriptor?? [ 714.437064][T11410] UBIFS error (pid: 11410): cannot open "./file0", error -22 [ 716.464651][T10136] usb 2-1: USB disconnect, device number 6 [ 723.493395][T11444] loop2: detected capacity change from 0 to 2048 [ 723.794078][T11444] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 723.819171][T11444] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 723.829506][T11444] UDF-fs: error (device loop2): udf_read_inode: (ino 1376) failed !bh [ 723.837839][T11444] UDF-fs: error (device loop2): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 723.916763][T11048] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 724.369975][T11448] raw_sendmsg: syz.0.1384 forgot to set AF_INET. Fix it! [ 725.275353][T11455] UBIFS error (pid: 11455): cannot open "./file0", error -22 [ 729.374524][T11469] 9pnet_virtio: no channels available for device syz [ 733.862008][T11519] loop2: detected capacity change from 0 to 1024 [ 733.870821][T11519] EXT4-fs: Ignoring removed i_version option [ 733.876976][T11519] EXT4-fs: inline encryption not supported [ 733.986090][T11519] EXT4-fs (loop2): Test dummy encryption mode enabled [ 734.402304][T11519] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 734.827686][T11528] loop1: detected capacity change from 0 to 1024 [ 734.835184][T11528] EXT4-fs: Ignoring removed bh option [ 734.840738][T11528] EXT4-fs: Ignoring removed nobh option [ 734.847264][T11528] EXT4-fs: Ignoring removed bh option [ 734.933887][T11528] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 735.087825][T11528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 736.111429][T11535] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.1403: Allocating blocks 497-513 which overlap fs metadata [ 736.197185][T11535] EXT4-fs (loop1): pa ffff888078177ae0: logic 256, phys. 385, len 8 [ 736.205353][T11535] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 736.497929][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 736.899407][T11542] loop2: detected capacity change from 0 to 512 [ 736.933438][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.362558][T11542] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 737.633903][T11542] ext4 filesystem being mounted at /332/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 738.297256][ T5794] Bluetooth: hci2: Unable to find connection with handle 0x00c9 [ 739.508931][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 740.803550][T11582] ubi0: attaching mtd0 [ 740.816495][T11582] ubi0: scanning is finished [ 741.173357][T11582] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 741.181032][T11582] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 741.188336][T11582] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 741.196067][T11582] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 741.203472][T11582] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 741.211590][T11582] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 741.219669][T11582] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 3621801192 [ 741.229708][T11582] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 741.240435][T11584] ubi0: background thread "ubi_bgt0d" started, PID 11584 [ 742.575888][T11636] hub 1-0:1.0: USB hub found [ 742.583886][T11636] hub 1-0:1.0: 1 port detected [ 746.968402][T11672] xt_CT: You must specify a L4 protocol and not use inversions on it [ 747.377260][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.388090][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.516680][ T5794] Bluetooth: hci2: unexpected event for opcode 0x0428 [ 748.048365][T11686] xt_l2tp: v2 doesn't support IP mode [ 751.573391][ T5794] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 751.583819][ T5794] Bluetooth: hci2: Injecting HCI hardware error event [ 751.592578][ T5794] Bluetooth: hci2: hardware error 0x00 [ 752.679601][T11720] tmpfs: Unknown parameter 'trans' [ 753.660367][ T5794] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 754.137130][T11728] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1439'. [ 754.968656][T11747] loop2: detected capacity change from 0 to 1024 [ 755.003416][T11747] EXT4-fs: Ignoring removed bh option [ 755.318461][T11751] fuse: Bad value for 'fd' [ 755.338697][T11747] EXT4-fs: Ignoring removed nobh option [ 755.367900][T11747] EXT4-fs: Ignoring removed bh option [ 755.454821][T11747] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 755.668892][T11747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 756.414344][T11764] UBIFS error (pid: 11764): cannot open "./file0", error -22 [ 757.543856][T11765] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.1444: Allocating blocks 497-513 which overlap fs metadata [ 759.468841][ T27] audit: type=1800 audit(1763152573.277:51): pid=11762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1444" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 759.510310][T11765] EXT4-fs (loop2): pa ffff888078246ae0: logic 256, phys. 385, len 8 [ 759.518528][T11765] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 760.411078][T11775] (null): rxe_set_mtu: Set mtu to 1024 [ 760.417090][T11775] rdma_rxe: rxe_newlink: failed to add veth1_to_team [ 760.456182][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.711049][T11796] overlayfs: failed to clone lowerpath [ 763.752710][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 766.652187][T11831] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1465'. [ 766.714251][T11829] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 767.926621][T11844] loop2: detected capacity change from 0 to 2048 [ 768.656735][T11850] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 770.915661][T11850] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 770.985739][T11850] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4) [ 771.069269][T11850] Remounting filesystem read-only [ 771.101467][T11871] loop1: detected capacity change from 0 to 1024 [ 771.110321][T11627] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 771.133890][T11627] NILFS (loop2): discard dirty block: blocknr=39, size=1024 [ 771.151845][T11871] EXT4-fs: Ignoring removed bh option [ 771.157588][T11871] EXT4-fs: Ignoring removed nobh option [ 771.163263][T11871] EXT4-fs: Ignoring removed bh option [ 771.169311][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.180249][T11871] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 771.191918][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.213749][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.222708][T11627] NILFS (loop2): discard dirty page: offset=0, ino=3 [ 771.234916][T11627] NILFS (loop2): discard dirty block: blocknr=42, size=1024 [ 771.242286][T11627] NILFS (loop2): discard dirty block: blocknr=43, size=1024 [ 771.250388][T11627] NILFS (loop2): discard dirty block: blocknr=44, size=1024 [ 771.257987][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.274035][T11627] NILFS (loop2): discard dirty page: offset=65536, ino=3 [ 771.288193][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.300278][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.312927][T11627] NILFS (loop2): discard dirty block: blocknr=0, size=1024 [ 771.342553][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.382021][T11627] NILFS (loop2): discard dirty page: offset=196608, ino=3 [ 771.408695][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.429503][T11871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 771.443725][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.453217][T11627] NILFS (loop2): discard dirty block: blocknr=49, size=1024 [ 771.460707][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.477812][T11627] NILFS (loop2): discard dirty page: offset=0, ino=18 [ 771.495858][T11627] NILFS (loop2): discard dirty block: blocknr=0, size=1024 [ 771.510925][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.521786][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.539152][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.550052][T11627] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 771.679362][T11627] NILFS (loop2): discard dirty block: blocknr=18, size=1024 [ 771.687780][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.698203][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.708168][T11627] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 771.729602][ T5781] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 771.754517][ T5781] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 771.798050][ T5781] NILFS (loop2): discard dirty block: blocknr=35, size=1024 [ 771.969686][T11887] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.1476: Allocating blocks 497-513 which overlap fs metadata [ 772.023203][T11887] EXT4-fs (loop1): pa ffff88805ab8b1d0: logic 256, phys. 385, len 8 [ 772.031377][T11887] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 772.423722][ T5781] NILFS (loop2): discard dirty block: blocknr=36, size=1024 [ 772.431061][ T5781] NILFS (loop2): discard dirty block: blocknr=37, size=1024 [ 772.475377][ T5781] NILFS (loop2): discard dirty block: blocknr=38, size=1024 [ 772.507995][ T5781] NILFS (loop2): discard dirty page: offset=0, ino=5 [ 772.533799][ T5781] NILFS (loop2): discard dirty block: blocknr=41, size=1024 [ 772.566589][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.581430][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.590557][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.600131][ T5781] NILFS (loop2): discard dirty page: offset=0, ino=4 [ 772.607191][ T5781] NILFS (loop2): discard dirty block: blocknr=40, size=1024 [ 772.614548][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.623516][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.633166][ T5781] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 772.909608][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.548563][T11934] UBIFS error (pid: 11934): cannot open "./file0", error -22 [ 780.479730][ T27] audit: type=1326 audit(1763152594.287:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 781.283916][ T27] audit: type=1326 audit(1763152595.077:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 781.311128][T11942] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 781.320135][T11942] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 781.328943][T11942] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 781.338492][T11942] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 781.402850][ T27] audit: type=1326 audit(1763152595.077:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 781.491484][T11942] vxlan0: entered allmulticast mode [ 781.497336][T11942] bond0: (slave vxlan0): Enslaving as an active interface with an up link [ 781.513044][ T27] audit: type=1326 audit(1763152595.077:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 781.570845][ T27] audit: type=1326 audit(1763152595.077:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 781.636280][ T27] audit: type=1326 audit(1763152595.077:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 782.893853][ T27] audit: type=1326 audit(1763152595.077:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 782.923695][ T27] audit: type=1326 audit(1763152595.087:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 782.967942][ T27] audit: type=1326 audit(1763152595.087:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 782.995168][ T27] audit: type=1326 audit(1763152595.087:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11936 comm="syz.2.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7ffc0000 [ 783.292722][T11946] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1492'. [ 784.390182][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1502'. [ 787.583904][T11988] tmpfs: Bad value for 'mpol' [ 788.495996][T11997] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 788.505946][T11997] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 788.515091][T11997] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 788.524265][T11997] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 788.535931][T11997] geneve2: entered promiscuous mode [ 788.541396][T11997] geneve2: entered allmulticast mode [ 789.910722][T12013] vxcan3: entered promiscuous mode [ 789.942176][T12013] vxcan3: entered allmulticast mode [ 790.072337][T12015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1499'. [ 790.099906][T12015] veth0_macvtap: left promiscuous mode [ 791.507413][T12030] UBIFS error (pid: 12030): cannot open "./file0", error -22 [ 795.447438][T12064] UBIFS error (pid: 12064): cannot open "./file0", error -22 [ 796.150004][T12071] loop2: detected capacity change from 0 to 8 [ 796.558726][T12071] SQUASHFS error: zlib decompression failed, data probably corrupt [ 796.567608][T12071] SQUASHFS error: Failed to read block 0x9b: -5 [ 796.573956][T12071] SQUASHFS error: Unable to read metadata cache entry [99] [ 796.581157][T12071] SQUASHFS error: Unable to read inode 0x127 [ 796.617341][T11472] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 796.859807][T12075] xt_CT: You must specify a L4 protocol and not use inversions on it [ 797.784229][T12086] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1533'. [ 799.796831][T12104] loop1: detected capacity change from 0 to 128 [ 799.896021][T12104] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 805.375001][T12172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1552'. [ 805.641413][T12172] veth0_macvtap: left promiscuous mode [ 806.870245][T12181] netlink: 2384 bytes leftover after parsing attributes in process `syz.2.1555'. [ 807.684194][T12185] loop1: detected capacity change from 0 to 16 [ 807.694479][T12185] erofs: (device loop1): mounted with root inode @ nid 36. [ 807.738097][T12185] syz.1.1557: attempt to access beyond end of device [ 807.738097][T12185] loop1: rw=0, sector=8, nr_sectors = 16 limit=16 [ 808.817291][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.823866][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.339272][T12191] syz.1.1557: attempt to access beyond end of device [ 809.339272][T12191] loop1: rw=0, sector=8, nr_sectors = 16 limit=16 [ 810.112996][T12190] syz.1.1557 (12190): drop_caches: 2 [ 811.860754][T12202] loop1: detected capacity change from 0 to 2048 [ 811.878323][T12202] NILFS (loop1): unrecognized mount option "cp=0x0000000000000003±£ø¢þápô" [ 812.561863][T12207] siw: device registration error -23 [ 812.804690][T12219] vxlan1: entered allmulticast mode [ 812.810823][T12219] bond0: (slave vxlan1): Enslaving as an active interface with an up link [ 818.984300][T12272] loop2: detected capacity change from 0 to 128 [ 819.439101][T12272] qnx6: wrong signature (magic) in superblock #1. [ 820.038803][T12272] veth0_to_team: entered promiscuous mode [ 820.047901][T12272] veth0_to_team: left allmulticast mode [ 824.917395][T12311] loop2: detected capacity change from 0 to 256 [ 825.102978][T12311] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 825.240475][T12311] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 825.337993][T12315] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1591'. [ 827.829741][T12333] netlink: 2384 bytes leftover after parsing attributes in process `syz.0.1593'. [ 828.376307][T12328] tipc: Enabled bearer , priority 0 [ 828.409095][T12335] loop2: detected capacity change from 0 to 512 [ 828.454051][T12335] UDF-fs: bad mount option "obj_user=-]" or missing value [ 830.412390][ T5847] tipc: Node number set to 2886997007 [ 830.891636][T12350] (null): rxe_set_mtu: Set mtu to 1024 [ 830.901812][T12350] rdma_rxe: rxe_newlink: failed to add veth1_to_team [ 831.584629][T12352] loop1: detected capacity change from 0 to 256 [ 831.638871][T12352] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 831.713888][T12352] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 834.133582][T12366] loop1: detected capacity change from 0 to 4096 [ 834.248402][T12366] __ntfs_error: 66 callbacks suppressed [ 834.248432][T12366] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 834.263106][T12366] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 834.276626][T12366] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 834.315525][T12366] ntfs: volume version 3.1. [ 834.373827][T12366] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 834.385447][T12366] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 834.396939][T12366] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 835.648643][T12377] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.1605'. [ 837.035120][T12392] vxcan3: entered promiscuous mode [ 837.054815][T12392] vxcan3: entered allmulticast mode [ 837.071267][T12397] loop1: detected capacity change from 0 to 256 [ 837.276655][T12397] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 837.635640][T12397] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 838.761032][T12411] SET target dimension over the limit! [ 841.266015][T12431] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1617'. [ 842.153194][ T27] audit: type=1326 audit(1763152655.137:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12420 comm="syz.1.1617" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff3e3d8f6c9 code=0x0 [ 845.470865][T12451] overlayfs: failed to clone upperpath [ 846.111517][T12454] bridge0: port 3(erspan0) entered blocking state [ 846.142476][T12454] bridge0: port 3(erspan0) entered disabled state [ 846.151627][T12454] erspan0: entered promiscuous mode [ 847.004335][T12464] loop2: detected capacity change from 0 to 40427 [ 847.471027][T12464] F2FS-fs (loop2): Unrecognized mount option "01777777777777777777777" or missing value [ 847.903823][T12458] I/O error, dev loop2, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 847.993239][T12464] loop2: detected capacity change from 0 to 2048 [ 848.000665][T12464] UDF-fs: bad mount option "shortad=" or missing value [ 848.983170][T12483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1639'. [ 851.075418][T12490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1632'. [ 852.433828][ T27] audit: type=1326 audit(1763152665.007:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.1632" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc12c38f6c9 code=0x0 [ 853.669396][T12507] SET target dimension over the limit! [ 856.048240][T12533] netlink: 'syz.1.1643': attribute type 10 has an invalid length. [ 856.056311][T12533] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1643'. [ 856.068823][T12533] net veth1_virt_wifi virt_wifi0: left allmulticast mode [ 856.093872][T12533] batman_adv: batadv0: Adding interface: virt_wifi0 [ 856.100639][T12533] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 856.126528][T12533] batman_adv: batadv0: Interface activated: virt_wifi0 [ 859.088814][T12563] SET target dimension over the limit! [ 861.704321][T12565] loop2: detected capacity change from 0 to 512 [ 861.786635][T12565] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 861.795171][T12565] EXT4-fs (loop2): orphan cleanup on readonly fs [ 861.802792][T12565] Quota error (device loop2): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6). [ 861.815016][T12565] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 861.832553][T12565] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 861.868008][T12565] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1660: bg 0: block 40: padding at end of block bitmap is not set [ 861.891220][T12565] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 861.910946][T12565] EXT4-fs (loop2): 1 truncate cleaned up [ 861.919327][T12565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 862.115219][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 862.184297][T12574] loop1: detected capacity change from 0 to 512 [ 862.236038][T12574] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 864.750783][T11620] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 867.561528][T12616] tmpfs: Unknown parameter 'trans' [ 868.929136][T12629] loop1: detected capacity change from 0 to 512 [ 868.971034][T12629] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 868.979871][T12629] EXT4-fs (loop1): orphan cleanup on readonly fs [ 868.989442][T12629] Quota error (device loop1): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6). [ 869.000735][T12629] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 869.213282][T12629] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 869.224660][T12629] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1665: bg 0: block 40: padding at end of block bitmap is not set [ 869.239920][T12629] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 869.250284][T12629] EXT4-fs (loop1): 1 truncate cleaned up [ 869.257299][T12629] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 869.815058][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 870.938428][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.944862][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.160841][T12655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1673'. [ 872.037842][T12664] SET target dimension over the limit! [ 873.739125][T12676] loop2: detected capacity change from 0 to 256 [ 873.805411][T12676] FAT-fs (loop2): Unrecognized mount option "shor†name=mixed" or missing value [ 878.250272][T12706] input: syz1 as /devices/virtual/input/input6 [ 880.499416][T12706] ceph: No mds server is up or the cluster is laggy [ 880.996063][T12718] (null): rxe_set_mtu: Set mtu to 1024 [ 881.005003][T12718] rdma_rxe: rxe_newlink: failed to add veth1_to_team [ 882.121222][T12726] bridge0: port 1(erspan0) entered blocking state [ 882.129709][T12726] bridge0: port 1(erspan0) entered disabled state [ 882.290336][T12726] erspan0: entered promiscuous mode [ 882.800624][T12726] bridge0: port 1(erspan0) entered blocking state [ 882.807271][T12726] bridge0: port 1(erspan0) entered forwarding state [ 882.985215][T12735] overlayfs: failed to clone upperpath [ 883.344573][T12733] tipc: Started in network mode [ 883.349706][T12733] tipc: Node identity 080211000001, cluster identity 4711 [ 883.360618][T12733] tipc: Enabled bearer , priority 0 [ 883.378596][T12733] tipc: Resetting bearer [ 885.263996][ T5847] tipc: Node number set to 134418688 [ 885.490676][T12762] loop2: detected capacity change from 0 to 1024 [ 886.466795][ T5998] hfsplus: b-tree write err: -5, ino 4 [ 886.598283][T12772] bridge0: port 3(erspan0) entered blocking state [ 886.606222][T12772] bridge0: port 3(erspan0) entered disabled state [ 886.614552][T12772] erspan0: entered promiscuous mode [ 887.247921][T12778] random: crng reseeded on system resumption [ 888.808822][T12789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1699'. [ 890.913959][T12796] loop2: detected capacity change from 0 to 16 [ 890.957720][T12796] erofs: (device loop2): mounted with root inode @ nid 36. [ 891.060138][T12796] syz.2.1709: attempt to access beyond end of device [ 891.060138][T12796] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 892.527849][T12806] ªªªªªª speed is unknown, defaulting to 1000 [ 