last executing test programs: 2m32.06827459s ago: executing program 3 (id=275): ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f00000005c0)={0x400, 0x1e0, 0x3c0, 0x30, 0xa000000, 0x9, 0xf, 0x2, {0x6, 0x184}, {0x6, 0x1000}, {0x4f, 0x5}, {0x5, 0x8, 0x1}, 0x3, 0x80, 0x0, 0x5, 0x0, 0x985, 0x2, 0xfffffff8, 0x2, 0x29, 0x5, 0x1000, 0x0, 0x2, 0x2c0c203250039318, 0x8}) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0xffffffffffffff47, 0x0, 0x0}) dup3(r1, r0, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0xfffffffffffffffd}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000400)={@ptr={0x66642a85, 0x1, 0x0, 0x0, 0x2, 0x100000003e}, @ptr={0x70742a85, 0x20000000, &(0x7f0000000580)=""/236, 0xec, 0xfffffffffffffffe, 0x26}, @fda={0x66646185, 0x8, 0x1, 0xb8}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1040}], 0x0, 0x0, 0x0}) 2m31.83009877s ago: executing program 3 (id=277): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) rseq(&(0x7f0000000080), 0x20, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) close(r0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0xcf) fcntl$setlease(r2, 0x400, 0x1) r3 = memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r1, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32, @ANYBLOB="140006"], 0x64}, 0x1, 0x0, 0x0, 0x48810}, 0x4000010) r2 = socket(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f00000006c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0xd8, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0xac, 0x2, [@TCA_BPF_ACT={0x4c}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0xd8}}, 0x0) 2m27.379155186s ago: executing program 3 (id=299): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000cc0)={0x2c, r1, 0x605, 0x70bd25, 0x25dfdc01, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x41840) prlimit64(0x0, 0xe, 0x0, 0x0) syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000540)='./bus\x00', 0x1a10012, &(0x7f000000c680)=ANY=[@ANYBLOB="002ecbc55fe6d6100837adda58fa7d10ab54aee93b992510be054d731ab7da7e75676e729a84f3b6a90100db5e477dbfee9ea3db9e2cdf0af3e9f7718732aaccc2158ad1dc498162eb5e87e3ec955164b6a97fb2a48d7a569258274a727cb0c7227e8f51529264e568b34e6f7ee018b3562d8fdd26e1b83ab2b09862ea8ac241fca01893c02becc286b2b17bd8c515b3dd02562333f6a7273bc91c9841bf3cb673bc8942336c5cebffbb08f82ba108af50c8dabb9628fc8e59c207395f370146898f1f3400f50f5e0566363558fe2c744cbebda08fe49b2155b62fcbb938b0d78d5e36b5e6b7d1c01f8b6423066333a94bb51f311c1d70dc272c6528d8057273e9bffbc8747d7c8a65b368828d39c69fc42125281702192328142ebb5b396e66db522ca6f2ae2ca64ab0d9d3f0eeb890d6b5a376ab004afb2ccc83293222ce378ef0e8d88e873ee168d615985aaabc293ce789dd163747e965405c11730f23faf8053fb37e93d5a54cdce54c1ce09598258ec5892938c5a16cf0c548695c973b45a0bc95feff28efd824744057c5da581fe9215d1a9e358a9da84b4ceb0f586c2ddbabbe2347dd728b8e05ecf90b4c7c9861ce1af7709c9babcdc2bd2175a8496a48942dc2755a5ed6296745ec0810e42050e657b2c0965d423077136da0140277053c8ce91d0000000000000000000000f81a60f8321a29d95e555edc5822e904e5b3821224bb704efb9aea0f736fa06f46b1023fc644c7879a6315e96f6695f65fef95d6dbf22d80c068a20fc98bad02dbeb3c9f478063d2f2f8fd5e8af7a5d5937e5626c71efa3369e99787e78597c01acfa3b273102993abd03263ae4115a65254d32c517eddeb58bbc458d025fdc566906ac145a9db74f46d10805e6c7560f6740cf29445f6aec713655cdd27032c6413f342d8e76782bdc2d96870cf7e84d15838c48aa6af77086acec169846791fbb50b0f648adbc6f4058870827efcf4da44b43c62f3", @ANYBLOB="86e65fc95cec3737ffc083e9420e0fda32ad9e60822bfec34b914022040a90f8741ca4d99221eeaef6d92e8595aacab6491e0f137f25a1eb6ce98ef49a462828f95b2b068d0d761d5b739c59f7553d6f322aa98313062ead06b1ad3b6575bd1804ab3d04d07d4692003ea4284df89a58c389ecd40e7168cf59c6200e16312d9aaa8722fb6a41995420c131b395b247f1e00fa27a838f52cecfdbf295c4f590e11c0121e67f19efbfe3041bbaa77cef1561d494e645805ba55eb8463cf1b56c08e44d71830924371064c7dd3fe5219c8af052190d7376aa62bf5edc726143be953f1494b0f2ac4591e4676317241150e315770ce42000ae7d8d7a416575697ce9989263cf1ac17daa0de31d3defb3c85aba7ba589d4bba6fb05b84fed5d7a3e6fc3692ee0e37c7515caaf9815bad099d93d420ec27e0da0eb2566233ce799632051375cd5b545428d3209708dd8bc9aed1af2b2dd96d8d7617fac7f5f006e165cd1add85134b939cf15175850d2f58d89ab6d4f0aa93ae8ad8f9d4f428b007af33a69188e661ef662cacd512ef14955045acfd4ab4ab699881d2365236c7dd59f7a28f5579b480600f3070bfe97f59e609da493e6750153bca6cad17312baa4879e0fde2f81ae15ce236f64fb898ad4ba6071403b0cafd642e2648d4e3218949dd9e906c76609ac9efe8c6176ad5e9a2f139d7b6e7e248dadbdf1cc74c05ce3ad93359b3928ec022e6ed2512c66bc64087f22a9bc10961477f5ad8acca7d2fbb242d52703ec70225d76713dfd7dc1ce24ab3aede0f39f2740181efdbaf4dd912701fd8c568d8d0daea80a4c9a93a9e28ba48f1dbafaf2e279c0d83c327e045e20d37abc0ecacd0fd6220295c16e0f4849096f0d5a7d337c8460553a5d5b63ed01a55047e22c98e9df86bd22e4ec55b7c311497d97b30709634c58c2eb751a724f6086d562b9c1d3f5fbba7d5c78a9ed08c924ab085ecaf50cb2a0437174550ea20bdba86364bc9453fb4af21f6cac1268118be3eca0ea7d6f94447e7b2cb6247f42836caa7da504f60314182201790974ac7b648a57b8d87b7af022266b3e3fb6303583fa876de471b1d8ac73f0af724581271be1ba839261e7b50f42e1d3c44856f0a5b3e148a7783ed2ed70ee435cec055be29b7997d2e2bb52e39e413b570d383febe08c38310ca77b3622cc45c1a79f0de240f23c0a9a28ea6fc2030f927a1e07fe15ae8e70e170a7152ce5475e199b780390c971c9148f72eff33cac7f0cb23850f1d7f2494733f86bf52df43c2a44b412c5f0cd830e45a9fa097d4f7508fa6e1f33ddf6953b6dbce69aa70f078c4112636c3a902252a17b197ecb8f05beb5a276e0c297990b240bf0156601deb9105be5529e4c6923f14a8c7e1fe6a04cd229194a0b974d473ce6726fc481bb7f4e172eb661162d221a6837849fd618849da2d300d25db9cb8386efba1c099edd5ac31bf9fbda2a8a3b824cbe2e953710555f579d8fcf51b6d14bb098cdb68d25b9962cb163b78b89ddcb201f8882e036d60c2348a52536d06f1dc891fcdb6a6baab4ad69051ae5eefd73f0f67eb0f254dd3b460a2cf56a796d7a16d67e6818119cc8c40facc305657bfa74bdfee0faa0eec37cf000ecce3f86cc6f6cb40ad12a46a0184391fe32616531b35fd3bf1c3d28d00aa052fd7c2c1891448db260db1a9717281a25bf705514aaee649e0630da06fe202e3949674554373d878e13d90f2dc3fcf3143f1cf9605f694b7854038409573d12eb872befe1132f79d4d7a9b1964fc1cd5214fb99a0ffd1e88936d01b052479e777340b29dc97c5b02e8ddee2a848ab31cac8696b6cc6f7630f2aaca9b8032780b68f2e26d42ea1b86b40fd499c394cf8880d3ee6fa4fc6dd4ff236d0a82641a95767ae8f9ef5ed219891f78db23a977a017da0b0c1914334cf3c919ba02eae35d7e98b96c6a9e7e0a6f0f6747cf91c008ebe56522e7dbdf7a942b16e01427ba658543b4438686a62015bcdfffcd05ef587d3ce8a916a6ab0a80c17096a3180a57bc20bdadd9b5380a59567bb4a0b10fcdc5c98a4168753489c45dbf922962dd7a8968de0fc2ad6d4abfd1fcc530a8eea9f025ef6b7442a7a340d1f8b477db5d4e65d864ff2cc559640b47f47381c1d2de06e957199db1dadc94ae0a320b6829ec3e7506856869979f791c2122e6991b3789a87ada5f5169040344b94841e296dc963d38e775cdc5e65eee3bd059e55c5cc1fb31f7061acc19e0b8dcf72b583578fd5557bcc6dbf8b5e0b7185e7d7dca2c08589c8f8d57a8df8b015942f853a69d7ba492337b04c5f3e6e19ec5fbc28aa100174c71912681576dd014bd4d496abcfdf75289dde158bae37686b042df4de5de3dd19105887f3e4e291a30c1f19061bbea43ea75afb678b1377c2bd189b86bf60b1084dcd91d23197e944f691153df147d5051f2d5ed1b0b55677c1e7a6d99aaefc08db70e7d4b5a59e0d8fcffa8fd76d42e4c326b1df840538662c60c046d219beeb81a62c28565cf2a71742bc702a5c9bad03dd69d00da46478bb48d0a85e333c651245ea387f286cc9114f97cbfcdfe0dce4e37da4a41943785781123dace55d34ede0a855b36972ed1442b1404df80f9532a0db809948bd241f3383d56c8a6ef57a9e5549c12f2677a960bf54d7cbaf6560bd86a91ad793bedddbb704324126b5ea2f145b8aeb17d1ef863cde3a3e2749f5bbcbd45673269d8421cc1eb90ec66f7764bb657de407119146d74b460c727c0ffe7a1f85db6f43dea39a1b81bc6f65cfeb8ecba31dae17f16c4d726f4bf778b235ae38c3270c663d1391a4fc48990383dd240714612358ba3d8dfe2dd6f3347146d3e93082a49bdeeec58263a6f7d34e2ed759eb9b0fa298ac063c09ddf39c86d426d1bdbd173cb3283e99cdc301b13557250615e89e870ee820783eec14398fe91996359ff4bfd39f3a36cd5bd697200f5db1b1c4a58bf60d55f99b323450004277e90a32b0ab09327091afe269a871504da4ca79ebdddaa2d246bcbdf3c57c13184cda844255e03b1437ef5e79545b764ec6dd666b17dd0648806805d09e12c68d794a6da81d70454b09fded5d98aaa17d69e0e343995307785cf40e8993dc72d5f2b7ee69efe86ee897d1d0d46a51898c73d09a709fc9180c71d6cae0a6161b4bcd39bc090dd319165d73e312108a1b4b2515c572e03bd4be6184717037e29868d33f7ccc2885af1beae10bef038df839b7cbc126b1baf8f2e14007e49f2d4a95626c625ecdba3333c69cbae6416a18a75769a7020ecdc96630e0a3c920de9329d6bb6b605f6eb5c2ba273bf5efa977bece3bd4ad848fcd2f11a4103f9abed1eee1b7ea2ad1ebb75327125a1eb5f62c6bcd45fcdac8edc6a29aed4a906d86da215b492ff1a726aa4a317af822060a674b9774464d53a477061117cf3a5d38d91bf3df21dfc398ef04f565c53abd7ebb1b41e2bc5bbc5f218598010c829039852216b19d0762cdd7dce5e7620403313180b04a97651350a7c2bf6380363528d733a74a64594d7a801d3fb3fc80cad52a77d5b8518ef89310f8509bef1933ef303562380bb1e381d49b2c08cc56efa1983c63f60107f378704ae1e89b9dfee5b7478e5e6e5dfb62f75387fe010818be933b0504545513739db06db38abc16387f1b7a4f3908a6a2119432997718506a7e750e40215f6d63787aa74cfe039b3d38dec31b9dfbb3ef901a6f66357d60ee51e06f8b72555092b79be38ec8952bda7dc78dc37ef1f35d0506f6a58a1dfe288b5d388df12c5f6f5eeefcc6c4ace03643e7b600904623891d8e31b2ef23fd8137690621f3deaed46cee675b6d968bccb784add5d0ede8e0289a163b00f5a42573936864efcfb2357b6bb5f4e1872aec8f9d7be2059f1d98a3da288016497e5b358dec464e64dfb21edcd591ac769e100db57b3654c3008644839a929063a3c142606efe3edf19f63ef934d7a949bfcf85dcd6b6fd7a64e786f9ddbd1f8bb86ed4203676cc57f4cc32ccbed9888d7be95903dbcf1d60c6e93e7d5683cfd58950f589284e6950651a8624a5bdb4c23d662ff0554914e0c1f1d5e9b189e566d6daba050749cab9e694fb801efd5f6f342cb077912a846536909a9b3b11d95df8983ddc9448f7b1b89017ec4860bd317467d08e6c0656585d4013270fdb5aed829ba2a44725b552014ac4127edb29adf23956e4ed96ef23f052e4ac88252d5c7842b7e255988d2415fb3a46500c686bc3ea214e5c552b916aa0800cd83bce02e2731c8145a28c4fd19891c5e032e762e1f3a183e091bd5475f682593a0d6ac7697d32ec78142699b9664b7f41194daca4867e9d1dce20c3781b03c18a6d5dcc5f716d8d3fa38ed9604b4a8afc0fefa03b02063a33861d8f17574c6801e6b0bb34c54db351554f3b9f7ae6be472cad47aa41a28382bc5e61a001b5b32c7113a363d6a392e757510858313cb6d14d27e34c8e22486376a6c51bdde8827f2005772ec868b67be57f97d9d341074fc5cdef9678b3b72bcd509d53c9244a85bf790e9cf3dcdece8d66c3bbd5baba730ddff52bbb7a66bfe421684192653479b3588a9b4319c57060eb3fb6a7eec73a51bb5836f50944a5d38a81811b0130ecda2966944f475adb4d828a01c88f7dd29de8ae38265bd382d5e9afd9ee27c378cf56e5e4195ca8a4d46f6c28e1e5e9b4a7a3f6942102dfc249020e79e10061ba420ff2d1181ae6020c9ed2f9f386b8b56bf487b9ef0fe86f4443ac720325720b13596efb718ff28082eafd42353321faad5d4ecc427ac9e9a51950c1e4fe8151d8905108eda21082c09b7858dffbea8ad6bad372e8b37949e4d1b5efde2a1974f1d8e05220ae58bf30cd9b914da9a65b08ad806187cc4385994646811851978a1f9a573f8b01db05941db6b7daedca083981b775cce43228e36e27b591be6c435974b6d0e6c082b08a9d07fd3c138431d8238db64cbaabeff4c522d0504329d913afb4f173d19d8c9c84421199074a91aa0c9ece65ddb46032a6dfcb15f09f582c8b6b4adbcaa2f83727eafa9e01a59fa17d481e3afd4a3e94f860be0c8e6d0fe1031c384b0357784f6d170ab328506e22add3dcf367763c2d9e09737aff5ff4836dd7fbd571548bfb94144403c906a5f2763b619df470843ed660f3c48e6d2f6574c6ccff2ef3dd103ed2b60d643f9a9f8435d8878bbfdfa28414935ba08557e8a21a44df75f21dd7be31013a692729649114e2585be2dfddbfe5f2deb6ab8d0cc4e245ae3b1d99d4d4e6c167d798c438664599e10e839864f6beb76d8d193b1cdde48e185fcb897aebc659f14890056b3cc044f32f24f8564fb8e5e6bf92a4365051561e0236916f8c9ff5115793eea703452ca42bfd6bdc3ad80c36e38d090bb8a992ab44ac41c7f661b586cf64ad3822b626c5418a8619a0697c5fd27a59f82b188c38006daa29d3ae07acd4c8bfcb3a3a11428fa92b03d1ee330ce4142b97894222244d43c4bfb8a0d202f7d2fddd32a6fd56a8f32974aa6d036bc641d6fbd85b54be459845f4aaff42d8ae4315d35b08e7cedff13cdf1eb8b3b76e1e82aa91564ef26d8ecb7d757d081a1455f14c6f5b0a53c8e4376083303427ad743b83d28d85724bdb65cada011b2500b058ea5b9124c07824c2b22595cbbfe9287155896f323b0f914334dc4e9db35717f0f6ef50cd4192a9b05b2fdba5840bbc81914b8fe1f34bef54c6f2e1068f8d1a9b51b7b1d9226287cfd7b50eb746a9e2b289fe43d02d8031928992f1b22409221e4557285d440dc2a20b677e8f6160eeb81fc0beca14482c7e6d62105df6b5e9ef5d8607d759513bdd3dd309014811cfc5dc184d990e7f3c1461aa1d1d16e8dc9973d967de1ad69ea605b777213ee511f44396eafe9c090f4997b5c6", @ANYRES32, @ANYRESOCT=0x0, @ANYRES32, @ANYRES16, @ANYRES16=0x0, @ANYRES64, @ANYRES32, @ANYBLOB="0805c250a09347cb0bca3b9f8a8755b3945d3396e6eb14eb64426210d11830f13cb571b8967902d058a39cf86287f14c080fcb8d529bfcda2a3722d8dc8ebe2c29476750ec92bf56619454329e748b3549ba625812d4422958b334db652bd2b9492784354250a06d9b3f22846434889dbea72d8f13aa590030f83b62254e87e4230846ce6bd18bc79e73a1a1fa67571c3ba78979edf79dfc3410b95c51ce90bcca297c2a6995b236c39c5ec957cf8717fa28a560525b50a3a689d2bc34038bc078356614f0c584b2ae572c025c4d8414161f1100073f6fee74feffffffffffffff1e0333b07febbd41add7375c604f3c34b6606013a8172cea655aa6580601b3668ac91df25f684745c94ad9ffc15548d32a8608c5acb60bc437052b2dd51eea8957d673499f6f685feefb2332976ce89829d1cd967d7dd29336387ff12a", @ANYRES32], 0x1, 0x1da, &(0x7f0000004680)="$eJzs20tu00Acx/GfHcduy/u1YYXEAjbEkEaC7ugBuAC7qjVVhQuIsmmFBN1wD47BjptwgVaCExjZtUldPH6FxAn5fqTW06l/M2Mpf2ccKQKwtK4nvy1Z6ietKIo+3ZP08oUkJ/t/IXdWawQwHZF1VvQmbnH3SnkKwGLo/Szu94wF/i1r2NwFgEV2utlL9gHfLenHr4/bJ+lPv+b+4XTTlnrpH+fyrrRStu34kz+2kuNdRzo5l/eUH8D6bBjo61n+gfL51brrT+dfu5BfqwrGj0yxYzs5PLyfz1+SdFnSFUlXJV1Ln7VuSLpZMP/Ohfnv1Fw/MIn41TfI9ZSVrSE/KDnBK8/H1fNqLwweN5p1rJ/mnxSMW4eb5oct58/y6y3zXpofbL8Nd4xnPW85OlDO/qv+m6msf6Pxx4eT1L9jqH8A1Q4Oj15vhWHwvnnDbpWisSyNbCMZ98S36erUl38xe/zk1/m1VzdW52MZ5kbHNyYAU+d/2H/nHxwePdrb39oNdoM3w9HGs9H6cPR0w0/25f4ku3MA82z8pl/vfGfaCwIAAAAAAAAAAAAAAI3dknS760UAAAAAmIlZfJ2o62sEAAAAAAAAAAAAAAAAAAAA/he/AwAA//8PSDtx") r2 = open(&(0x7f00000000c0)='.\x00', 0x101000, 0xc8) getdents(r2, 0x0, 0x0) mkdir(&(0x7f0000000140)='./bus\x00', 0xc) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x40e, &(0x7f0000000500)="$eJzs3T1vHEUfAPD/rs+vyRM70lPw0lhQYAlhx04CRAIJi4aCVKSgxLKdYOUcI/uQSGRBIqgpEB8ACsRHoISC7wA1NBDJQi5w6Iz2bve8nO+c2HfOWfbvJ41uZnczM7tzu7c7mR0HcGZNRsRbETEQEZciYjxfnuYh7jdCtt3O9ubiP9ubi0ns7r73VxJJvqzIK8k/z+UZTKUR6RdJPN+m3I27924vVKvL63l6prb60czG3XuvrKwu3Fq+tXxn7tXLV65eff3a3Gs929et1dE8tvTVL3/+OJHV93y+pLwfJbXhLsqbjMnmMWl1rYt8T6KRUjyp9LEiAAAcKM3v/Sv1+//xGIi9m7fx+PLnvlYOAAAA6Ind3eITAAAAOL0Sz/4AAABwyhXjAHa2NxeL0MfhCDxlW/MRMdFo/0d5aKypNN/pHWx5v7eXJiPinZHrc1mItu9hd/MGNgAAAAA/zTcm/tvf/5fGM6XtRiNirJjbr4cmW9L7+3/Shz0ukpKt+Yg3IuLRvv6/tNhkYiBP/a/eVTiY3FypLl+KiAsRMRWDw1l69oAyPn3h9ved1pX7/775/f3ZrPzsc2+L9GGlpQtwaaG20M0+s2frQcRzlXbtnzT7fMvzZB7FBys7b3Zal7V/1t5F2N/+HKfdbyNeanv+781cmhw8P+tM/Xowk18V2nTX/3b+u887lV8+/7OQlV/8XwDHLzv/xw5u//o8uc35ejcOX8YPf1//tdO6x7d/++v/UHKjXsGhfNknC7Xa+mzEUPLu/uW+TU3F8SiOV9b+Uy+2//0v7v+S/Lf/Qml+6MN4+7OLNzqtc/73V9b+S4c6/w8f+XDs2alO5T/Z+X+lXpkiE/d/j/ekDdTvegIAAAAAAADQG2l9bF+STjfjaTo93Rjn+/8YS6trG7WXb659fGepMQZwIgbTYvzneGk86GzjNfJmeq4lfTkiLkbE1+Oj9fT04lp1qd87DwAAAGfEuQ7P/5k/jvKyBwAAAHAyTfS7AgAAAMCx8/wPAAAAp1o38/pXl9eLPxF0xH/eKTLSo3xETmQkiYgu8xnIv3gnYXf6Enkw3GU+91uXVP57MDtcMNKndGECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOP+DQAA//+JrrWs") syz_mount_image$fuse(0x0, &(0x7f0000000300)='./bus\x00', 0x40000, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 2m25.865651816s ago: executing program 3 (id=306): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4c}) r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x8], 0x0, 0x0, 0x1}}, 0x40) mmap(&(0x7f00001f8000/0x4000)=nil, 0x4000, 0x14, 0x12012, r3, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x800000)=nil, 0x800000}, 0x1}) close_range(r0, 0xffffffffffffffff, 0x10000000000000) 2m24.101313366s ago: executing program 3 (id=312): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x6e22, 0xd, @empty, 0x9}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @local, 0x9}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r2, 0x10040) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x2, @empty, 0x8}, 0x1c) listen(r1, 0x204) 2m23.853701294s ago: executing program 32 (id=312): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x6e22, 0xd, @empty, 0x9}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @local, 0x9}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r2, 0x10040) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x2, @empty, 0x8}, 0x1c) listen(r1, 0x204) 52.194518708s ago: executing program 6 (id=592): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000c00)={0x44, 0x0, &(0x7f0000000100)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r4, &(0x7f0000007fc0)={0x2020}, 0x2020) 51.878845591s ago: executing program 6 (id=594): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$NILFS_IOCTL_GET_SUINFO(r1, 0x80186e84, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40840) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40}, 0x94) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371c00000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0) 51.43854257s ago: executing program 6 (id=597): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x2, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$sock(r3, &(0x7f00000044c0), 0x4000000000001c0, 0x0) recvfrom(r4, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0) 49.908716955s ago: executing program 6 (id=600): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000140)={[{@grpquota}, {@delalloc}, {@usrjquota}, {@nomblk_io_submit}, {@nodioread_nolock}, {}, {@grpquota}, {@inlinecrypt}]}, 0xfe, 