893.381429][T12812] syz.2.1709: attempt to access beyond end of device [ 893.381429][T12812] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 893.908360][T12811] syz.2.1709 (12811): drop_caches: 2 [ 898.425983][T12857] random: crng reseeded on system resumption [ 900.710285][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 900.800786][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 900.854391][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 900.946116][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.018849][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.089072][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.186187][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.294266][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.375337][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.449904][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.488192][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.517917][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.575479][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.618196][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.665681][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.717661][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.761285][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.803566][ T28] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0 [ 901.998918][ T28] hid-generic 0003:0003:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 902.630600][T12868] fido_id[12868]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 903.949893][T12880] tmpfs: Bad value for 'mpol' [ 904.345444][T12892] loop1: detected capacity change from 0 to 256 [ 905.028395][T12892] FAT-fs (loop1): Unrecognized mount option "shor†name=mixed" or missing value [ 908.659712][T12928] loop1: detected capacity change from 0 to 8 [ 908.970963][T12928] SQUASHFS error: zlib decompression failed, data probably corrupt [ 908.980372][T12928] SQUASHFS error: Failed to read block 0x9b: -5 [ 908.986732][T12928] SQUASHFS error: Unable to read metadata cache entry [99] [ 908.994321][T12928] SQUASHFS error: Unable to read inode 0x127 [ 910.474144][T12939] tmpfs: Bad value for 'mpol' [ 912.231889][T12950] vxfs: WRONG superblock magic 00000000 at 1 [ 912.239860][T12950] vxfs: WRONG superblock magic 00000000 at 8 [ 912.246086][T12950] vxfs: can't find superblock. [ 912.708412][ T28] libceph: connect (1)[c::]:6789 error -101 [ 912.916445][T12949] ceph: No mds server is up or the cluster is laggy [ 912.930057][ T28] libceph: mon0 (1)[c::]:6789 connect error [ 913.144408][T12953] loop2: detected capacity change from 0 to 32768 [ 913.160303][T12953] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1746 (12953) [ 913.194583][T12953] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 913.204903][T12953] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 913.213556][T12953] BTRFS info (device loop2): using free space tree [ 913.498853][T12953] BTRFS info (device loop2): enabling ssd optimizations [ 913.506005][T12953] BTRFS info (device loop2): auto enabling async discard [ 915.341003][ T5781] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 916.090149][T12471] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop2 scanned by udevd (12471) [ 917.193872][T12988] loop1: detected capacity change from 0 to 1024 [ 917.911414][T12990] (null): rxe_set_mtu: Set mtu to 1024 [ 917.917248][T12990] rdma_rxe: rxe_newlink: failed to add veth1_to_team [ 918.150233][T12992] siw: device registration error -23 [ 918.479675][ T42] hfsplus: b-tree write err: -5, ino 4 [ 919.845792][T13014] netlink: 'syz.2.1756': attribute type 1 has an invalid length. [ 919.901887][T13014] 8021q: adding VLAN 0 to HW filter on device bond1 [ 920.221371][T13014] 8021q: adding VLAN 0 to HW filter on device bond1 [ 920.336689][T13014] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 920.907742][T13014] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 921.071424][T13019] ip6erspan0: entered promiscuous mode [ 921.091737][T13019] bond1: (slave ip6erspan0): making interface the new active one [ 921.106360][T13019] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 921.129935][T13022] macvlan2: entered promiscuous mode [ 921.136589][T13022] bond1: entered promiscuous mode [ 921.142659][T13022] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 921.159660][T13022] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of ip6erspan0 [ 921.198632][T13022] bond1: left promiscuous mode [ 922.657914][T13036] loop1: detected capacity change from 0 to 40427 [ 922.708633][T13036] F2FS-fs (loop1): build fault injection attr: rate: 4, type: 0x7ffff [ 922.871108][T12471] I/O error, dev loop1, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 923.031346][T13046] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 923.063316][T13046] batman_adv: batadv0: Adding interface: ip6gretap1 [ 923.070121][T13046] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 923.098766][T13046] batman_adv: batadv0: Interface activated: ip6gretap1 [ 923.523983][T13033] loop1: detected capacity change from 0 to 512 [ 923.531222][T13033] ext4: Unknown parameter 'uid<00000000000000000000' [ 924.401281][T13058] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1765'. [ 924.412881][T13058] loop1: detected capacity change from 0 to 8 [ 924.420164][T13058] squashfs: Unknown parameter '' [ 928.226075][T13071] "syz.3.1770" (13071) uses obsolete ecb(arc4) skcipher [ 928.792734][T13063] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 930.919525][T13085] netlink: 'syz.0.1773': attribute type 10 has an invalid length. [ 931.344256][T13092] netlink: 'syz.1.1774': attribute type 1 has an invalid length. [ 931.765044][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.771497][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.183026][T13098] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 933.188359][T13098] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 933.547274][T13100] bond2: (slave bridge2): Enslaving as an active interface with a down link [ 933.604125][T13092] macvlan0: entered promiscuous mode [ 933.609587][T13092] macvlan0: entered allmulticast mode [ 933.617467][T13092] bond2: entered promiscuous mode [ 933.623209][T13092] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 933.633014][T13092] bond2: left promiscuous mode [ 936.897375][T13141] overlayfs: failed to clone upperpath [ 937.536095][T13155] siw: device registration error -23 [ 942.490133][T13192] fuse: Bad value for 'fd' [ 943.136658][T13206] siw: device registration error -23 [ 945.699873][T13227] virtio-fs: tag not found [ 949.357061][T13257] siw: device registration error -23 [ 951.967075][T13278] overlayfs: failed to clone upperpath [ 954.865934][T13290] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1823'. [ 955.419944][T13293] netlink: 'syz.2.1822': attribute type 10 has an invalid length. [ 957.822387][T13315] netlink: 'syz.3.1829': attribute type 1 has an invalid length. [ 957.966942][T13315] 8021q: adding VLAN 0 to HW filter on device bond2 [ 958.244570][T13319] 8021q: adding VLAN 0 to HW filter on device bond2 [ 958.264219][ T27] audit: type=1326 audit(1763152772.067:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13301 comm="syz.2.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7fc00000 [ 958.288597][T13319] bond2: (slave vxcan5): The slave device specified does not support setting the MAC address [ 958.352505][T13319] bond2: (slave vxcan5): Error -95 calling set_mac_address [ 958.659042][T13315] ip6erspan0: entered promiscuous mode [ 960.443745][ T27] audit: type=1326 audit(1763152774.247:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13301 comm="syz.2.