0x5e2, &(0x7f0000000dc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQGaGiNFk0oCW5MjBtjTFy5EP8LJbJlpSsXblwZEqKGpYlj7vTe0pnOTOnnrdzfLxl67jlzOWc6feacOXPOnQBKazj9pxKxPyJmkojBZGGprDuywuHF+z3486Oz6S2JWu2135NIsrz8/kn2cyA7uS8ifvwhiX1dK+udnb92cbJanb6aHY/OXZoZnZ2/dvjCpcnz0+enL4+/MH7i+LHjJ8aOrOtxXW+Rd/rmu+8PfjLx5jdf/ZWMffvLRBIn4+Xsjssfx2YZjuH67yRZWTRwYrMrK0hX9ney/ClOugtsEGuSP389EfFEDEZXPHzyBuPjVwptHLClaklEDSipRPxDSeXjgPy9ffP74EohoxJgO9w/tTgBsDL+uxfnBqOvPjew+0ESy6d1kohY38xcoz0RcffOxM1zdyZuxhbNwwGtLdyIiCdbxX9Sj/+h6IuhevxXGuI/HRecyX6m+a+us/7mqWLxD9tnMf77OsZ/tIn/t5bF/9vrrH/4YfKd/ob47+90WsdCAAAAAAAAKKvbpyLi+Vaf/1eW1v9Ei/U/AxFxchPqH246Xvn5f+XeJlQDtHD/VMRLLdf/VvLVv0NdWeo/9fUAPcm5C9XpIxHx34g4FD270uOxDnUc/nTfl+3KhrP1f/ktrf9uthYwa8e97l2N50xNzk1u9HEDEfdvRDzVcv1vstT/Jy36//T1YOYR69j37K0z7cpWj39gq9S+jjjYsv9/eNWKpPP1OUbr44HRfFSw0tMffvZdu/rXG/8uMQEbl/b/uzvH/1Cy/Ho9s2uv4+h8d61d2XrH/73J6/VLzvRmeR9Mzs1dHYvoTU53pbkN+eNrbzM8jvJ4yOMljf9Dz3Se/2sa/9dfGPojYqHp/07+aNxTnPv/3wO/tmuP8T8UJ43/qTX1/2tPjN8a+r5d/Y/W/x+r9/WHshzzf7DoizxMexvzW4Rjd6ui7W4vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhGxJ5LKyFK6UhkZiRiIiP/F7kr1yuzcc+euvHd5Ki2rf/9/Jf+m38HF4yT//v+hZcfjTcdHI2JvRHze1V8/Hjl7pTpV9IMHAAAAAAAAAAAAAAAAAACAHWKgzf7/1G9dRbcO2HLdRTcAKEyL+P+piHYA20//D+Ul/qG8xD+Ul/iH8hL/UF7iH8pL/EN5iX8AAAAAAHis7D1w++ckIhZe7K/fUr1ZWU+hLQO2WqXoBgCFcYkfKC9Lf6C8vMcHklXK+2KozUmrndnJzNkNnAwAAAAAAAAAAAAApXNwv/3/UFb2/0N52f8P5ZXv/z9QcDuA7ec9PhCr7OTva3v3jez/BwAAAAAAAAAAAADWYnb+2sXJanX6qsQbO6MZ25mo1WrX07+CndKef3kiXwq/U9rTlMj3+j3aWcW9JgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI3+CQAA///TxiTg") r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x468, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x43c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0x42c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xa1, 0x6, 0x1, 0x0, "116dc9611895234599d9b7808ac770cd4f3c763befa2cb1da8934ae025bf8290ffe4d087f911eed1f18ee63392442208044261045530611e38cfc83a413a1ef1fc49563dba72dbec1f5a63f2077fa849e571157b09b1f89848f1d406068970cb245c47f46e9a77b9d5bd3aa75390d5ff281a1ecc0aeb7ec6437106f4675c99d313804b769e0a8cefaff00cd3d554f66830f33723abe6e0b97842e4402c"}, @NFTA_SET_ELEM_USERDATA={0x1c, 0x6, 0x1, 0x0, "260ed8ddf7438b9f5d85e3048a71c18c56d228f300000000"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_USERDATA={0x65, 0x6, 0x1, 0x0, "04a361a29fa4a177092873e599095b5a04c0c373626825c69b039f2d5121d73b767c533cbcc0eb7d2d72ca3accdc9134843d9cbe96a2dcedce7b58652e233a11a2e4241b04f9437fec0a06dc34d71eeca97b5b44b2b7c2b56005ceb549ac513873"}, @NFTA_SET_ELEM_DATA={0x240, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc2, 0x1, "722b2fe68f00a7e3851cc8ad8b35abc2818111201fff9e9392d57ed7962d55724b643b8e389b316306dd561520a7a3d221b10268c6f7af11742fa98c04d3b64f0424bc2e0733008f3b2954b45df3abf29e9b478e928526ec98339aca7f60406b8f7396b720cc527cd8c2305edd121f7a8e4f44aa3ec75d5f24d941745df6ccbb56ee13d92a56a22bad2d2d2bf5b29941cf7ad20a884001be6f9211feff91af6118201dd19212fabe69939685fa07eabdad9af7eedfe1a1ceb0bdb16b4ab0"}, @NFTA_DATA_VALUE={0xa9, 0x1, "a836630dc39a2d0380ad357b5977907e1cac1e65c07c440259617a9842bac01c62261a37e68d618dd62e01cca6b4e10562097eddf0306070f203be1c32be07910710bf755cb7a717b3f91de0785d2718ec52f5aec25f921dbef9fe0cdb16a456b9f9b71f1e59464c27d3a39161ee305936cce51189c65fe61505782bcb339fd35a54dde3a4b951b1914734bba43586db67d7fc3ad0754845b0a64ae8ac117733adede919f4"}, @NFTA_DATA_VALUE={0x9a, 0x1, "bb74416c2e0012a058836233fb823a5a13e929c6fd80fb0204b3b5ae409c771599c6416cd91d9b5c979309c7003f76fd10e0da06c1b9794cd494c3887a2ef2c9d20dfe00d749d5f73aeb7fdef8363c0f8fe3b2105802edba7ec5f34950c8d093e672361746fb7a5e56a4ae4bd0ffa411b8a4156bb267"}, @NFTA_DATA_VERDICT={0x50}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPR={0x0, 0x7, 0x0, 0x1, @reject={{}, @void}}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x4ec}}, 0x40000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x24, 0x2, 0x1, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x15}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) mkdir(&(0x7f0000000080)='./bus\x00', 0x3) r2 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000780)=@v1={0x0, @adiantum, 0x1, @desc1}) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) r3 = socket$nl_route(0x10, 0x3, 0x0) fgetxattr(r2, &(0x7f00000000c0)=@random={'trusted.', '\x00'}, &(0x7f00000001c0)=""/138, 0x8a) sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c00000010000304020000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00030000000000004c0012800bf558e00de1b2f200015ac987a864670000000000050016000000000005002b00fa0000000c001e00a00000000000000008001b00fbffffff05002a0000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 48.247575496s ago: executing program 6 (id=607): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000072000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc) 42.42761069s ago: executing program 6 (id=623): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x800, 0x4) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x513000, 0x1000, 0x0, 0x1}, 0x20) setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000340)=0x1, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x2000000, r2}, 0x10) 41.448772868s ago: executing program 33 (id=623): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x800, 0x4) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x513000, 0x1000, 0x0, 0x1}, 0x20) setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000340)=0x1, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x2000000, r2}, 0x10) 19.953580979s ago: executing program 5 (id=678): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x3, 0x841, 0xff, 0x6, 0x4, 0x6}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x255fdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0x2, 0xb}, {0x1, 0xe}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x240040e1}, 0x4044890) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', 0x0}) sendto$packet(r4, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) 13.554193962s ago: executing program 0 (id=686): r0 = gettid() r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000003c0)={0x0, 0x20000005, 0x30}, 0xc) r2 = dup(r1) write$cgroup_subtree(r2, &(0x7f00000005c0)=ANY=[], 0x32600) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000140)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0) 12.852389271s ago: executing program 0 (id=687): bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e22, @multicast1}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x1, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) preadv(r3, &(0x7f0000000100)=[{&(0x7f0000000340)=""/104, 0x68}], 0x1, 0x5b, 0x100) 12.767212101s ago: executing program 1 (id=688): ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0) wait4(r0, 0x0, 0x80000000, 0x0) ptrace(0x10, r0) r1 = syz_pidfd_open(r0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) waitid$P_PIDFD(0x3, r1, 0x0, 0xa000000c, 0x0) ptrace$cont(0x7, r0, 0x5, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x22301, 0x0) 12.761598879s ago: executing program 2 (id=689): setitimer(0x0, &(0x7f0000000080)={{0x77359400}, {0x0, 0x2710}}, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x111) close(r0) r1 = inotify_init1(0x800) fcntl$setstatus(r0, 0x4, 0x2c00) r2 = gettid() fcntl$setown(r0, 0x8, r2) fcntl$setsig(r1, 0xa, 0xe) inotify_add_watch(r0, &(0x7f0000000180)='./control\x00', 0x40000c16) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) rmdir(&(0x7f0000000100)='./control\x00') 12.37240319s ago: executing program 5 (id=690): syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x73, 0x0, @dev, @local}}}}, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) setregid(0x0, 0x0) syz_open_procfs$pagemap(0x0, 0x0) migrate_pages(0x0, 0x9, &(0x7f0000000040)=0x9, &(0x7f0000000380)=0x102) 11.802732492s ago: executing program 4 (id=692): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=@newtfilter={0x43c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {}, {0xffff, 0x9}}, [@filter_kind_options=@f_flow={{0x9}, {0x40c, 0x2, [@TCA_FLOW_POLICE={0x408, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0xffffffff, 0xda, 0x3, 0x0, 0x2a, 0x400100, 0x73d, 0x3509, 0x3, 0x10000, 0x7, 0x1000, 0x9, 0x3, 0x3, 0x882e, 0x408, 0x8, 0x2, 0x9, 0xfffffffb, 0x2, 0x6, 0x80000000, 0x400, 0x5, 0xffff, 0x7a, 0x6, 0x7, 0x7fff, 0xffffff43, 0x8009, 0x6, 0x8, 0x2, 0x57, 0x0, 0x4, 0x80, 0x9, 0xfffffffb, 0x2, 0xcf9f, 0x0, 0x1, 0x8, 0x1, 0x5, 0xfffffff9, 0x8, 0x80000001, 0x8, 0x4, 0x9, 0x2, 0xfffffffd, 0x19, 0x7, 0xc, 0x8, 0x4, 0x1e, 0xfffffe00, 0x7, 0x3, 0x800, 0x1, 0x4, 0x2, 0x1, 0x1, 0x801e, 0x7, 0x400004, 0x6, 0x8, 0x5, 0x48002, 0x5, 0x1, 0x1000, 0x9, 0x1, 0x7ff, 0xd0, 0x8, 0x0, 0x3, 0x1, 0x9, 0xe, 0x7fff, 0xfffffff8, 0x7, 0x0, 0x4, 0x3, 0xffffff40, 0x1, 0x6ddd, 0xf, 0x6, 0x556, 0x1, 0x101, 0x5, 0x80000001, 0x1, 0x0, 0xe0, 0x3, 0x2, 0x6, 0x9, 0x1c00, 0x5, 0xa2, 0x3, 0x8, 0x0, 0x5, 0x8001, 0xbfffffff, 0x7, 0x80, 0xb, 0x0, 0x743, 0x5, 0x3, 0x0, 0x200, 0x5, 0x0, 0x8, 0x3, 0x200100, 0x2, 0x8, 0xfffffffe, 0x6, 0x8, 0xe, 0x4247dc8c, 0x6, 0x204, 0x7ff, 0x5, 0xfffffffe, 0x1c0, 0xf80, 0x7, 0x116b, 0x2302, 0x9, 0x3ff, 0x2, 0x5, 0x1, 0x6, 0xffffffff, 0x4, 0x10001, 0x512d, 0x1, 0x5, 0x2, 0xa3c0, 0x4, 0x8000, 0x10001, 0x15a, 0x4, 0x120000, 0x9, 0x7fffffff, 0x7, 0x8, 0x80000004, 0x5, 0x7e5, 0x49, 0x9, 0x8, 0x10, 0x3, 0x6, 0xf, 0xff, 0x11, 0x6, 0x9, 0x0, 0x200, 0x9, 0xff, 0x4, 0x7, 0x7, 0x8, 0x4, 0x56, 0x4a82, 0xffff0000, 0x7ff, 0x3e1, 0x6, 0x80000000, 0x4c0, 0x5, 0xa, 0x6, 0x2, 0x1000000a, 0x8, 0x49, 0x1a, 0x2000004, 0x1ff, 0x844, 0x6, 0x10000, 0x2, 0x100, 0x8, 0xffffffff, 0x200, 0xc26, 0x4, 0x5, 0x1, 0x7fff, 0xf, 0x401, 0x401, 0x6ba4, 0x7, 0x3565, 0xfffffffe, 0x2, 0xebf, 0x8, 0x1000, 0x0, 0x71f, 0x2, 0xc59, 0x6e8, 0x9, 0x101, 0x80000000, 0x6, 0xc, 0x2]}]}]}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x1}, 0x401) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6) ioctl$PPPIOCSNPMODE(0xffffffffffffffff, 0x4008744b, &(0x7f0000000100)={0x2b, 0x3}) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r1, 0x0, 0x0) sendmmsg(r1, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x18}}], 0x1, 0x0) sendmmsg(r1, &(0x7f0000000300), 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000380)={0x0, 0x9}, 0x8) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r3, @ANYBLOB="0000000003120100500012800b00010062726964676500004000028008000500010000000600270fff0000000800010015000800050025000000020008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40) 11.612243954s ago: executing program 1 (id=693): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(0x0, 0x1) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x50) mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x1, 0x13, r4, 0x0) 11.573229008s ago: executing program 2 (id=694): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42792000) getresuid(&(0x7f0000009fc0), &(0x7f000000a000), &(0x7f000000a040)) r0 = syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000) ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000001e40)={0x4, {"0dbad96fff01000008ff002084000100", "3dfab043e15fad27a639f105b5e9f977", "a7c947420000000000000000ff4a70f3"}, 0x4000c, 0x5}) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/1, 0x1}, {&(0x7f00000000c0)=""/181, 0xb5}], 0x2, 0x1, 0xd) ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000080)={0x6, {"7fb13911afb5ea7f027063aa876dd358", "cfe484e50900", "d9ca451d96249a1dee77476cc87f7d0a"}, 0x6}) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x0, r1}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0) syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000) keyctl$session_to_parent(0x12) 10.225457913s ago: executing program 4 (id=695): openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0_to_batadv\x00', 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) getrlimit(0x2, 0x0) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x61, &(0x7f00000004c0)={0x0, 0x3, 0x14, 0x8003}, 0xff97, 0x0, 0x8, 0x0, 0x80000000, 0x0, 0x0}) 10.112512156s ago: executing program 1 (id=696): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket(0x2, 0x80805, 0x0) pipe2(&(0x7f0000000000), 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) pipe2(&(0x7f0000001040), 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a140100000000000000000008000300000000000800", @ANYRES64=r0], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0) 10.032459154s ago: executing program 5 (id=697): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x4c, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008894}, 0x40000) 9.681148826s ago: executing program 2 (id=698): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x17) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000005c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aae", 0xb) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002440)=[{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="57cd4e", 0x3}, {&(0x7f0000000580)="3222f0476ed4765dc271a2c4fc02", 0xe}], 0x2, &(0x7f0000001a40)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4000801}], 0x1, 0x40) recvmmsg(r2, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}, 0xffffff0b}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000028c0)=""/4096, 0x1000}], 0x1}, 0xf}], 0x2, 0x2101, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000005580)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELOBJ={0xb4, 0x14, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_OBJ_USERDATA={0x6f, 0x8, "dcf482a437981760b41b15d9aa6437d49beb8e2f278bdcd9b6427d8f5393d4593c2b3667927d230cfe9a968fa0e9230513c578a9ee444ddffa5ec156a33ecde9614c2b0f1cf73daede055c1f0833be15191b5664df9abdde1885c451297a204c10e034283c8996b6233fda"}]}, @NFT_MSG_NEWTABLE={0xc4, 0x0, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x11, 0x6, "caa827f5345c98c89c2610f761"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0x70, 0x6, "f26c231d1754d4a72ae880a0032781e3bcb2c43ce686ee542f03e274b8f02991f78849a57acae29b44214ca81397ee05289b295f9ef36deecf525e6db3d029c8d282b856ed5cf322d26c9f80014b5eb076572e88c464fa5800d5030b70461fb4d1065f34d8c12ad68aa1a301"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWFLOWTABLE={0x74, 0x16, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_FLOWTABLE_HOOK={0x40, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'pim6reg1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x214}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f0000000000)={0x2, 'bond_slave_0\x00', {0x7}, 0x706d}) r4 = epoll_create1(0x0) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r4, 0x40786e88, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3, 0x13, r0, 0x54c5a000) 8.93898613s ago: executing program 4 (id=699): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f00000000c0)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x2) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r3, r3) setpgid(0x0, r3) fchdir(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000ec0)=[{{&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0) mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x4000, 0x0) mount$bind(0x0, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1002025, 0x0) 8.000013343s ago: executing program 0 (id=700): prlimit64(0x0, 0xe, &(0x7f00000003c0)={0xfff, 0x4000000007}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) syz_open_dev$MSR(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@cgroup=r3, r1, 0xb, 0x20}, 0x20) write$P9_RLERRORu(r1, &(0x7f0000000100)=ANY=[], 0xe) 7.980549174s ago: executing program 4 (id=701): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) close(r0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1) fcntl$setlease(r2, 0x400, 0x1) r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r4 = memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00x0) ioctl$BINDER_GET_FROZEN_INFO(r0, 0xc00c620f, &(0x7f0000000180)={r1}) r2 = socket$pppl2tp(0x18, 0x1, 0x1) getsockopt$SO_TIMESTAMP(r2, 0x1, 0x40, 0x0, &(0x7f0000000100)) r3 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0xe8}}, 0x0) 7.738036338s ago: executing program 2 (id=703): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setresuid(0x0, 0xee01, 0x0) r3 = fanotify_init(0x200, 0x0) close(r3) 7.553105722s ago: executing program 5 (id=704): syz_open_dev$video(0x0, 0x2fed, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_pwait(r4, &(0x7f0000000040)=[{}], 0x1, 0xff, 0x0, 0x2000) 7.394321349s ago: executing program 1 (id=705): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket(0x10, 0x3, 0x4) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newqdisc={0x68, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0x1}, {0x1}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xfc, 0x200, 0x7, 0x0, 0x1, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0x7, 0x6, 0x2, 0x2, 0x0, 0x7, 0x8}}, {0x4}}]}]}, 0x68}}, 0x20000000) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1005c, '\x00', 0x0, @fallback=0x24}, 0x94) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000300)={r1}, &(0x7f0000000580)=0x8) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x101142, 0xeaff) write$binfmt_aout(r4, &(0x7f0000000180)=ANY=[], 0x29f) ioctl$FICLONERANGE(r4, 0x4020940d, &(0x7f00000000c0)={{r4}, 0x0, 0x4, 0x100000}) ioctl$UFFDIO_MOVE(r4, 0xc028aa05, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x1000, 0x4486da49443558b9}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x401, 0xfffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, 0xe59bca127d81b872, 0xc574450d1af3b5bc}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x4}}}, @IFLA_IFNAME={0x14, 0x3, 'bond_slave_1\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20044010}, 0x4840) 7.336275284s ago: executing program 0 (id=706): syz_open_procfs(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x10) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) syz_open_dev$radio(&(0x7f00000003c0), 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x9, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0xff00, 0x9, 0x0, 0xf, 0x7ffffffe}, 0x0, 0x0) 3.695368144s ago: executing program 2 (id=707): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r3, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2003c00010100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02", 0x97) r4 = socket$inet(0x2, 0x3, 0x9) ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000000)={{0x2, 0x4, @broadcast}, {0x1, @broadcast}, 0x4a, {0x2, 0x102, @initdev={0xac, 0x1e, 0x2, 0x0}}, 'ip6gretap0\x00'}) 3.680372892s ago: executing program 5 (id=708): r0 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1) r1 = dup(r0) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb3209000) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r2, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x1) 3.502358938s ago: executing program 0 (id=709): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6) ioprio_get$uid(0x3, 0x0) open$dir(0x0, 0x48000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) 3.500998129s ago: executing program 4 (id=710): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000030feffff720af0fff8ffffff61a4f0ff000000002d040000000000003d400300000000006504000001ed000079130000000000006c44000000000000"], 0x0}, 0x94) syz_emit_ethernet(0x5a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaac7533137cd4e1eaaaaaaaaaaaa0008004e00004c00000000000690780a010102ac1414aa070f04a976bc4b4c9e3e260cbfad990444140b01e000000100", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x800) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="400404"], 0x7) 2.164705701s ago: executing program 0 (id=711): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(r0, 0x0, 0x0) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x1}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r3, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x4, @mcast1}, 0x1c) setsockopt$sock_int(r3, 0x1, 0x1d, &(0x7f0000000080)=0x53, 0x4) recvmmsg(r3, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0) 622.272825ms ago: executing program 2 (id=712): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) r1 = socket$igmp(0x2, 0x3, 0x2) r2 = dup(0xffffffffffffffff) read$rfkill(r2, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x8048051) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x3, 0x0, 0x7d, 0xa, @vifc_lcl_addr=@remote, @multicast2}, 0x10) setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c) 175.938819ms ago: executing program 5 (id=713): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$NILFS_IOCTL_DELETE_CHECKPOINT(r0, 0x40086e81, &(0x7f00000000c0)=0x4) r1 = syz_open_dev$usbmon(&(0x7f0000000200), 0x7, 0x141000) ioctl$MON_IOCQ_URB_LEN(r1, 0x9201) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000206030000000300686173683a69000000000100000000000900020073797a311b000097cc26afc28057001400078008001340000017e508001240000000090000000000"], 0x48}}, 0x4080) socket(0x1, 0x5, 0x0) socket$igmp6(0xa, 0x3, 0x2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x17, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x4, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x100000000, 0x100, 0x4, 0x2, 0x4bf, 0x3, 0x8, 0x8}) clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0x20000000e, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x4, 0x5, 0x9, 0xc, 0x9, 0x7, 0x9, 0x8, 0x3, 0xb, 0xfffffffffffffffc, 0x2, 0x5, 0x7, 0x7, 0x3, 0x6}) r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x48000, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x1000, 0xffff8000) 112.698635ms ago: executing program 4 (id=714): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x200cc0c5, &(0x7f0000000080)={0xa, 0x4c20, 0x0, @mcast2}, 0x1c) sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0) 0s ago: executing program 1 (id=715): ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040844}, 0x800) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x8, 0x1, 0xd, 0x3f, 0x6, "3eccd25569e20900"}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) socket$pppl2tp(0x18, 0x1, 0x1) r2 = syz_open_dev$swradio(0x0, 0x1, 0x2) ioctl$VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000040)={0x1, 0xb, 0x1, "3c2c6700fcfea800faff00d8dd4007ff0000e411ea8800000000000000001000", 0x32314d59}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x12) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x40) close_range(r1, 0xffffffffffffffff, 0x200000000000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. [ 82.411322][ T5614] cgroup: Unknown subsys name 'net' [ 82.521160][ T5614] cgroup: Unknown subsys name 'cpuset' [ 82.530763][ T5614] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.072363][ T5614] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.070285][ T803] cfg80211: failed to load regulatory.db [ 88.045427][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.056281][ T5654] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.067199][ T5654] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.076465][ T5654] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.084210][ T5654] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.092308][ T5654] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.101042][ T5655] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.101245][ T5654] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.113475][ T5655] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.116079][ T5654] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.123126][ T5655] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.130283][ T5654] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.137599][ T5655] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.146735][ T5654] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.159677][ T5655] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.168831][ T5657] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.169052][ T5655] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.176999][ T5657] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.184013][ T5655] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.197928][ T5655] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.205297][ T5657] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.208069][ T5655] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.220488][ T5657] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.223822][ T5655] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.227616][ T4944] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.238358][ T5655] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.248905][ T5657] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.249528][ T5655] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.272613][ T5649] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.290807][ T5644] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.226284][ T5644] Bluetooth: hci0: command tx timeout [ 90.248689][ T5636] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.257001][ T5636] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.265178][ T5636] bridge_slave_0: entered allmulticast mode [ 90.273936][ T5636] bridge_slave_0: entered promiscuous mode [ 90.306493][ T5647] Bluetooth: hci2: command tx timeout [ 90.306509][ T5649] Bluetooth: hci4: command tx timeout [ 90.318757][ T5644] Bluetooth: hci5: command tx timeout [ 90.334246][ T5636] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.342294][ T5636] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.350821][ T5636] bridge_slave_1: entered allmulticast mode [ 90.359654][ T5636] bridge_slave_1: entered promiscuous mode [ 90.385960][ T5647] Bluetooth: hci3: command tx timeout [ 90.392056][ T5644] Bluetooth: hci1: command tx timeout [ 90.554355][ T5636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.568014][ T5636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.741259][ T5635] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.749540][ T5635] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.756962][ T5635] bridge_slave_0: entered allmulticast mode [ 90.764559][ T5635] bridge_slave_0: entered promiscuous mode [ 90.774436][ T5636] team0: Port device team_slave_0 added [ 90.818243][ T5635] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.825466][ T5635] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.833143][ T5635] bridge_slave_1: entered allmulticast mode [ 90.840889][ T5635] bridge_slave_1: entered promiscuous mode [ 90.850170][ T5636] team0: Port device team_slave_1 added [ 90.898599][ T5639] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.906141][ T5639] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.914054][ T5639] bridge_slave_0: entered allmulticast mode [ 90.921990][ T5639] bridge_slave_0: entered promiscuous mode [ 90.982110][ T5639] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.989560][ T5639] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.997345][ T5639] bridge_slave_1: entered allmulticast mode [ 91.004889][ T5639] bridge_slave_1: entered promiscuous mode [ 91.025089][ T5636] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.032449][ T5636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.058914][ T5636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.119689][ T5635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.129822][ T5636] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.136944][ T5636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.163283][ T5636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.227666][ T5635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.257249][ T5637] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.264486][ T5637] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.272045][ T5637] bridge_slave_0: entered allmulticast mode [ 91.280880][ T5637] bridge_slave_0: entered promiscuous mode [ 91.298397][ T5639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.345034][ T5637] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.352310][ T5637] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.359787][ T5637] bridge_slave_1: entered allmulticast mode [ 91.367553][ T5637] bridge_slave_1: entered promiscuous mode [ 91.389139][ T5639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.415329][ T5635] team0: Port device team_slave_0 added [ 91.421176][ T5640] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.428662][ T5640] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.436164][ T5640] bridge_slave_0: entered allmulticast mode [ 91.443892][ T5640] bridge_slave_0: entered promiscuous mode [ 91.504174][ T5635] team0: Port device team_slave_1 added [ 91.510159][ T5640] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.517775][ T5640] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.525082][ T5640] bridge_slave_1: entered allmulticast mode [ 91.533169][ T5640] bridge_slave_1: entered promiscuous mode [ 91.553245][ T5638] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.560459][ T5638] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.567978][ T5638] bridge_slave_0: entered allmulticast mode [ 91.575790][ T5638] bridge_slave_0: entered promiscuous mode [ 91.586027][ T5639] team0: Port device team_slave_0 added [ 91.643926][ T5637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.653420][ T5638] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.660711][ T5638] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.667944][ T5638] bridge_slave_1: entered allmulticast mode [ 91.675529][ T5638] bridge_slave_1: entered promiscuous mode [ 91.684841][ T5639] team0: Port device team_slave_1 added [ 91.697188][ T5636] hsr_slave_0: entered promiscuous mode [ 91.703836][ T5636] hsr_slave_1: entered promiscuous mode [ 91.712290][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.719322][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.745295][ T5635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.773565][ T5637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.819099][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.826362][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.852363][ T5635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.866546][ T5640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.915344][ T5639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.922578][ T5639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.948853][ T5639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.970997][ T5640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.008941][ T5638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.028483][ T5639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.035974][ T5639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.062148][ T5639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.095266][ T5637] team0: Port device team_slave_0 added [ 92.103894][ T5638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.137642][ T5640] team0: Port device team_slave_0 added [ 92.145823][ T5637] team0: Port device team_slave_1 added [ 92.189621][ T5640] team0: Port device team_slave_1 added [ 92.280926][ T5638] team0: Port device team_slave_0 added [ 92.300619][ T5635] hsr_slave_0: entered promiscuous mode [ 92.307128][ T5644] Bluetooth: hci0: command tx timeout [ 92.313726][ T5635] hsr_slave_1: entered promiscuous mode [ 92.320452][ T5635] debugfs: 'hsr0' already exists in 'hsr' [ 92.326299][ T5635] Cannot create hsr debugfs directory [ 92.357124][ T5637] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.364180][ T5637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.386394][ T5644] Bluetooth: hci4: command tx timeout [ 92.390378][ T5647] Bluetooth: hci5: command tx timeout [ 92.390424][ T5647] Bluetooth: hci2: command tx timeout [ 92.396819][ T5637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.421370][ T5638] team0: Port device team_slave_1 added [ 92.427692][ T5637] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.434637][ T5637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.460727][ T5637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.475836][ T5644] Bluetooth: hci3: command tx timeout [ 92.481743][ T5647] Bluetooth: hci1: command tx timeout [ 92.508752][ T5639] hsr_slave_0: entered promiscuous mode [ 92.515427][ T5639] hsr_slave_1: entered promiscuous mode [ 92.522672][ T5639] debugfs: 'hsr0' already exists in 'hsr' [ 92.529577][ T5639] Cannot create hsr debugfs directory [ 92.538178][ T5640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.552374][ T5640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.579090][ T5640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.654287][ T5640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.661401][ T5640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.687821][ T5640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.712125][ T5638] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.719457][ T5638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.745476][ T5638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.791429][ T5638] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.798740][ T5638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.824770][ T5638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.954139][ T5637] hsr_slave_0: entered promiscuous mode [ 92.961241][ T5637] hsr_slave_1: entered promiscuous mode [ 92.967705][ T5637] debugfs: 'hsr0' already exists in 'hsr' [ 92.973433][ T5637] Cannot create hsr debugfs directory [ 93.023996][ T5640] hsr_slave_0: entered promiscuous mode [ 93.030660][ T5640] hsr_slave_1: entered promiscuous mode [ 93.038114][ T5640] debugfs: 'hsr0' already exists in 'hsr' [ 93.043916][ T5640] Cannot create hsr debugfs directory [ 93.183771][ T5638] hsr_slave_0: entered promiscuous mode [ 93.191521][ T5638] hsr_slave_1: entered promiscuous mode [ 93.198037][ T5638] debugfs: 'hsr0' already exists in 'hsr' [ 93.203775][ T5638] Cannot create hsr debugfs directory [ 93.504519][ T5636] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.518670][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.527211][ T5636] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.538308][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.576417][ T5636] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.587203][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.632617][ T5636] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.644794][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 93.809379][ T5639] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.821835][ T5639] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.832493][ T5639] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.842765][ T5639] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.854636][ T5639] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.866323][ T5639] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.886283][ T5639] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.897723][ T5639] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 93.979995][ T5635] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 93.999548][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.019034][ T5635] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 94.029926][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.038135][ T5635] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 94.049799][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.064926][ T5635] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 94.076196][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.171715][ T5640] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 94.182147][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.190629][ T5640] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 94.201781][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.210978][ T5640] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 94.221046][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.241971][ T5640] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 94.253416][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.283095][ T5636] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.385289][ T5637] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.396261][ T5644] Bluetooth: hci0: command tx timeout [ 94.397952][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.429936][ T5637] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.440576][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.449140][ T5637] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.460674][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.468010][ T5647] Bluetooth: hci5: command tx timeout [ 94.473851][ T5644] Bluetooth: hci4: command tx timeout [ 94.479537][ T5649] Bluetooth: hci2: command tx timeout [ 94.503842][ T5637] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.515054][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.528716][ T5636] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.546752][ T5644] Bluetooth: hci3: command tx timeout [ 94.546817][ T5647] Bluetooth: hci1: command tx timeout [ 94.572074][ T5639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.630989][ T134] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.639365][ T134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.668602][ T5638] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.680638][ T5638] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.693208][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.700436][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.713641][ T5639] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.729970][ T5638] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.740286][ T5638] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.748736][ T5638] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.759032][ T5638] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.768088][ T5638] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.779736][ T5638] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.808913][ T143] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.816144][ T143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.850218][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.857410][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.898656][ T5635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.990281][ T5635] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.031682][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.038857][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.087083][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.094294][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.140606][ T5640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.274508][ T5637] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.291786][ T5640] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.313279][ T1118] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.320470][ T1118] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.357802][ T1118] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.364946][ T1118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.449112][ T5637] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.487328][ T1118] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.494626][ T1118] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.538638][ T1118] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.545884][ T1118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.597878][ T5638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.753513][ T5638] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.825328][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.832575][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.924617][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.931906][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.248840][ T5636] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.466349][ T5647] Bluetooth: hci0: command tx timeout [ 96.515804][ T5636] veth0_vlan: entered promiscuous mode [ 96.547292][ T5647] Bluetooth: hci4: command tx timeout [ 96.553014][ T5644] Bluetooth: hci5: command tx timeout [ 96.558472][ T5649] Bluetooth: hci2: command tx timeout [ 96.626579][ T5649] Bluetooth: hci1: command tx timeout [ 96.627768][ T5644] Bluetooth: hci3: command tx timeout [ 96.639835][ T5639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.675935][ T5636] veth1_vlan: entered promiscuous mode [ 96.908009][ T5636] veth0_macvtap: entered promiscuous mode [ 96.983647][ T5636] veth1_macvtap: entered promiscuous mode [ 97.010088][ T5640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.084109][ T5635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.105008][ T5639] veth0_vlan: entered promiscuous mode [ 97.155377][ T5636] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.210987][ T5639] veth1_vlan: entered promiscuous mode [ 97.234223][ T5636] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.337630][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.377044][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.413493][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.442636][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.534948][ T5637] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.556910][ T5638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.611125][ T5639] veth0_macvtap: entered promiscuous mode [ 97.644492][ T5639] veth1_macvtap: entered promiscuous mode [ 97.724185][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.734862][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.809794][ T3343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.812352][ T5639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.822097][ T3343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.856746][ T5639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.892342][ T5637] veth0_vlan: entered promiscuous mode [ 97.905009][ T143] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.916794][ T143] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.927707][ T5640] veth0_vlan: entered promiscuous mode [ 97.953067][ T5636] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.969931][ T143] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.979181][ T143] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.023706][ T5640] veth1_vlan: entered promiscuous mode [ 98.051752][ T5638] veth0_vlan: entered promiscuous mode [ 98.064538][ T5637] veth1_vlan: entered promiscuous mode [ 98.127354][ T5635] veth0_vlan: entered promiscuous mode [ 98.190004][ T5635] veth1_vlan: entered promiscuous mode [ 98.236247][ T5638] veth1_vlan: entered promiscuous mode [ 98.309454][ T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.313038][ T5640] veth0_macvtap: entered promiscuous mode [ 98.334254][ T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.349369][ T5869] loop1: detected capacity change from 0 to 8192 [ 98.355845][ T5637] veth0_macvtap: entered promiscuous mode [ 98.397351][ T5637] veth1_macvtap: entered promiscuous mode [ 98.407733][ T5869] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 98.424471][ T5640] veth1_macvtap: entered promiscuous mode [ 98.497148][ T5635] veth0_macvtap: entered promiscuous mode [ 98.580169][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.584157][ T5635] veth1_macvtap: entered promiscuous mode [ 98.599376][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.605295][ T5872] sctp: [Deprecated]: syz.1.8 (pid 5872) Use of int in max_burst socket option deprecated. [ 98.605295][ T5872] Use struct sctp_assoc_value instead [ 98.645756][ T5638] veth0_macvtap: entered promiscuous mode [ 98.668982][ T5637] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.717188][ T5640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.749200][ T5638] veth1_macvtap: entered promiscuous mode [ 98.791361][ T5637] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.816245][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.833483][ T143] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.844315][ T143] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.860349][ T5640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.904497][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.923103][ T143] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.932867][ T143] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.000615][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.015921][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.070353][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.094867][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.145500][ T5638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.179084][ T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.198332][ T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.229774][ T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.246726][ T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.319709][ T5638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.403794][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.422923][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.485399][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.514028][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.596844][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.614260][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.678445][ T1118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.704320][ T1118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.782056][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.790980][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.791377][ T5882] loop2: detected capacity change from 0 to 32768 [ 99.911924][ T143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.949384][ T143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.992702][ T5885] process 'syz.1.12' launched './file0' with NULL argv: empty string added [ 100.062254][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.092398][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.291757][ T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.295977][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.334985][ T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.347626][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.597978][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.629986][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.288812][ T5907] tipc: Started in network mode [ 101.315760][ T5907] tipc: Node identity 765e2129a828, cluster identity 4711 [ 101.354710][ T5907] tipc: Enabled bearer , priority 0 [ 101.397550][ T5911] syzkaller0: MTU too low for tipc bearer [ 101.424938][ T5911] tipc: Disabling bearer [ 101.935857][ T5914] netlink: 20 bytes leftover after parsing attributes in process `syz.4.17'. [ 104.397974][ T5946] syz_tun: entered allmulticast mode [ 104.536975][ T5942] syz_tun: left allmulticast mode [ 104.703612][ T30] audit: type=1326 audit(1780097583.300:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 104.974648][ T30] audit: type=1326 audit(1780097583.310:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 105.004767][ T30] audit: type=1326 audit(1780097583.310:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 105.805138][ T30] audit: type=1326 audit(1780097583.300:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 105.831352][ T30] audit: type=1326 audit(1780097583.310:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 105.996242][ T30] audit: type=1326 audit(1780097583.310:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 106.106827][ T30] audit: type=1326 audit(1780097583.370:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0eed9ce59 code=0x7ffc0000 [ 106.234548][ T30] audit: type=1326 audit(1780097583.370:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd0eed9cbc2 code=0x7ffc0000 [ 106.365978][ T30] audit: type=1326 audit(1780097583.370:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd0eed9cc57 code=0x7ffc0000 [ 106.460724][ T30] audit: type=1326 audit(1780097583.370:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5949 comm="syz.1.28" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd0eed59b51 code=0x7ffc0000 [ 107.807169][ T5960] orangefs_mount: mount request failed with -4 [ 108.584458][ T990] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 108.806644][ T990] usb 6-1: Using ep0 maxpacket: 16 [ 108.844982][ T990] usb 6-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 108.883439][ T990] usb 6-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 108.923887][ T990] usb 6-1: Product: syz [ 108.941177][ T990] usb 6-1: Manufacturer: syz [ 108.961512][ T990] usb 6-1: SerialNumber: syz [ 109.039453][ T990] usb 6-1: config 0 descriptor?? [ 109.471968][ T990] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=1] err=-71 [ 109.529904][ T990] peak_usb 6-1:0.0: unable to read PCAN-Chip USB firmware info (err -71) [ 109.842099][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.2.41'. [ 109.902333][ T990] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71 [ 109.969793][ T990] usb 6-1: USB disconnect, device number 2 [ 110.520724][ T6041] Zero length message leads to an empty skb [ 111.682502][ T6052] loop5: detected capacity change from 0 to 4096 [ 111.774844][ T6052] EXT4-fs (loop5): Test dummy encryption mode enabled [ 111.806522][ T6052] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 111.864485][ T6052] EXT4-fs (loop5): can't mount with both data=journal and delalloc [ 112.063129][ T6065] mmap: syz.3.51 (6065) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 112.450193][ T6070] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 113.412909][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'. [ 114.831612][ T990] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 114.842205][ T6115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.71'. [ 114.998560][ T990] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 115.023397][ T990] usb 3-1: config 4 has 0 interfaces, different from the descriptor's value: 1 [ 115.056798][ T990] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 115.098182][ T990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.652545][ T6110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.700608][ T6110] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.719902][ T6150] tipc: Started in network mode [ 117.744036][ T6150] tipc: Node identity 4, cluster identity 4711 [ 117.769736][ T6150] tipc: Node number set to 4 [ 117.818287][ T5794] usb 3-1: USB disconnect, device number 2 [ 117.877911][ T6155] warning: `syz.3.83' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 118.662890][ T6182] netlink: 24 bytes leftover after parsing attributes in process `syz.0.94'. [ 119.821377][ T6196] capability: warning: `syz.4.97' uses deprecated v2 capabilities in a way that may be insecure [ 119.878701][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 119.878721][ T30] audit: type=1800 audit(1780097598.490:33): pid=6200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.99" name="bus" dev="tmpfs" ino=91 res=0 errno=0 [ 119.991881][ T6203] loop2: detected capacity change from 0 to 8 [ 120.117335][ T6203] SQUASHFS error: zlib decompression failed, data probably corrupt [ 120.126001][ T6203] SQUASHFS error: Failed to read block 0x9b: -5 [ 120.132902][ T6203] SQUASHFS error: Unable to read metadata cache entry [99] [ 120.140289][ T6203] SQUASHFS error: Unable to read inode 0x127 [ 122.720419][ T6250] netlink: 'syz.2.106': attribute type 1 has an invalid length. [ 122.844675][ T6250] macvlan2: entered promiscuous mode [ 122.867482][ T6250] macvlan2: entered allmulticast mode [ 123.163681][ T6256] loop1: detected capacity change from 0 to 4096 [ 123.217686][ T6256] EXT4-fs: inline encryption not supported [ 123.293235][ T6256] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 123.344695][ T990] kernel read not supported for file bpf-prog (pid: 990 comm: kworker/0:2) [ 123.362761][ T6256] EXT4-fs (loop1): Test dummy encryption mode enabled [ 123.518169][ T6256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.535797][ T803] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 123.735705][ T803] usb 6-1: Using ep0 maxpacket: 8 [ 