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46418f6c9 code=0x7fc00000 [ 961.766371][T13315] bond2: (slave ip6erspan0): making interface the new active one [ 961.855296][T13315] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link [ 961.978413][T13326] macvlan2: entered promiscuous mode [ 962.019824][T13326] bond2: entered promiscuous mode [ 962.063817][T13326] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 962.092905][T13326] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of ip6erspan0 [ 962.170745][T13326] bond2: left promiscuous mode [ 962.697754][T13340] netlink: 'syz.1.1835': attribute type 10 has an invalid length. [ 964.190828][T13351] loop2: detected capacity change from 0 to 2048 [ 964.275886][T13351] NILFS (loop2): invalid segment: Magic number mismatch [ 964.283009][T13351] NILFS (loop2): trying rollback from an earlier position [ 964.305444][T13351] NILFS (loop2): recovery complete [ 964.312381][T13353] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 967.088979][T13387] overlayfs: overlapping lowerdir path [ 967.175605][T13380] overlayfs: overlapping lowerdir path [ 967.219251][T13383] 8021q: adding VLAN 0 to HW filter on device bond1 [ 967.342545][T13389] bond_slave_0: entered promiscuous mode [ 967.348912][T13389] bond_slave_1: entered promiscuous mode [ 967.354976][T13389] vxlan1: entered promiscuous mode [ 967.373919][T13398] random: crng reseeded on system resumption [ 967.414319][T13389] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 967.518866][T13389] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 969.103115][T13392] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 970.529013][T13415] hub 1-0:1.0: USB hub found [ 970.535339][T13415] hub 1-0:1.0: 1 port detected [ 976.849053][T13453] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1859'. [ 979.133747][T13457] "syz.1.1861" (13457) uses obsolete ecb(arc4) skcipher [ 980.245914][T13445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 982.388338][T13469] ptrace attach of ""[13471] was attempted by "./syz-executor exec"[13469] [ 988.882870][T13507] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 989.007715][T13518] overlayfs: overlapping lowerdir path [ 989.134387][T13524] overlayfs: overlapping lowerdir path [ 989.349853][T13527] loop1: detected capacity change from 0 to 128 [ 989.809402][T13462] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 990.012330][T13529] loop2: detected capacity change from 0 to 2048 [ 990.628276][T13533] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 990.896119][T10136] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 991.132612][T10136] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 991.336286][T13537] autofs4:pid:13537:autofs_fill_super: called with bogus options [ 991.659574][T10136] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 991.674578][T10136] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 991.693667][T10136] usb 2-1: Product: syz [ 991.708265][T10136] usb 2-1: Manufacturer: syz [ 991.712879][T10136] usb 2-1: SerialNumber: syz [ 991.761566][T10136] usb 2-1: config 0 descriptor?? [ 991.814492][T10136] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 992.001877][T13546] loop2: detected capacity change from 0 to 128 [ 992.073196][ T27] audit: type=1800 audit(1763152805.877:132): pid=13546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1881" name="file2" dev="loop2" ino=1048659 res=0 errno=0 [ 992.269981][T13546] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 992.284370][T13546] FAT-fs (loop2): Filesystem has been set read-only [ 992.291159][T13546] syz.2.1881: attempt to access beyond end of device [ 992.291159][T13546] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 992.297930][T13532] loop1: detected capacity change from 0 to 512 [ 992.306991][T13546] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 992.323427][T13546] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 992.473951][T13546] syz.2.1881: attempt to access beyond end of device [ 992.473951][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 992.923378][T13546] syz.2.1881: attempt to access beyond end of device [ 992.923378][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 992.944807][T11637] usb 2-1: Failed to submit usb control message: -110 [ 992.953037][T13546] syz.2.1881: attempt to access beyond end of device [ 992.953037][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 992.967928][T11637] usb 2-1: unable to send the bmi data to the device: -110 [ 992.977762][T11637] usb 2-1: unable to get target info from device [ 992.993438][T11637] usb 2-1: could not get target info (-110) [ 993.005685][T13546] syz.2.1881: attempt to access beyond end of device [ 993.005685][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.022076][T13546] syz.2.1881: attempt to access beyond end of device [ 993.022076][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.022852][T11637] usb 2-1: could not probe fw (-110) [ 993.035506][T13546] syz.2.1881: attempt to access beyond end of device [ 993.035506][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.035583][T13546] syz.2.1881: attempt to access beyond end of device [ 993.035583][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.035652][T13546] syz.2.1881: attempt to access beyond end of device [ 993.035652][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.035727][T13546] syz.2.1881: attempt to access beyond end of device [ 993.035727][T13546] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 993.194983][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.202748][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 995.057551][ T5847] usb 2-1: USB disconnect, device number 7 [ 996.169902][T13567] loop1: detected capacity change from 0 to 764 [ 999.134780][T13595] loop2: detected capacity change from 0 to 512 [ 999.165775][T13595] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1001.198874][T13600] ptrace attach of ""[13599] was attempted by "./syz-executor exec"[13600] [ 1002.947705][T13595] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1002.985330][T13595] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 1002.985789][T13595] EXT4-fs: failed to create workqueue [ 1003.048151][T13595] EXT4-fs (loop2): mount failed [ 1003.750267][T13611] overlayfs: failed to clone upperpath [ 1005.730125][T13626] loop2: detected capacity change from 0 to 256 [ 1005.775713][T13626] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 1006.277238][T13636] overlayfs: failed to clone upperpath [ 1007.312824][T13643] capability: warning: `syz.1.1895' uses 32-bit capabilities (legacy support in use) [ 1010.756697][T13656] ptrace attach of ""[13658] was attempted by "./syz-executor exec"[13656] [ 1012.284233][T13673] netlink: 'syz.0.1909': attribute type 1 has an invalid length. [ 1012.693357][T13677] bond2: (slave vxcan5): The slave device specified does not support setting the MAC address [ 1012.785417][T13677] bond2: (slave vxcan5): Error -95 calling set_mac_address [ 1013.178582][T13679] bond2: (slave bridge1): Enslaving as an active interface with a down link [ 1013.346542][T13673] bond2: (slave gretap1): making interface the new active one [ 1013.405004][T13673] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 1013.489001][T13686] macvlan3: entered promiscuous mode [ 1013.564452][T13686] macvlan3: entered allmulticast mode [ 1013.609346][T13686] bond2: entered promiscuous mode [ 1013.639608][T13686] gretap1: entered promiscuous mode [ 1013.674130][T13686] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 1013.754002][T13686] bond2: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 1013.858998][T13686] bond2: left promiscuous mode [ 1013.864702][T13686] gretap1: left promiscuous mode [ 1015.969876][T13712] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1921'. [ 1015.979537][T13712] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1921'. [ 1017.111852][ T27] audit: type=1800 audit(1763152830.877:133): pid=13720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1923" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1018.895994][T13726] ceph: No mds server is up or the cluster is laggy [ 1018.896439][ T9] libceph: connect (1)[c::]:6789 error -101 [ 1018.896604][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 1020.414551][T13738] overlayfs: failed to clone upperpath [ 1022.638634][T13752] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1023.588461][T13758] loop1: detected capacity change from 0 to 512 [ 1023.620371][T13758] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1023.643424][T13758] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1023.674648][T13758] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1931: inode has both inline data and extents flags [ 1023.707323][T13758] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1931: couldn't read orphan inode 15 (err -117) [ 1023.742402][T13758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1024.708746][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1031.892245][T13815] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1944'. [ 1031.901306][T13815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1944'. [ 1034.246956][T13847] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1950'. [ 1037.543837][T13860] 9pnet_fd: Insufficient options for proto=fd [ 1039.158326][T13873] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1956'. [ 1039.158419][T13873] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1956'. [ 1045.988524][T13915] hub 1-0:1.0: USB hub found [ 1045.994113][T13915] hub 1-0:1.0: 1 port detected [ 1046.399424][T13920] 9pnet_fd: Insufficient options for proto=fd [ 1047.573642][T13929] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 1047.580872][T13929] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1047.592256][T13929] vhci_hcd vhci_hcd.0: Device attached [ 1047.614619][T13930] vhci_hcd: connection closed [ 1047.619805][T11620] vhci_hcd: stop threads [ 1047.635463][T11620] vhci_hcd: release socket [ 1047.639960][T11620] vhci_hcd: disconnect device [ 1049.033566][T13940] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1979'. [ 1049.370917][ T5848] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1049.429651][ T9] libceph: connect (1)[c::]:6789 error -101 [ 1049.436204][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 1049.459673][T13949] ceph: No mds server is up or the cluster is laggy [ 1050.035512][ T5848] usb 2-1: config 0 has an invalid interface number: 91 but max is 0 [ 1050.055876][ T5848] usb 2-1: config 0 has no interface number 0 [ 1050.088650][ T5848] usb 2-1: New USB device found, idVendor=05ac, idProduct=a9d2, bcdDevice=95.16 [ 1050.099147][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1050.108217][ T5848] usb 2-1: Product: syz [ 1050.112635][ T5848] usb 2-1: Manufacturer: syz [ 1050.117863][ T5848] usb 2-1: SerialNumber: syz [ 1050.860665][ T5848] usb 2-1: config 0 descriptor?? [ 1052.485429][T13816] usb 2-1: USB disconnect, device number 8 [ 1053.303565][T13979] ceph: No source [ 1053.310136][T13979] kAFS: unable to lookup cell '\/' [ 1054.026220][T13982] 9pnet_virtio: no channels available for device syz [ 1054.598812][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.605217][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 1059.073522][T14016] loop1: detected capacity change from 0 to 4096 [ 1068.990546][T14099] overlayfs: failed to clone upperpath [ 1080.112365][T14184] bridge0: left allmulticast mode [ 1087.954108][T14263] ceph: No source [ 1087.986649][T14261] kAFS: unable to lookup cell '\/' [ 1091.165957][T14288] ipvlan2: entered promiscuous mode [ 1098.869659][T14340] bridge0: port 4(team0) entered blocking state [ 1098.876557][T14340] bridge0: port 4(team0) entered disabled state [ 1098.885514][T14340] team0: entered promiscuous mode [ 1098.890604][T14340] team_slave_0: entered promiscuous mode [ 1098.896673][T14340] team_slave_1: entered promiscuous mode [ 1098.903654][T14340] bridge0: port 4(team0) entered blocking state [ 1098.910215][T14340] bridge0: port 4(team0) entered forwarding state [ 1109.962503][T14403] netlink: 'syz.1.2087': attribute type 24 has an invalid length. [ 1110.012403][T14403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2087'. [ 1110.053725][T14403] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1114.007973][T14423] netlink: 292 bytes leftover after parsing attributes in process `syz.3.2092'. [ 1114.017857][T14423] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2092'. [ 1116.061343][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.068180][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 1122.691055][T14480] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 1123.010061][T14485] loop1: detected capacity change from 0 to 512 [ 1123.018235][T14485] FAT-fs (loop1): Unrecognized mount option "" or missing value [ 1123.830114][ T5928] libceph: connect (1)[c::]:6789 error -101 [ 1123.836614][ T5928] libceph: mon0 (1)[c::]:6789 connect error [ 1123.923964][T14369] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1124.082091][T14481] ceph: No mds server is up or the cluster is laggy [ 1124.097286][ T28] libceph: connect (1)[c::]:6789 error -101 [ 1124.103524][ T28] libceph: mon0 (1)[c::]:6789 connect error [ 1125.893839][T10058] Bluetooth: hci1: command 0x0406 tx timeout [ 1126.593782][T10136] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 1127.389704][T10136] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1127.402055][T10136] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1127.418478][T10136] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1127.428589][T10136] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1127.443802][T10136] usb 2-1: Product: syz [ 1127.448048][T10136] usb 2-1: Manufacturer: syz [ 1127.473490][T10136] usb 2-1: SerialNumber: syz [ 1127.492594][T10136] usb 2-1: config 0 descriptor?? [ 1127.612788][T10136] usb 2-1: selecting invalid altsetting 0 [ 1127.701156][T14520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2115'. [ 1130.469268][T14506] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 1130.889019][T14506] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 1132.913275][T13816] usb 2-1: USB disconnect, device number 9 [ 1132.995488][T14568] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2125'. [ 1133.127695][T14568] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2125'. [ 1134.500224][T14589] loop1: detected capacity change from 0 to 164 [ 1138.710269][T14646] overlayfs: failed to clone upperpath [ 1139.800378][T14650] loop1: detected capacity change from 0 to 256 [ 1139.808474][T14650] exfat: Deprecated parameter 'utf8' [ 1139.814854][T14650] exfat: Deprecated parameter 'utf8' [ 1139.822902][T14650] exfat: Deprecated parameter 'namecase' [ 1139.878794][T14650] exFAT-fs (loop1): error, The cluster chain has a loop [ 1139.886244][T14650] exFAT-fs (loop1): failed to count the number of clusters in root [ 1139.894472][T14650] exFAT-fs (loop1): failed to recognize exfat type [ 1142.585127][T14691] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2143'. [ 1142.751677][T14691] batadv1: entered allmulticast mode [ 1146.564452][T14724] netlink: 'syz.3.2153': attribute type 1 