123.760606][ T803] usb 6-1: unable to get BOS descriptor or descriptor too short [ 123.783513][ T803] usb 6-1: too many configurations: 141, using maximum allowed: 8 [ 123.815451][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 124.045788][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 124.060368][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 124.081058][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 124.108580][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 124.897543][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 124.917633][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 124.928058][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 124.944134][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 125.004662][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.201214][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 125.255128][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.311725][ T6274] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 125.331654][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 125.367408][ T6274] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 125.391924][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.433061][ T6274] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 125.448926][ T803] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 125.476974][ T803] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.525009][ T803] usb 6-1: New USB device found, idVendor=15ca, idProduct=0101, bcdDevice= 0.40 [ 125.548282][ T803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.569547][ T6274] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 125.578783][ T803] usb 6-1: Product: syz [ 125.578819][ T803] usb 6-1: Manufacturer: syz [ 125.578838][ T803] usb 6-1: SerialNumber: syz [ 125.649142][ T6274] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 126.658104][ T803] usb 6-1: USB disconnect, device number 3 [ 126.828597][ T5786] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 127.028760][ T5786] usb 1-1: Using ep0 maxpacket: 32 [ 127.053356][ T5786] usb 1-1: config 8 has an invalid interface number: 37 but max is 0 [ 127.085065][ T5786] usb 1-1: config 8 has no interface number 0 [ 127.104888][ T5786] usb 1-1: config 8 interface 37 has no altsetting 0 [ 127.150190][ T5786] usb 1-1: New USB device found, idVendor=0b57, idProduct=89b6, bcdDevice=c8.fb [ 127.203641][ T5786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.254170][ T5786] usb 1-1: Product: syz [ 127.272433][ T5786] usb 1-1: Manufacturer: syz [ 127.290954][ T5786] usb 1-1: SerialNumber: syz [ 127.809848][ T6288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 127.863877][ T6288] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.979395][ T5786] usbhid 1-1:8.37: couldn't find an input interrupt endpoint [ 128.070455][ T5786] usb 1-1: USB disconnect, device number 2 [ 128.081621][ T6315] netlink: 4 bytes leftover after parsing attributes in process `syz.5.126'. [ 129.499902][ T6361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.710251][ T6353] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.859580][ T6353] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.940645][ T5636] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.067101][ T5786] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 130.266928][ T5786] usb 3-1: Using ep0 maxpacket: 32 [ 130.297802][ T5786] usb 3-1: config 0 has an invalid interface number: 12 but max is 0 [ 130.325403][ T5786] usb 3-1: config 0 has no interface number 0 [ 130.335861][ T5786] usb 3-1: config 0 interface 12 has no altsetting 0 [ 130.360688][ T5786] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 130.413383][ T5786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.413544][ T5786] usb 3-1: Product: syz [ 130.413670][ T5786] usb 3-1: Manufacturer: syz [ 130.413854][ T5786] usb 3-1: SerialNumber: syz [ 130.804921][ T5786] usb 3-1: config 0 descriptor?? [ 131.110306][ T6384] loop5: detected capacity change from 0 to 128 [ 131.154713][ T6384] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 131.218206][ T6384] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 131.253032][ T6389] netlink: 'syz.4.138': attribute type 4 has an invalid length. [ 131.273718][ T5778] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 131.323279][ T6389] netlink: 'syz.4.138': attribute type 4 has an invalid length. [ 131.440910][ T5778] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 131.470017][ T5778] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 131.501603][ T5778] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 131.544207][ T5778] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.582171][ T6380] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 131.658141][ T5778] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 131.914864][ T6401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.141'. [ 132.098950][ T5640] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.107092][ T5778] usb 1-1: USB disconnect, device number 3 [ 132.168058][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.181838][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.269766][ T6401] team0: Port device team_slave_0 removed [ 132.727980][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.5.145'. [ 132.737238][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.5.145'. [ 133.020116][ T6417] netlink: 36 bytes leftover after parsing attributes in process `syz.1.147'. [ 133.039627][ T6417] netlink: 36 bytes leftover after parsing attributes in process `syz.1.147'. [ 133.054972][ T5786] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 133.069592][ T6417] vlan0: entered promiscuous mode [ 133.077194][ T6419] capability: warning: `syz.3.150' uses 32-bit capabilities (legacy support in use) [ 133.082866][ T6416] loop5: detected capacity change from 0 to 1024 [ 133.087112][ T5786] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71 [ 133.116280][ T5786] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 133.151628][ T5786] f81534 3-1:0.12: probe with driver f81534 failed with error -71 [ 133.193875][ T5786] usb 3-1: USB disconnect, device number 3 [ 133.200670][ T6416] hfsplus: failed to load extents file [ 133.338897][ T6416] loop5: detected capacity change from 0 to 1024 [ 133.339692][ T6420] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.447114][ T6420] batadv_slave_0: entered promiscuous mode [ 133.929811][ T30] audit: type=1804 audit(1780097612.540:34): pid=6432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.154" name="/newroot/34/file0" dev="tmpfs" ino=192 res=1 errno=0 [ 135.059216][ T6446] loop5: detected capacity change from 0 to 1764 [ 135.076602][ T6446] iso9660: Unknown parameter '184467440737095516151844674407370955161501777777777777777777777ÿÿÿÿÿ0xffffffffffffffffÿÿÿÿ' [ 136.102746][ T6430] loop3: detected capacity change from 0 to 32768 [ 136.262496][ T6454] syz.5.161 uses obsolete (PF_INET,SOCK_PACKET) [ 137.254613][ T6462] loop5: detected capacity change from 0 to 512 [ 137.287661][ T6462] EXT4-fs error (device loop5): ext4_orphan_get:1397: inode #15: comm syz.5.164: iget: bad i_size value: 38620345925642 [ 137.321689][ T6462] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 137.325639][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 137.342438][ C1] EXT4-fs (loop5): initial error at time 1780097615: ext4_orphan_get:1397: inode 15 [ 137.351881][ C1] EXT4-fs (loop5): last error at time 1780097615: ext4_orphan_get:1397: inode 15 [ 137.378271][ T6462] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.164: couldn't read orphan inode 15 (err -117) [ 137.425945][ T6462] loop5: lost filesystem error report for type 5 error -117 [ 137.490082][ T6462] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.718117][ T6475] EXT4-fs (loop5): shut down requested (1) [ 137.920468][ T5640] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.155455][ T6508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.177'. [ 141.248130][ T6508] gretap1: entered allmulticast mode [ 141.816324][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 141.987780][ T9] usb 4-1: config 0 has no interfaces? [ 142.018546][ T9] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 142.055021][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 142.087297][ T9] usb 4-1: SerialNumber: syz [ 142.119909][ T9] usb 4-1: config 0 descriptor?? [ 142.377071][ T9] usb 4-1: USB disconnect, device number 2 [ 142.466316][ T6524] netlink: 24 bytes leftover after parsing attributes in process `syz.5.184'. [ 142.598185][ T6522] netlink: 14 bytes leftover after parsing attributes in process `syz.1.182'. [ 142.694311][ T6528] tipc: Failed to remove unknown binding: 66,0,0/0:2435625430/2435625431 [ 143.286245][ T6540] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 144.136164][ T5794] IPVS: starting estimator thread 0... [ 144.267684][ T6550] IPVS: using max 25 ests per chain, 60000 per kthread [ 144.455840][ T29] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 145.265680][ T29] usb 3-1: Using ep0 maxpacket: 16 [ 145.931762][ T6583] kernel profiling enabled (shift: 9) [ 146.133398][ T29] usb 3-1: unable to get BOS descriptor or descriptor too short [ 146.167949][ T29] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 146.197319][ T29] usb 3-1: can't read configurations, error -71 [ 148.171796][ T6610] ip6t_rpfilter: unknown options [ 151.869711][ T6621] xt_hashlimit: size too large, truncated to 1048576 [ 152.884810][ T6650] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 152.893200][ T6650] @0Ù: renamed from bond_slave_1 (while UP) [ 154.487082][ T6674] loop1: detected capacity change from 0 to 4096 [ 154.602761][ T6674] EXT4-fs (loop1): Test dummy encryption mode enabled [ 154.832262][ T6674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.062831][ T6674] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 155.211363][ T6674] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2" [ 155.466056][ T5636] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.115628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 157.171652][ T6703] loop0: detected capacity change from 0 to 32768 [ 157.209969][ T6703] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 157.220154][ T6703] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 157.271889][ T6703] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 157.292113][ T5778] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 157.307510][ T5778] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 157.770234][ T6713] loop4: detected capacity change from 0 to 2048 [ 158.457026][ T5778] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1149ms [ 158.682664][ T5778] gfs2: fsid=syz:syz.0: jid=0: Done [ 158.689972][ T6703] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 159.625262][ T6713] loop4: p1 < > p4 [ 159.625262][ T6713] p4: [ 160.693577][ T6713] loop4: p4 size 722688 extends beyond EOD, truncated [ 161.187369][ T4994] loop4: p1 < > p4 [ 161.187369][ T4994] p4: [ 161.242261][ T4994] loop4: p4 size 722688 extends beyond EOD, truncated [ 161.378944][ T6744] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 161.455205][ T6750] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 161.773952][ T5763] udevd[5763]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 161.781749][ T6316] udevd[6316]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 162.363618][ T6777] PKCS8: Unsupported PKCS#8 version [ 162.988045][ T6781] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 163.246151][ T5778] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 163.339254][ T6787] syzkaller0: entered promiscuous mode [ 163.365431][ T6787] syzkaller0: entered allmulticast mode [ 163.425785][ T5778] usb 3-1: Using ep0 maxpacket: 8 [ 163.452554][ T5778] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 163.486060][ T5778] usb 3-1: config 0 has no interface number 0 [ 163.510551][ T5778] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 163.528511][ T5778] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.540585][ T5778] usb 3-1: Product: syz [ 163.551350][ T5778] usb 3-1: Manufacturer: syz [ 163.559018][ T5778] usb 3-1: SerialNumber: syz [ 163.576932][ T5778] usb 3-1: config 0 descriptor?? [ 163.716215][ T803] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 163.749976][ T6797] binder: 6796:6797 ioctl c0306201 200000000080 returned -14 [ 163.795206][ T6797] binder: 6796:6797 ioctl c0306201 2000000003c0 returned -14 [ 163.805818][ T5778] uvcvideo 3-1:0.31: probe with driver uvcvideo failed with error -22 [ 163.837521][ T5778] usb 3-1: USB disconnect, device number 6 [ 163.952651][ T803] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 163.977015][ T803] usb 2-1: can't read configurations, error -71 [ 164.202311][ T6807] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 164.211084][ T6807] IPv6: NLM_F_CREATE should be set when creating new route [ 164.225489][ T6804] 8021q: adding VLAN 0 to HW filter on device bond1 [ 164.277146][ T6808] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 164.289314][ T6808] bond1: (slave macvlan2): making interface the new active one [ 164.300369][ T6808] bond1: (slave macvlan2): Enslaving as an active interface with an up link [ 164.526606][ T6809] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.535483][ T6809] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.719949][ T6814] uprobe: syz.2.280:6814 failed to unregister, leaking uprobe [ 165.000453][ T6829] binder: BINDER_SET_CONTEXT_MGR already set [ 165.036542][ T6829] binder: 6828:6829 ioctl 4018620d 2000000002c0 returned -16 [ 165.083855][ T6809] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 165.728234][ T6809] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 165.911611][ T6838] loop4: detected capacity change from 0 to 512 [ 166.125304][ T6843] ======================================================= [ 166.125304][ T6843] WARNING: The mand mount option has been deprecated and [ 166.125304][ T6843] and is ignored by this kernel. Remove the mand [ 166.125304][ T6843] option from the mount to silence this warning. [ 166.125304][ T6843] ======================================================= [ 166.594304][ T6838] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 166.697686][ T6846] netlink: 20 bytes leftover after parsing attributes in process `syz.3.289'. [ 166.859461][ T6838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.868421][ T6853] fuse: Unknown parameter '00000000000000000000' [ 166.940642][ T6838] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.171549][ T6838] EXT4-fs error (device loop4): ext4_lookup:1785: inode #15: comm syz.4.286: invalid fast symlink length 10 [ 167.224940][ T6838] EXT4-fs (loop4): Remounting filesystem read-only [ 167.238967][ T5778] bond_slave_0: entered promiscuous mode [ 167.245928][ T5778] @0Ù: entered promiscuous mode [ 167.254778][ T6838] xt_hashlimit: size too large, truncated to 1048576 [ 168.069566][ T6846] ip6gre1: entered promiscuous mode [ 168.079351][ T6846] ip6gre1: entered allmulticast mode [ 168.094325][ T48] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.154213][ T48] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.207898][ T6854] netlink: 'syz.3.289': attribute type 6 has an invalid length. [ 168.245698][ T6854] netlink: 72 bytes leftover after parsing attributes in process `syz.3.289'. [ 168.283848][ T48] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.325665][ T48] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.534126][ T6882] loop3: detected capacity change from 0 to 64 [ 168.634166][ T5635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.723539][ T6882] syz.3.299: attempt to access beyond end of device [ 168.723539][ T6882] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 168.800996][ T6882] overlayfs: failed to create directory ./file0/work (errno: 5); mounting read-only [ 168.824305][ T6887] xt_hashlimit: size too large, truncated to 1048576 [ 168.849677][ T6882] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 168.876301][ T6882] overlayfs: failed to get uuid (/bus, err=-95); falling back to uuid=null. [ 169.515726][ T6900] loop4: detected capacity change from 0 to 512 [ 169.529779][ T6900] EXT4-fs: Ignoring removed mblk_io_submit option [ 169.883512][ T6900] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.896150][ T6900] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 170.172320][ T6906] loop2: detected capacity change from 0 to 128 [ 170.232339][ T6906] EXT4-fs (loop2): Test dummy encryption mode enabled [ 170.266809][ T5635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.291217][ T6906] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 170.304762][ T6906] System zones: 1-3, 19-19, 35-36 [ 170.317830][ T6906] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 170.334018][ T6906] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.500946][ T30] audit: type=1800 audit(1780098157.117:35): pid=6906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.305" name="file1" dev="loop2" ino=13 res=0 errno=0 [ 170.656925][ T5639] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 172.231964][ T5649] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 