has an invalid length. [ 1146.691693][T14729] loop1: detected capacity change from 0 to 8 [ 1147.685832][T14724] bond3: entered promiscuous mode [ 1147.691503][T14724] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1147.780182][T14731] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1147.805311][T14731] bond3: (slave gre1): The slave device specified does not support setting the MAC address [ 1147.853806][T14731] bond3: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 1147.991632][T14731] bond3: (slave gre1): making interface the new active one [ 1148.043705][T14731] gre1: entered promiscuous mode [ 1148.064993][T14731] bond3: (slave gre1): Enslaving as an active interface with an up link [ 1153.130914][T14796] IPVS: set_ctl: invalid protocol: 59 100.1.1.1:20004 [ 1156.064700][T14814] random: crng reseeded on system resumption [ 1169.883550][ T27] audit: type=1326 audit(1763152983.687:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.004118][ T27] audit: type=1326 audit(1763152983.687:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.400084][ T27] audit: type=1326 audit(1763152984.207:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.426687][ T27] audit: type=1326 audit(1763152984.207:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.692587][ T27] audit: type=1326 audit(1763152984.207:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.716419][ T27] audit: type=1326 audit(1763152984.207:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.739977][ T27] audit: type=1326 audit(1763152984.207:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.768196][ T27] audit: type=1326 audit(1763152984.217:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1170.791160][ T27] audit: type=1326 audit(1763152984.217:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1171.004155][ T27] audit: type=1326 audit(1763152984.217:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14893 comm="syz.0.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a3d8f6c9 code=0x7ffc0000 [ 1174.042379][T14911] nvme_fabrics: missing parameter 'transport=%s' [ 1174.105584][T14911] nvme_fabrics: missing parameter 'nqn=%s' [ 1177.463107][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.469518][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.667051][T14944] netlink: 'syz.0.2201': attribute type 21 has an invalid length. [ 1177.897247][T14944] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2201'. [ 1178.074467][T14944] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2201'. [ 1179.247075][T14956] 9pnet_fd: Insufficient options for proto=fd [ 1180.886143][T14967] ªªªªªª speed is unknown, defaulting to 1000 [ 1185.456528][ T27] kauditd_printk_skb: 62 callbacks suppressed [ 1185.456542][ T27] audit: type=1326 audit(1763152999.267:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.3.2212" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc12c38f6c9 code=0x0 [ 1185.852034][T14996] loop1: detected capacity change from 0 to 1024 [ 1185.864548][T14996] ext4: Unknown parameter 'fsmagic' [ 1185.963747][T14957] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1193.718830][T15029] loop1: detected capacity change from 0 to 16 [ 1193.747697][T15029] erofs: (device loop1): mounted with root inode @ nid 36. [ 1194.780563][T15034] netlink: 'syz.0.2224': attribute type 10 has an invalid length. [ 1194.841369][T15034] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2224'. [ 1196.490879][T10058] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 1197.251309][T15058] loop1: detected capacity change from 0 to 64 [ 1197.279829][T15058] bio_check_eod: 3590 callbacks suppressed [ 1197.279842][T15058] syz.1.2227: attempt to access beyond end of device [ 1197.279842][T15058] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1197.300154][T15058] Buffer I/O error on dev loop1, logical block 134217734, async page read [ 1198.787070][T15077] netlink: 'syz.2.2236': attribute type 21 has an invalid length. [ 1198.803124][T15077] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2236'. [ 1198.812872][T15077] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2236'. [ 1200.554129][T15085] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1201.151852][T15086] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 1201.151852][T15086] program syz.2.2238 not setting count and/or reply_len properly [ 1203.605221][T15102] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2243'. [ 1203.799968][T15106] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2243'. [ 1204.331994][T15108] netlink: 'syz.1.2245': attribute type 10 has an invalid length. [ 1204.353990][T15108] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2245'. [ 1204.383018][T15108] team0: entered promiscuous mode [ 1204.393139][T15108] team_slave_0: entered promiscuous mode [ 1204.536957][T15108] team_slave_1: entered promiscuous mode [ 1204.554255][T15108] bridge0: port 4(team0) entered blocking state [ 1205.099880][T15108] bridge0: port 4(team0) entered disabled state [ 1206.476888][T15123] input: syz1 as /devices/virtual/input/input7 [ 1206.529294][T15124] syz.2.2256: attempt to access beyond end of device [ 1206.529294][T15124] nbd2: rw=0, sector=0, nr_sectors = 8 limit=0 [ 1206.542667][T15124] F2FS-fs (nbd2): Unable to read 1th superblock [ 1206.550957][T15124] syz.2.2256: attempt to access beyond end of device [ 1206.550957][T15124] nbd2: rw=0, sector=8, nr_sectors = 8 limit=0 [ 1206.564208][T15124] F2FS-fs (nbd2): Unable to read 2th superblock [ 1210.815307][T15145] ceph: No mds server is up or the cluster is laggy [ 1213.625196][T15172] netlink: 'syz.2.2260': attribute type 10 has an invalid length. [ 1213.643993][T15172] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2260'. [ 1217.039802][T15196] ------------[ cut here ]------------ [ 1217.046165][T15196] WARNING: CPU: 1 PID: 15196 at net/mac80211/chan.c:2022 ieee80211_link_release_channel+0x154/0x180 [ 1217.057067][T15196] Modules linked in: [ 1217.061242][T15196] CPU: 1 PID: 15196 Comm: syz.3.2267 Not tainted syzkaller #0 [ 1217.069190][T15196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1217.079615][T15196] RIP: 0010:ieee80211_link_release_channel+0x154/0x180 [ 1217.086748][T15196] Code: 7c 2d 00 00 74 08 48 89 df e8 68 39 e9 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 41 b1 83 00 e8 fc dd 91 f7 <0f> 0b eb c5 48 c7 c1 1c c2 4a 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 1217.107077][T15196] RSP: 0018:ffffc9001930f478 EFLAGS: 00010283 [ 1217.113197][T15196] RAX: ffffffff89f3b194 RBX: ffff88805cc11598 RCX: 0000000000080000 [ 1217.121308][T15196] RDX: ffffc9000d50a000 RSI: 000000000001dfe5 RDI: 000000000001dfe6 [ 1217.129383][T15196] RBP: 0000000000000000 R08: ffffffff8e4a8d6f R09: 1ffffffff1c951ad [ 1217.137660][T15196] R10: dffffc0000000000 R11: fffffbfff1c951ae R12: ffff88805cc12c08 [ 1217.145692][T15196] R13: 1ffff1100b9822b3 R14: ffff88805cc123c0 R15: dffffc0000000000 [ 1217.153869][T15196] FS: 00007fc12d26c6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1217.162879][T15196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1217.169909][T15196] CR2: 00007fc12d26af68 CR3: 0000000045bfb000 CR4: 00000000003506e0 [ 1217.177972][T15196] Call Trace: [ 1217.181249][T15196] [ 1217.184242][T15196] ieee80211_if_change_type+0x211/0xa70 [ 1217.189801][T15196] ? do_raw_spin_unlock+0x121/0x230 [ 1217.195314][T15196] ? cfg80211_mgmt_registrations_update_wk+0xa0/0xa0 [ 1217.201991][T15196] ? cfg80211_mlme_purge_registrations+0x1d4/0x210 [ 1217.208565][T15196] ieee80211_change_iface+0x5c/0x4c0 [ 1217.213936][T15196] cfg80211_change_iface+0x812/0xf30 [ 1217.219229][T15196] nl80211_set_interface+0x5e2/0x820 [ 1217.224792][T15196] ? nl80211_dump_interface+0x5c0/0x5c0 [ 1217.230340][T15196] ? nl80211_pre_doit+0x4fb/0x930 [ 1217.235411][T15196] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1217.240969][T15196] ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0 [ 1217.246931][T15196] ? bpf_lsm_capable+0x9/0x10 [ 1217.251606][T15196] ? security_capable+0x89/0xb0 [ 1217.256739][T15196] genl_rcv_msg+0x60b/0x790 [ 1217.261250][T15196] ? genl_bind+0x360/0x360 [ 1217.265714][T15196] ? nl80211_exit+0x30/0x30 [ 1217.270245][T15196] ? nl80211_dump_interface+0x5c0/0x5c0 [ 1217.275831][T15196] ? nl80211_pre_doit+0x930/0x930 [ 1217.280849][T15196] ? ref_tracker_free+0x634/0x7d0 [ 1217.286154][T15196] ? __copy_skb_header+0xa7/0x550 [ 1217.291195][T15196] netlink_rcv_skb+0x216/0x480 [ 1217.296052][T15196] ? genl_bind+0x360/0x360 [ 1217.300481][T15196] ? netlink_ack+0x1110/0x1110 [ 1217.305323][T15196] ? __lock_acquire+0x7c80/0x7c80 [ 1217.310366][T15196] ? down_read+0x1ac/0x2e0 [ 1217.315061][T15196] genl_rcv+0x28/0x40 [ 1217.319048][T15196] netlink_unicast+0x751/0x8d0 [ 1217.323932][T15196] netlink_sendmsg+0x8c1/0xbe0 [ 1217.328720][T15196] ? netlink_getsockopt+0x580/0x580 [ 1217.333946][T15196] ? aa_sock_msg_perm+0x94/0x150 [ 1217.338883][T15196] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1217.344457][T15196] ? security_socket_sendmsg+0x80/0xa0 [ 1217.349920][T15196] __sys_sendto+0x46a/0x620 [ 1217.354459][T15196] ? __ia32_sys_getpeername+0x90/0x90 [ 1217.359847][T15196] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1217.365886][T15196] ? lock_chain_count+0x20/0x20 [ 1217.370752][T15196] __x64_sys_sendto+0xde/0xf0 [ 1217.375846][T15196] do_syscall_64+0x55/0xb0 [ 1217.380269][T15196] ? clear_bhb_loop+0x40/0x90 [ 1217.384972][T15196] ? clear_bhb_loop+0x40/0x90 [ 1217.389651][T15196] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1217.395593][T15196] RIP: 0033:0x7fc12c39155c [ 1217.400012][T15196] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 1217.420084][T15196] RSP: 002b:00007fc12d26ae20 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1217.428627][T15196] RAX: ffffffffffffffda RBX: 00007fc12d26afa0 RCX: 00007fc12c39155c [ 1217.436673][T15196] RDX: 0000000000000024 RSI: 00007fc12d26aff0 RDI: 0000000000000007 [ 1217.444949][T15196] RBP: 0000000000000000 R08: 00007fc12d26ae74 R09: 000000000000000c [ 1217.452934][T15196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000007 [ 1217.461033][T15196] R13: 0000000000000000 R14: 00007fc12d26aff0 R15: 0000000000000000 [ 1217.469077][T15196] [ 1217.472108][T15196] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1217.479384][T15196] CPU: 1 PID: 15196 Comm: syz.3.2267 Not tainted syzkaller #0 [ 1217.486837][T15196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1217.496884][T15196] Call Trace: [ 1217.500157][T15196] [ 1217.503079][T15196] dump_stack_lvl+0x16c/0x230 [ 1217.507765][T15196] ? show_regs_print_info+0x20/0x20 [ 1217.512959][T15196] ? load_image+0x3b0/0x3b0 [ 1217.517460][T15196] panic+0x2c0/0x710 [ 1217.521612][T15196] ? bpf_jit_dump+0xd0/0xd0 [ 1217.526122][T15196] __warn+0x2e0/0x470 [ 1217.530096][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.536341][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.543029][T15196] report_bug+0x2be/0x4f0 [ 1217.547373][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.553621][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.559868][T15196] ? ieee80211_link_release_channel+0x156/0x180 [ 1217.566112][T15196] handle_bug+0xcf/0x120 [ 1217.570352][T15196] exc_invalid_op+0x1a/0x50 [ 1217.574860][T15196] asm_exc_invalid_op+0x1a/0x20 [ 1217.579708][T15196] RIP: 0010:ieee80211_link_release_channel+0x154/0x180 [ 1217.586568][T15196] Code: 7c 2d 00 00 74 08 48 89 df e8 68 39 e9 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 41 b1 83 00 e8 fc dd 91 f7 <0f> 0b eb c5 48 c7 c1 1c c2 4a 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 1217.606171][T15196] RSP: 0018:ffffc9001930f478 EFLAGS: 00010283 [ 1217.612259][T15196] RAX: ffffffff89f3b194 RBX: ffff88805cc11598 RCX: 0000000000080000 [ 1217.620235][T15196] RDX: ffffc9000d50a000 RSI: 000000000001dfe5 RDI: 000000000001dfe6 [ 1217.628296][T15196] RBP: 0000000000000000 R08: ffffffff8e4a8d6f R09: 1ffffffff1c951ad [ 1217.636393][T15196] R10: dffffc0000000000 R11: fffffbfff1c951ae R12: ffff88805cc12c08 [ 1217.644373][T15196] R13: 1ffff1100b9822b3 R14: ffff88805cc123c0 R15: dffffc0000000000 [ 1217.652350][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.658602][T15196] ? ieee80211_link_release_channel+0x154/0x180 [ 1217.664849][T15196] ieee80211_if_change_type+0x211/0xa70 [ 1217.670396][T15196] ? do_raw_spin_unlock+0x121/0x230 [ 1217.675594][T15196] ? cfg80211_mgmt_registrations_update_wk+0xa0/0xa0 [ 1217.682258][T15196] ? cfg80211_mlme_purge_registrations+0x1d4/0x210 [ 1217.688782][T15196] ieee80211_change_iface+0x5c/0x4c0 [ 1217.694080][T15196] cfg80211_change_iface+0x812/0xf30 [ 1217.699381][T15196] nl80211_set_interface+0x5e2/0x820 [ 1217.704668][T15196] ? nl80211_dump_interface+0x5c0/0x5c0 [ 1217.710247][T15196] ? nl80211_pre_doit+0x4fb/0x930 [ 1217.715267][T15196] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1217.720814][T15196] ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0 [ 1217.726718][T15196] ? bpf_lsm_capable+0x9/0x10 [ 1217.731392][T15196] ? security_capable+0x89/0xb0 [ 1217.736239][T15196] genl_rcv_msg+0x60b/0x790 [ 1217.740740][T15196] ? genl_bind+0x360/0x360 [ 1217.745149][T15196] ? nl80211_exit+0x30/0x30 [ 1217.749639][T15196] ? nl80211_dump_interface+0x5c0/0x5c0 [ 1217.755172][T15196] ? nl80211_pre_doit+0x930/0x930 [ 1217.760198][T15196] ? ref_tracker_free+0x634/0x7d0 [ 1217.765224][T15196] ? __copy_skb_header+0xa7/0x550 [ 1217.770277][T15196] netlink_rcv_skb+0x216/0x480 [ 1217.775045][T15196] ? genl_bind+0x360/0x360 [ 1217.779460][T15196] ? netlink_ack+0x1110/0x1110 [ 1217.784229][T15196] ? __lock_acquire+0x7c80/0x7c80 [ 1217.789249][T15196] ? down_read+0x1ac/0x2e0 [ 1217.793665][T15196] genl_rcv+0x28/0x40 [ 1217.797637][T15196] netlink_unicast+0x751/0x8d0 [ 1217.802411][T15196] netlink_sendmsg+0x8c1/0xbe0 [ 1217.807182][T15196] ? netlink_getsockopt+0x580/0x580 [ 1217.812374][T15196] ? aa_sock_msg_perm+0x94/0x150 [ 1217.817325][T15196] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1217.822838][T15196] ? security_socket_sendmsg+0x80/0xa0 [ 1217.828338][T15196] __sys_sendto+0x46a/0x620 [ 1217.832981][T15196] ? __ia32_sys_getpeername+0x90/0x90 [ 1217.838424][T15196] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1217.844433][T15196] ? lock_chain_count+0x20/0x20 [ 1217.849289][T15196] __x64_sys_sendto+0xde/0xf0 [ 1217.854095][T15196] do_syscall_64+0x55/0xb0 [ 1217.858610][T15196] ? clear_bhb_loop+0x40/0x90 [ 1217.863283][T15196] ? clear_bhb_loop+0x40/0x90 [ 1217.867960][T15196] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1217.873855][T15196] RIP: 0033:0x7fc12c39155c [ 1217.878272][T15196] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 1217.897870][T15196] RSP: 002b:00007fc12d26ae20 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1217.906273][T15196] RAX: ffffffffffffffda RBX: 00007fc12d26afa0 RCX: 00007fc12c39155c [ 1217.914238][T15196] RDX: 0000000000000024 RSI: 00007fc12d26aff0 RDI: 0000000000000007 [ 1217.922203][T15196] RBP: 0000000000000000 R08: 00007fc12d26ae74 R09: 000000000000000c [ 1217.930179][T15196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000007 [ 1217.938142][T15196] R13: 0000000000000000 R14: 00007fc12d26aff0 R15: 0000000000000000 [ 1217.946132][T15196] [ 1217.949399][T15196] Kernel Offset: disabled [ 1217.953840][T15196] Rebooting in 86400 seconds..