172.243094][ T5649] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 172.255991][ T5649] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 172.268723][ T5649] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 172.278396][ T5649] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 172.333342][ T134] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.435237][ T5778] IPVS: starting estimator thread 0... [ 172.546120][ T6936] IPVS: using max 24 ests per chain, 57600 per kthread [ 173.004825][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.320'. [ 173.027854][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.320'. [ 173.340848][ T6949] loop2: detected capacity change from 0 to 512 [ 173.464417][ T6949] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.322: iget: bad i_size value: 38620345925642 [ 173.513152][ T134] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.591546][ T6949] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 173.606782][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 173.622432][ C0] EXT4-fs (loop2): initial error at time 1780098160: ext4_orphan_get:1397: inode 15 [ 173.631890][ C0] EXT4-fs (loop2): last error at time 1780098160: ext4_orphan_get:1397: inode 15 [ 173.718290][ T6949] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.322: couldn't read orphan inode 15 (err -117) [ 173.745738][ T6817] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 173.755054][ T6949] loop2: lost filesystem error report for type 5 error -117 [ 173.763164][ T6949] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.131486][ T6817] usb 1-1: Using ep0 maxpacket: 8 [ 174.445652][ T5649] Bluetooth: hci2: command tx timeout [ 174.604042][ T6817] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 174.638011][ T6817] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 174.686756][ T6817] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 174.731016][ T6959] loop5: detected capacity change from 0 to 4096 [ 174.734768][ T6817] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 174.751463][ T6964] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.322: bg 0: block 5: invalid block bitmap [ 174.777438][ T6817] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 174.791787][ T6959] EXT4-fs: Ignoring removed mblk_io_submit option [ 174.833697][ T6964] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28 [ 174.851818][ T6817] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 174.873464][ T6959] EXT4-fs (loop5): Test dummy encryption mode enabled [ 174.877844][ T134] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.899975][ T6817] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.924905][ T6964] EXT4-fs (loop2): This should not happen!! Data will be lost [ 174.924905][ T6964] [ 174.954069][ T6959] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.039712][ T6964] EXT4-fs (loop2): Total free blocks count 0 [ 175.055959][ T6964] EXT4-fs (loop2): Free/Dirty block details [ 175.075672][ T6964] EXT4-fs (loop2): free_blocks=0 [ 175.086889][ T6964] EXT4-fs (loop2): dirty_blocks=68 [ 175.105611][ T6964] EXT4-fs (loop2): Block reservation details [ 175.142008][ T6964] EXT4-fs (loop2): i_reserved_data_blocks=68 [ 175.207998][ T6949] EXT4-fs (loop2): shut down requested (0) [ 175.253757][ T6817] usb 1-1: usb_control_msg returned -32 [ 175.287729][ T6817] usbtmc 1-1:16.0: can't read capabilities [ 175.363612][ T134] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.526702][ T6948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.560420][ T6948] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.590314][ T6948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.608892][ T6948] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.701908][ T6817] usb 1-1: USB disconnect, device number 4 [ 176.376094][ T5640] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.466008][ T5649] Bluetooth: hci2: command tx timeout [ 176.766550][ T6986] loop5: detected capacity change from 0 to 1024 [ 176.784505][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'. [ 176.821145][ T6986] hfsplus: failed to load extents file [ 177.006583][ T6986] input: syz1 as /devices/virtual/input/input6 [ 177.323102][ T134] bridge_slave_1: left allmulticast mode [ 177.334909][ T134] bridge_slave_1: left promiscuous mode [ 177.348044][ T134] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.430824][ T134] bridge_slave_0: left allmulticast mode [ 177.458744][ T134] bridge_slave_0: left promiscuous mode [ 177.478457][ T134] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.545758][ T5649] Bluetooth: hci2: command tx timeout [ 178.691485][ T7008] loop2: detected capacity change from 0 to 512 [ 178.713527][ T134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 178.785741][ T7008] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.812980][ T134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 178.865007][ T7008] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.894681][ T134] bond0 (unregistering): Released all slaves [ 180.387529][ T134] tipc: Left network mode [ 180.625627][ T5649] Bluetooth: hci2: command tx timeout [ 182.076598][ T5639] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.764090][ T7033] ÿ: renamed from dummy0 [ 183.042901][ T7057] netlink: 'syz.5.348': attribute type 1 has an invalid length. [ 183.613229][ T7076] xt_hashlimit: overflow, try lower: 3/0 [ 184.594135][ T7057] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 185.673636][ T7062] veth5: entered promiscuous mode [ 185.945896][ T7106] loop0: detected capacity change from 0 to 512 [ 186.005420][ T5290] 8021q: adding VLAN 0 to HW filter on device eth1 [ 186.012728][ T7106] EXT4-fs error (device loop0): ext4_iget_extra_inode:5128: inode #15: comm syz.0.360: corrupted in-inode xattr: invalid size in ea xattr [ 186.142769][ T7106] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 186.143417][ T7106] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.360: couldn't read orphan inode 15 (err -117) [ 186.152644][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 186.152684][ C0] EXT4-fs (loop0): initial error at time 1780098172: ext4_iget_extra_inode:5128: inode 15 [ 186.152723][ C0] EXT4-fs (loop0): last error at time 1780098172: ext4_iget_extra_inode:5128: inode 15 [ 186.251432][ T7106] loop0: lost filesystem error report for type 5 error -117 [ 186.467887][ T7106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.306960][ T134] hsr_slave_0: left promiscuous mode [ 187.386063][ T134] hsr_slave_1: left promiscuous mode [ 187.504734][ T134] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.670189][ T134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.938203][ T134] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.972375][ T134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 188.172448][ T134] veth1_macvtap: left promiscuous mode [ 188.204070][ T134] veth0_macvtap: left promiscuous mode [ 188.224896][ T134] veth1_vlan: left promiscuous mode [ 188.264527][ T134] veth0_vlan: left promiscuous mode [ 188.327285][ T5637] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.446328][ T7151] Cannot find add_set index 0 as target [ 190.645411][ T7150] loop2: detected capacity change from 0 to 1024 [ 190.748576][ T30] audit: type=1326 audit(1780098177.367:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 190.856462][ T30] audit: type=1326 audit(1780098177.397:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 190.933825][ T30] audit: type=1326 audit(1780098177.397:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.060806][ T5645] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 191.069793][ T30] audit: type=1326 audit(1780098177.397:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.156057][ T30] audit: type=1326 audit(1780098177.397:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.233314][ T30] audit: type=1326 audit(1780098177.397:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.285185][ T30] audit: type=1326 audit(1780098177.397:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.319245][ T5645] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11 [ 191.343017][ T30] audit: type=1326 audit(1780098177.397:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.360035][ T5645] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 191.406370][ T30] audit: type=1326 audit(1780098177.397:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.406430][ T30] audit: type=1326 audit(1780098177.397:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.2.370" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 191.438264][ T5645] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 191.438300][ T5645] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 191.438325][ T5645] usb 6-1: SerialNumber: syz [ 191.881472][ T5645] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 191.933424][ T5645] usb 6-1: USB disconnect, device number 4 [ 192.138824][ T134] team0 (unregistering): Port device team_slave_1 removed [ 193.349755][ T7180] Set syz0 is full, maxelem 0 reached [ 193.589474][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.617251][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.231065][ T6930] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.245749][ T6930] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.139305][ T6930] bridge_slave_0: entered allmulticast mode [ 195.150088][ T6930] bridge_slave_0: entered promiscuous mode [ 196.131169][ T6930] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.167619][ T6930] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.846077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 197.255670][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 197.665690][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 199.441896][ T6930] bridge_slave_1: entered allmulticast mode [ 199.476539][ T6930] bridge_slave_1: entered promiscuous mode [ 199.639075][ T6930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.731059][ T7207] xt_bpf: check failed: parse error [ 199.770391][ T6930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.001404][ T6930] team0: Port device team_slave_0 added [ 200.043542][ T6930] team0: Port device team_slave_1 added [ 200.209252][ T6930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.239199][ T6930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 200.277067][ T6930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 200.301112][ T6930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.322017][ T6930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 200.588607][ T7229] fuse: Bad value for 'fd' [ 200.851645][ T6930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.405498][ T6930] hsr_slave_0: entered promiscuous mode [ 201.432974][ T6930] hsr_slave_1: entered promiscuous mode [ 201.464597][ T6930] debugfs: 'hsr0' already exists in 'hsr' [ 201.486793][ T6930] Cannot create hsr debugfs directory [ 201.607965][ T7253] loop4: detected capacity change from 0 to 1024 [ 203.130077][ T5290] 8021q: adding VLAN 0 to HW filter on device eth2 [ 203.338366][ T7270] futex_wake_op: à³OñJ÷N\ìg´é tries to shift op by 144; fix this program [ 203.589061][ T6930] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 203.608410][ T7278] loop1: detected capacity change from 0 to 256 [ 203.639608][ T6930] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 203.674360][ T6930] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 203.681300][ T7278] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x478b151d, utbl_chksum : 0xe619d30d) [ 203.828767][ T6930] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 204.010695][ T6930] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 204.331308][ T6930] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 204.349731][ T6930] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 204.480253][ T6930] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 204.951954][ T6930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.144435][ T6930] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.881972][ T152] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.889264][ T152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.982009][ T134] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.989279][ T134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.301561][ T7318] loop1: detected capacity change from 0 to 256 [ 206.466906][ T7318] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x478b151d, utbl_chksum : 0xe619d30d) [ 208.299114][ T7327] loop2: detected capacity change from 0 to 32768 [ 208.431919][ T7327] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 208.794847][ T5290] 8021q: adding VLAN 0 to HW filter on device eth3 [ 209.347402][ T5639] ocfs2: Unmounting device (7,2) on (node local) [ 209.680135][ T5657] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 209.690983][ T5657] Bluetooth: hci3: Injecting HCI hardware error event [ 209.977100][ T6819] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 210.014391][ T7356] netlink: 'syz.4.422': attribute type 298 has an invalid length. [ 210.145933][ T6819] usb 1-1: Using ep0 maxpacket: 16 [ 210.188067][ T6819] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 210.230680][ T6819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 210.292978][ T6819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 210.331058][ T6819] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 210.370670][ T6819] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 210.427725][ T6819] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 210.459381][ T6819] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 210.479828][ T6819] usb 1-1: Manufacturer: syz [ 210.505241][ T6819] usb 1-1: config 0 descriptor?? [ 210.512919][ T6930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.877189][ T6819] rc_core: IR keymap rc-hauppauge not found [ 210.877210][ T6819] Registered IR keymap rc-empty [ 210.877582][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 210.908197][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 210.931950][ T6819] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 210.941874][ T6819] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input7 [ 210.979089][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 210.996361][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.016235][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.038331][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 211.046475][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.052294][ T5657] Bluetooth: hci0: command 0x0406 tx timeout [ 211.059846][ T5654] Bluetooth: hci1: command 0x0406 tx timeout [ 211.066648][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 211.066691][ T50] Bluetooth: hci5: command 0x0406 tx timeout [ 211.135721][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.167313][ T5655] Bluetooth: hci3: hardware error 0x00 [ 211.205782][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.247697][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.265598][ T7393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.417'. [ 211.297399][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.346040][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.367804][ T6819] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 211.431174][ T7393] team0 (unregistering): Port device team_slave_0 removed [ 211.435088][ T6819] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 211.467748][ T6819] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 211.492974][ T6819] usb 1-1: USB disconnect, device number 5 [ 211.583477][ T7399] netlink: 'syz.4.430': attribute type 4 has an invalid length. [ 211.633817][ T7401] netlink: 'syz.4.430': attribute type 4 has an invalid length. [ 211.718460][ T7393] team0 (unregistering): Port device team_slave_1 removed [ 212.491932][ T7398] netlink: 'syz.4.430': attribute type 4 has an invalid length. [ 212.574909][ T5290] 8021q: adding VLAN 0 to HW filter on device eth4 [ 212.688007][ T6930] veth0_vlan: entered promiscuous mode [ 212.732968][ T6930] veth1_vlan: entered promiscuous mode [ 212.834682][ T6930] veth0_macvtap: entered promiscuous mode [ 212.886416][ T6930] veth1_macvtap: entered promiscuous mode [ 212.994743][ T6930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 213.055093][ T6930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.096908][ T152] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.118862][ T152] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.156550][ T152] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.180352][ T152] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.266025][ T5655] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 213.403564][ T6022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.442970][ T6022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.570750][ T6240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.584057][ T6240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.688242][ T7438] netlink: 4 bytes leftover after parsing attributes in process `syz.5.440'. [ 213.724978][ T6825] IPVS: starting estimator thread 0... [ 213.826164][ T7441] IPVS: using max 26 ests per chain, 62400 per kthread [ 214.546191][ T7458] Invalid option length (57448) for dns_resolver key [ 217.770405][ T5645] IPVS: starting estimator thread 0... [ 217.878710][ T7497] IPVS: using max 24 ests per chain, 57600 per kthread [ 218.359747][ T7502] netlink: 'syz.2.458': attribute type 1 has an invalid length. [ 218.441169][ T7502] netlink: 'syz.2.458': attribute type 4 has an invalid length. [ 218.495457][ T7502] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.458'. [ 218.620463][ T7506] syzkaller0: entered promiscuous mode [ 218.638197][ T7506] syzkaller0: entered allmulticast mode [ 218.699963][ T7507] tipc: Started in network mode [ 218.721270][ T7507] tipc: Node identity 02880d1af39, cluster identity 4711 [ 218.753747][ T7507] tipc: Enabled bearer , priority 0 [ 218.952354][ T7505] tipc: Resetting bearer [ 220.139163][ T7505] tipc: Disabling bearer [ 221.379261][ T29] tipc: Node number set to 4044885274 [ 221.517900][ T7531] syzkaller0: entered promiscuous mode [ 221.539462][ T7531] syzkaller0: entered allmulticast mode [ 221.573686][ T7533] tipc: Started in network mode [ 221.589509][ T7534] loop4: detected capacity change from 0 to 64 [ 221.594411][ T7533] tipc: Node identity aa5cb85bdeec, cluster identity 4711 [ 221.623860][ T7533] tipc: Enabled bearer , priority 0 [ 222.897692][ T30] kauditd_printk_skb: 42 callbacks suppressed [ 222.897714][ T30] audit: type=1800 audit(1780098465.503:88): pid=7534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.469" name="file1" dev="loop4" ino=23 res=0 errno=0 [ 222.952248][ T29] tipc: Node number set to 1957738587 [ 223.128117][ T30] audit: type=1800 audit(1780098465.613:89): pid=7551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.469" name="file1" dev="loop4" ino=23 res=0 errno=0 [ 227.074585][ T7577] loop0: detected capacity change from 0 to 2048 [ 227.382861][ T7579] loop1: detected capacity change from 0 to 40427 [ 227.409443][ T5635] hfs: node 4:3 still has 1 user(s)! [ 227.421316][ T7579] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 227.429585][ T7579] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 227.455281][ T7579] F2FS-fs (loop1): invalid crc value [ 227.562140][ T7582] xt_NFQUEUE: number of queues (51632) out of range (got 109621) [ 227.822007][ T7579] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 228.075042][ T7579] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 228.083043][ T7579] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 229.048031][ T7577] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.335615][ T6817] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 229.468562][ T7598] netlink: zone id is out of range [ 229.535636][ T6817] usb 3-1: Using ep0 maxpacket: 16 [ 229.812418][ T7598] netlink: zone id is out of range [ 230.061983][ T6817] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 230.238356][ T7598] netlink: zone id is out of range [ 230.256519][ T7598] netlink: zone id is out of range [ 230.310162][ T7598] netlink: zone id is out of range [ 230.334173][ T6817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 230.381499][ T6817] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 230.392227][ T7598] netlink: zone id is out of range [ 230.414914][ T6817] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.430528][ T7598] netlink: zone id is out of range [ 230.454470][ T6817] usb 3-1: Product: syz [ 230.469711][ T6817] usb 3-1: Manufacturer: syz [ 230.470047][ T7598] netlink: zone id is out of range [ 230.484681][ T6817] usb 3-1: SerialNumber: syz [ 230.521976][ T6817] usb 3-1: config 0 descriptor?? [ 230.530323][ T7598] netlink: zone id is out of range [ 230.559339][ T7598] netlink: zone id is out of range [ 230.644302][ T6817] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 230.676671][ T6817] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 231.086104][ T7616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 231.978390][ T6817] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 232.681957][ T6817] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 232.751965][ T6817] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 232.805107][ T6817] em28xx 3-1:0.0: No AC97 audio processor [ 232.864533][ T6817] usb 3-1: USB disconnect, device number 7 [ 232.902248][ T6817] em28xx 3-1:0.0: Disconnecting em28xx [ 233.232990][ T6817] em28xx 3-1:0.0: Freeing device [ 234.428138][ T7648] loop4: detected capacity change from 0 to 512 [ 235.124054][ T7654] netlink: 8 bytes leftover after parsing attributes in process `syz.6.499'. [ 235.602571][ T7648] EXT4-fs (loop4): 1 orphan inode deleted [ 235.778366][ T57] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 235.857605][ T7648] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.872310][ T57] EXT4-fs error (device loop4): ext4_release_dquot:7070: comm kworker/u8:4: Failed to release dquot type 1 [ 235.964342][ T57] loop4: lost filesystem error report for type 5 error -117 [ 235.981591][ T7648] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.070915][ T7648] tipc: Started in network mode [ 237.104907][ T7648] tipc: Node identity ac14140f, cluster identity 4711 [ 237.137891][ T7648] tipc: New replicast peer: 172.30.0.5 [ 237.169324][ T7693] loop5: detected capacity change from 0 to 512 [ 237.247928][ T7648] tipc: Enabled bearer , priority 10 [ 237.329119][ T7698] IPv6: NLM_F_CREATE should be specified when creating new route [ 237.650652][ T7692] netlink: 12 bytes leftover after parsing attributes in process `syz.4.497'. [ 237.909507][ T7692] tipc: Disabling bearer [ 237.935591][ T7693] EXT4-fs (loop5): Test dummy encryption mode enabled [ 237.965821][ T7693] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 238.137996][ T7693] EXT4-fs error (device loop5): ext4_orphan_get:1423: comm syz.5.505: bad orphan inode 131083 [ 238.163699][ T7693] loop5: lost filesystem error report for type 5 error -117 [ 238.165551][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 238.179322][ C0] EXT4-fs (loop5): initial error at time 1780098480: ext4_orphan_get:1423 [ 238.187927][ C0] EXT4-fs (loop5): last error at time 1780098480: ext4_orphan_get:1423 [ 238.191616][ T7693] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.405746][ T5640] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.804467][ T5635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.808954][ T7724] netlink: 240 bytes leftover after parsing attributes in process `syz.1.509'. [ 238.904660][ T7730] loop1: detected capacity change from 0 to 8 [ 240.039653][ T7738] bridge_slave_0: left allmulticast mode [ 240.045419][ T7738] bridge_slave_0: left promiscuous mode [ 240.055250][ T7738] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.081427][ T7738] bridge_slave_1: left allmulticast mode [ 240.087334][ T7738] bridge_slave_1: left promiscuous mode [ 240.093201][ T7738] bridge0: port 2(bridge_slave_1) entered disabled state [ 240.122406][ T7738] bond0: (slave bond_slave_0): Releasing backup interface [ 240.154493][ T7738] bond0: (slave bond_slave_1): Releasing backup interface [ 240.172580][ T7738] team0: Port device team_slave_0 removed [ 240.181543][ T7738] team0: Port device team_slave_1 removed [ 240.189897][ T7738] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 240.209279][ T7738] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 240.222504][ T7738] net_ratelimit: 44 callbacks suppressed [ 240.222524][ T7738] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 240.325207][ T7745] team0: Mode changed to "loadbalance" [ 240.750086][ T7764] loop6: detected capacity change from 0 to 4096 [ 240.772786][ T7764] EXT4-fs: Ignoring removed orlov option [ 241.281937][ T7778] set match dimension is over the limit! [ 242.055472][ T7764] EXT4-fs: Mount option(s) incompatible with ext2 [ 244.943839][ T7814] netlink: 'syz.4.533': attribute type 12 has an invalid length. [ 246.843149][ T7836] loop2: detected capacity change from 0 to 16 [ 246.865343][ T7836] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 246.936847][ T6991] udevd[6991]: incorrect cramfs checksum on /dev/loop2 [ 247.013756][ T6991] udevd[6991]: incorrect cramfs checksum on /dev/loop2 [ 247.852369][ T30] audit: type=1800 audit(1780098490.463:90): pid=7835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.543" name="bus" dev="ramfs" ino=15886 res=0 errno=0 [ 247.873838][ T7834] loop4: detected capacity change from 0 to 4096 [ 248.025343][ T7834] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 250.285822][ T7869] Set syz0 is full, maxelem 0 reached [ 252.482460][ T7894] loop6: detected capacity change from 0 to 1024 [ 254.689138][ T7894] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.027672][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.034081][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.174159][ T6930] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.211247][ T7928] syzkaller0: entered promiscuous mode [ 256.265944][ T7928] syzkaller0: entered allmulticast mode [ 256.536877][ T7889] Set syz1 is full, maxelem 65536 reached [ 257.559610][ T7949] netlink: 12 bytes leftover after parsing attributes in process `syz.5.570'. [ 258.285928][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 258.708991][ T30] audit: type=1326 audit(1780098500.583:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7951 comm="syz.2.572" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd55959ce59 code=0x0 [ 259.252334][ T7954] bond2 (unregistering): Released all slaves [ 259.790465][ T7971] loop4: detected capacity change from 0 to 32768 [ 259.804004][ T7971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.577 (7971) [ 259.833348][ T7971] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 259.844309][ T7971] BTRFS info (device loop4): using sha256 checksum algorithm [ 259.953233][ T7971] BTRFS info (device loop4): setting nodatasum [ 259.959534][ T7971] BTRFS info (device loop4): enabling ssd optimizations [ 259.966722][ T7971] BTRFS info (device loop4): turning on async discard [ 259.973494][ T7971] BTRFS info (device loop4): enabling free space tree [ 260.149299][ T6013] wlan1: Trigger new scan to find an IBSS to join [ 260.245888][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.5.581'. [ 263.260645][ T5635] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 263.535348][ T8029] netlink: 164 bytes leftover after parsing attributes in process `syz.5.591'. [ 263.972540][ T8036] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.009606][ T8036] bridge_slave_0 (unregistering): left allmulticast mode [ 264.016875][ T8036] bridge_slave_0 (unregistering): left promiscuous mode [ 264.024834][ T8036] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.451168][ T152] wlan1: Trigger new scan to find an IBSS to join [ 266.073570][ T8057] loop6: detected capacity change from 0 to 1024 [ 266.124333][ T8057] EXT4-fs: Ignoring removed nomblk_io_submit option [ 266.158051][ T8057] EXT4-fs: inline encryption not supported [ 266.207896][ T8057] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 266.341478][ T8057] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.048011][ T8073] syz.6.600 (pid 8073) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 267.153749][ T6022] wlan1: Creating new IBSS network, BSSID f2:6d:e4:a2:f9:70 [ 267.166229][ T30] audit: type=1326 audit(1780098509.763:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 267.250430][ T8057] overlayfs: failed to create directory ./bus/work (errno: 126); mounting read-only [ 267.303587][ T8073] netlink: 72 bytes leftover after parsing attributes in process `syz.6.600'. [ 267.315428][ T8057] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 267.455632][ T30] audit: type=1326 audit(1780098509.763:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 267.505812][ T30] audit: type=1326 audit(1780098509.783:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 267.642394][ T30] audit: type=1326 audit(1780098509.813:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 267.962058][ T30] audit: type=1326 audit(1780098509.813:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 268.277133][ T6930] EXT4-fs error (device loop6): ext4_iget_extra_inode:5128: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 268.305661][ T30] audit: type=1326 audit(1780098509.833:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd55955d68e code=0x7ffc0000 [ 268.354197][ T6930] EXT4-fs error (device loop6): ext4_iget_extra_inode:5128: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 268.401075][ T30] audit: type=1326 audit(1780098509.953:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 268.472630][ T30] audit: type=1326 audit(1780098509.953:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 269.355144][ T30] audit: type=1326 audit(1780098509.953:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 269.575121][ T30] audit: type=1326 audit(1780098509.963:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8064 comm="syz.2.601" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fd55959ce59 code=0x7ffc0000 [ 271.424546][ T6930] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.008984][ T8138] netlink: 4 bytes leftover after parsing attributes in process `syz.0.622'. [ 274.043250][ T8138] netlink: 4 bytes leftover after parsing attributes in process `syz.0.622'. [ 274.110722][ T152] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.278861][ T152] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.439951][ T152] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.533912][ T152] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.336756][ T152] bridge_slave_1: left allmulticast mode [ 278.370970][ T5641] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 278.372233][ T152] bridge_slave_1: left promiscuous mode [ 278.391801][ T5641] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 278.407089][ T5641] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 278.415892][ T152] bridge0: port 2(bridge_slave_1) entered disabled state [ 278.426270][ T5641] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 278.440037][ T5641] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 280.205571][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 280.549603][ T5641] Bluetooth: hci2: command tx timeout [ 281.599650][ T152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 281.650942][ T152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 281.713775][ T152] bond0 (unregistering): Released all slaves [ 282.278364][ T5290] 8021q: adding VLAN 0 to HW filter on device eth6 [ 282.434819][ T8216] netlink: 16 bytes leftover after parsing attributes in process `syz.2.637'. [ 282.626002][ T5641] Bluetooth: hci2: command tx timeout [ 282.871679][ T152] hsr_slave_0: left promiscuous mode [ 282.915329][ T152] hsr_slave_1: left promiscuous mode [ 282.951038][ T152] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 282.983655][ T152] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 283.037897][ T152] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 283.081941][ T152] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 283.398411][ T152] veth1_macvtap: left promiscuous mode [ 283.415417][ T152] veth0_macvtap: left promiscuous mode [ 283.455902][ T152] veth1_vlan: left promiscuous mode [ 283.563441][ T152] veth0_vlan: left promiscuous mode [ 284.705895][ T5641] Bluetooth: hci2: command tx timeout [ 286.997495][ T8284] loop5: detected capacity change from 0 to 24 [ 287.004713][ T8284] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 287.025663][ T5641] Bluetooth: hci2: command tx timeout [ 287.115643][ T8284] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 287.911378][ T152] team0 (unregistering): Port device team_slave_1 removed [ 288.158932][ T152] team0 (unregistering): Port device team_slave_0 removed [ 288.590587][ T5290] 8021q: adding VLAN 0 to HW filter on device eth5 [ 289.534338][ T152] IPVS: stop unused estimator thread 0... [ 291.889777][ T8163] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.916066][ T8163] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.947603][ T8163] bridge_slave_0: entered allmulticast mode [ 291.968780][ T8163] bridge_slave_0: entered promiscuous mode [ 291.986891][ T8163] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.003526][ T8163] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.028467][ T8163] bridge_slave_1: entered allmulticast mode [ 292.053074][ T8163] bridge_slave_1: entered promiscuous mode [ 292.090586][ T8349] loop2: detected capacity change from 0 to 256 [ 292.275188][ T8163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.317078][ T8349] FAT-fs (loop2): bogus sectors per cluster 0 [ 292.363066][ T8163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.441434][ T8349] FAT-fs (loop2): Can't find a valid FAT filesystem [ 292.522958][ T8356] loop5: detected capacity change from 0 to 4096 [ 292.532134][ T8356] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 292.577495][ T5290] 8021q: adding VLAN 0 to HW filter on device eth7 [ 292.592578][ T8163] team0: Port device team_slave_0 added [ 292.771619][ T8356] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 292.951706][ T8370] netlink: 'syz.0.671': attribute type 1 has an invalid length. [ 293.188185][ T8163] team0: Port device team_slave_1 added [ 293.585098][ T8356] overlayfs: upper fs does not support tmpfile. [ 293.617865][ T8370] 8021q: adding VLAN 0 to HW filter on device bond1 [ 293.686444][ T8371] vlan0: entered allmulticast mode [ 293.704189][ T8371] bond1: entered allmulticast mode [ 293.713080][ T8378] loop4: detected capacity change from 0 to 256 [ 293.802716][ T8372] bond1: (slave geneve2): making interface the new active one [ 293.813670][ T8356] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 293.836497][ T8372] geneve2: entered allmulticast mode [ 293.851723][ T8378] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 293.871163][ T8372] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 294.514823][ T8163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 294.594847][ T8163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 294.996643][ T8163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 295.352150][ T152] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.132697][ T8382] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 296.232581][ T8382] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 296.411971][ T8163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.451008][ T8163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 296.599068][ T8163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 296.763955][ T152] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.804710][ T152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.686820][ T8415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.681'. [ 299.053516][ T152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.088620][ T5290] 8021q: adding VLAN 0 to HW filter on device eth8 [ 299.906307][ T8163] hsr_slave_0: entered promiscuous mode [ 299.941631][ T8163] hsr_slave_1: entered promiscuous mode [ 299.987086][ T8163] debugfs: 'hsr0' already exists in 'hsr' [ 300.033781][ T8163] Cannot create hsr debugfs directory [ 303.902063][ T8163] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 303.943389][ T8163] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 303.962343][ T8163] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 304.001157][ T8163] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 304.023509][ T8163] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 304.154289][ T8163] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 304.180349][ T8163] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 304.242897][ T8163] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 304.311315][ T8471] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.321491][ T8471] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.866860][ T8491] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 305.874357][ T8491] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 307.140833][ T8163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.221827][ T8163] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.266602][ T152] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.273906][ T152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.351719][ T134] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.358995][ T134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 315.798162][ T8572] syz_tun: entered allmulticast mode [ 420.599590][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 420.606720][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P8566/1:b..l [ 420.615675][ C0] rcu: (detected by 0, t=10503 jiffies, g=34057, q=942 ncpus=2) [ 420.623397][ C0] task:modprobe state:R running task stack:22880 pid:8566 tgid:8566 ppid:36 task_flags:0x400000 flags:0x00080000 [ 420.638305][ C0] Call Trace: [ 420.641613][ C0] [ 420.644542][ C0] __schedule+0x1821/0x5740 [ 420.649090][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 420.654041][ C0] ? __pfx___schedule+0x10/0x10 [ 420.658925][ C0] preempt_schedule_irq+0x4d/0xa0 [ 420.663970][ C0] irqentry_exit+0x14f/0x8b0 [ 420.668559][ C0] ? trace_irq_disable+0x3b/0x140 [ 420.673697][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 420.679680][ C0] RIP: 0010:lock_release+0x69/0x3c0 [ 420.684885][ C0] Code: 05 9c 4b 8e 0e 73 0d e8 c5 f7 08 00 84 c0 0f 84 94 02 00 00 83 3d 76 7e 8e 0e 00 0f 84 1c 02 00 00 65 8b 05 39 8f 96 11 85 c0 <0f> 85 0d 02 00 00 65 4c 8b 3d 81 49 96 11 41 83 bf 8c 0b 00 00 00 [ 420.704490][ C0] RSP: 0018:ffffc90005f1e170 EFLAGS: 00000246 [ 420.710563][ C0] RAX: 0000000000000000 RBX: ffffffff90d10501 RCX: 0000000080000001 [ 420.718551][ C0] RDX: ffffc90005f1e201 RSI: ffffffff8c28b740 RDI: ffffffff8c28b700 [ 420.726549][ C0] RBP: dffffc0000000000 R08: ffffc90005f1f270 R09: ffffc90005f1e2f8 [ 420.734534][ C0] R10: dffffc0000000000 R11: fffff52000be3c61 R12: ffffc90005f1f280 [ 420.742608][ C0] R13: ffffffff8176e256 R14: ffffffff8e95cce0 R15: ffffffff8176e256 [ 420.750581][ C0] ? unwind_next_frame+0xa6/0x2550 [ 420.756092][ C0] ? unwind_next_frame+0xa6/0x2550 [ 420.761232][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.766910][ C0] ? deref_stack_reg+0x19f/0x230 [ 420.771862][ C0] ? unwind_next_frame+0xa6/0x2550 [ 420.776981][ C0] unwind_next_frame+0x1bba/0x2550 [ 420.782114][ C0] ? unwind_next_frame+0xa6/0x2550 [ 420.787233][ C0] ? vma_complete+0x21f/0x9e0 [ 420.791916][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 420.798085][ C0] arch_stack_walk+0x11b/0x150 [ 420.802866][ C0] ? __split_vma+0x8fa/0xa50 [ 420.807472][ C0] stack_trace_save+0xa9/0x100 [ 420.812252][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 420.817673][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.823315][ C0] ? stack_depot_save_flags+0x33/0x810 [ 420.828805][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.834572][ C0] kasan_save_track+0x3e/0x80 [ 420.839263][ C0] ? kasan_save_track+0x3e/0x80 [ 420.844151][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 420.849189][ C0] ? kmem_cache_alloc_from_sheaf_noprof+0x9f/0x180 [ 420.855701][ C0] ? dst_setup+0x7e5/0x1160 [ 420.860416][ C0] ? mas_wr_store_entry+0x2f4e/0x7fc0 [ 420.865893][ C0] ? mas_store_prealloc+0x699/0xa20 [ 420.871125][ C0] ? vma_complete+0x21f/0x9e0 [ 420.875853][ C0] ? rcu_is_watching+0x15/0xb0 [ 420.880619][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.886309][ C0] __kasan_slab_alloc+0x6c/0x80 [ 420.891213][ C0] kmem_cache_alloc_from_sheaf_noprof+0x9f/0x180 [ 420.897580][ C0] dst_setup+0x7e5/0x1160 [ 420.901934][ C0] mas_wr_store_entry+0x2f4e/0x7fc0 [ 420.907290][ C0] ? __pfx_mas_wr_store_entry+0x10/0x10 [ 420.912876][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 420.917863][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.923593][ C0] ? mas_wr_store_entry+0x5f9d/0x7fc0 [ 420.928982][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.934626][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.940265][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 420.945212][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.950852][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 420.955793][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.961512][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 420.966510][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.972141][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 420.977340][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.982980][ C0] ? irqentry_exit+0x218/0x8b0 [ 420.987741][ C0] ? trace_irq_disable+0x3b/0x140 [ 420.992784][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 420.998455][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.004248][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.009919][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 421.015126][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.020854][ C0] ? is_bpf_text_address+0x292/0x2b0 [ 421.026233][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 421.031527][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.037166][ C0] ? kernel_text_address+0xa5/0xe0 [ 421.042297][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.048022][ C0] ? __kernel_text_address+0xd/0x30 [ 421.053253][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.058898][ C0] ? unwind_get_return_address+0x4d/0x90 [ 421.064540][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 421.070707][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.076433][ C0] ? arch_stack_walk+0xfb/0x150 [ 421.081346][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.086990][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 421.091951][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 421.097338][ C0] ? vm_area_dup+0x2b/0x680 [ 421.101955][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.107624][ C0] ? stack_depot_save_flags+0x33/0x810 [ 421.113085][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 421.118388][ C0] ? vm_area_dup+0x2b/0x680 [ 421.122927][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.128573][ C0] ? kasan_save_track+0x4f/0x80 [ 421.133432][ C0] ? kasan_save_track+0x3e/0x80 [ 421.138306][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 421.143374][ C0] ? kmem_cache_alloc_noprof+0x2bc/0x650 [ 421.149067][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.154701][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 421.159693][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.165342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.170990][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.176634][ C0] ? mas_wr_walk_descend+0x574/0x8c0 [ 421.181936][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.187572][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.193210][ C0] ? trace_ma_write+0x87/0x1f0 [ 421.198013][ C0] mas_store_prealloc+0x699/0xa20 [ 421.203060][ C0] ? __pfx_mas_store_prealloc+0x10/0x10 [ 421.208629][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.214328][ C0] ? vma_iter_store_overwrite+0x340/0x8e0 [ 421.220351][ C0] vma_complete+0x21f/0x9e0 [ 421.224860][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.230509][ C0] __split_vma+0x8fa/0xa50 [ 421.234973][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.240659][ C0] ? __pfx___split_vma+0x10/0x10 [ 421.245617][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.251256][ C0] ? mas_find+0xb0e/0xd30 [ 421.255684][ C0] vms_gather_munmap_vmas+0x4fa/0x1380 [ 421.261173][ C0] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 421.267080][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.272977][ C0] ? mas_find+0xa7d/0xd30 [ 421.277319][ C0] mmap_region+0x921/0x22a0 [ 421.281853][ C0] ? __pfx_mmap_region+0x10/0x10 [ 421.286799][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.292435][ C0] ? __mutex_trylock_common+0x158/0x260 [ 421.298188][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.303826][ C0] ? trace_contention_end+0x3d/0x140 [ 421.309164][ C0] ? process_measurement+0x1800/0x1c80 [ 421.314697][ C0] ? irqentry_exit+0x218/0x8b0 [ 421.319556][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.325191][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 421.330412][ C0] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 421.337016][ C0] ? aa_file_perm+0x192/0x15e0 [ 421.341882][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.347524][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.353163][ C0] ? cap_mmap_addr+0xaf/0x100 [ 421.357854][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.363492][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.369133][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.374775][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.380419][ C0] ? shmem_mapping+0xd/0x50 [ 421.384927][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.390652][ C0] ? memfd_check_seals_mmap+0xc5/0x200 [ 421.396134][ C0] do_mmap+0xc39/0x10c0 [ 421.400318][ C0] ? __pfx_do_mmap+0x10/0x10 [ 421.404915][ C0] ? down_write_killable+0x180/0x240 [ 421.410239][ C0] ? __pfx_down_write_killable+0x10/0x10 [ 421.415883][ C0] ? apparmor_mmap_file+0x2da/0x3e0 [ 421.421185][ C0] vm_mmap_pgoff+0x2c9/0x4f0 [ 421.425791][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 421.430908][ C0] ? __fget_files+0x2a/0x420 [ 421.435523][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.441226][ C0] ? __fget_files+0x3a0/0x420 [ 421.445975][ C0] ? __fget_files+0x2a/0x420 [ 421.450586][ C0] ksys_mmap_pgoff+0x51e/0x760 [ 421.455368][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.461479][ C0] do_syscall_64+0x174/0x580 [ 421.466095][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.471996][ C0] RIP: 0033:0x7f0f4a9e2242 [ 421.476414][ C0] RSP: 002b:00007ffe02fb86f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 421.484831][ C0] RAX: ffffffffffffffda RBX: 00007f0f4a6f8000 RCX: 00007f0f4a9e2242 [ 421.492823][ C0] RDX: 0000000000000003 RSI: 0000000000002000 RDI: 00007f0f4a6f8000 [ 421.500816][ C0] RBP: 0000000000000812 R08: 0000000000000000 R09: 000000000000d000 [ 421.508789][ C0] R10: 0000000000000812 R11: 0000000000000206 R12: 00007ffe02fb87b8 [ 421.517108][ C0] R13: 00007f0f4a9b7580 R14: 00007ffe02fb8b70 R15: 00000fffc05f70e2 [ 421.525113][ C0] [ 421.528133][ C0] rcu: rcu_preempt kthread starved for 10460 jiffies! g34057 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 421.539327][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 421.549482][ C0] rcu: RCU grace-period kthread stack dump: [ 421.555378][ C0] task:rcu_preempt state:R running task stack:27544 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 421.568928][ C0] Call Trace: [ 421.572235][ C0] [ 421.575199][ C0] __schedule+0x1821/0x5740 [ 421.579719][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 421.584783][ C0] ? __pfx___schedule+0x10/0x10 [ 421.589652][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.595296][ C0] ? schedule+0x90/0x360 [ 421.599557][ C0] schedule+0x164/0x360 [ 421.603732][ C0] schedule_timeout+0x158/0x2c0 [ 421.608592][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.614228][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 421.619651][ C0] ? __pfx_process_timeout+0x10/0x10 [ 421.624945][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.630580][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 421.636397][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.642033][ C0] ? prepare_to_swait_event+0x340/0x370 [ 421.647598][ C0] rcu_gp_fqs_loop+0x312/0x11d0 [ 421.652456][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.658092][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 421.663468][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.669210][ C0] ? rcu_gp_init+0x1315/0x15b0 [ 421.673983][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 421.680143][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 421.685442][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 421.690659][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 421.696483][ C0] rcu_gp_kthread+0x9e/0x2b0 [ 421.701104][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 421.706300][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 421.712123][ C0] ? __kthread_parkme+0x7a/0x1f0 [ 421.717063][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.722704][ C0] ? __kthread_parkme+0x19c/0x1f0 [ 421.727740][ C0] kthread+0x389/0x470 [ 421.731818][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 421.737053][ C0] ? __pfx_kthread+0x10/0x10 [ 421.741681][ C0] ret_from_fork+0x514/0xb70 [ 421.746566][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 421.751703][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.757341][ C0] ? __switch_to+0xc79/0x1410 [ 421.762039][ C0] ? __pfx_kthread+0x10/0x10 [ 421.766663][ C0] ret_from_fork_asm+0x1a/0x30 [ 421.771451][ C0] [ 421.774499][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 421.780840][ C0] CPU: 0 UID: 0 PID: 1124 Comm: kworker/u8:10 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.791980][ C0] Tainted: [L]=SOFTLOCKUP [ 421.796297][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 421.806433][ C0] Workqueue: events_unbound toggle_allocation_gate [ 421.812988][ C0] RIP: 0010:smp_call_function_many_cond+0xfd4/0x13d0 [ 421.819691][ C0] Code: 89 ee 83 e6 01 31 ff e8 9a 07 0c 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 45 03 0c 00 eb 37 f3 90 43 0f b6 04 2c <84> c0 75 10 41 f7 06 01 00 00 00 74 1e e8 2a 03 0c 00 eb e5 44 89 [ 421.839387][ C0] RSP: 0018:ffffc900059e7700 EFLAGS: 00000293 [ 421.845481][ C0] RAX: 0000000000000000 RBX: ffff8880b863c188 RCX: ffff888028db9f00 [ 421.853457][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 421.861456][ C0] RBP: ffffc900059e7840 R08: ffffffff903021f7 R09: 1ffffffff206043e [ 421.869427][ C0] R10: dffffc0000000000 R11: fffffbfff206043f R12: 1ffff110170e8171 [ 421.877420][ C0] R13: dffffc0000000000 R14: ffff8880b8740b88 R15: 0000000000000001 [ 421.885419][ C0] FS: 0000000000000000(0000) GS:ffff88812529e000(0000) knlGS:0000000000000000 [ 421.894458][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 421.901035][ C0] CR2: 00007fd98c667d58 CR3: 000000000e74a000 CR4: 0000000000350ef0 [ 421.909017][ C0] Call Trace: [ 421.912315][ C0] [ 421.915250][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 421.920296][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 421.926714][ C0] ? kmem_cache_alloc_bulk_noprof+0xae/0x7c0 [ 421.932708][ C0] ? __pfx___text_poke+0x10/0x10 [ 421.937655][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 421.942706][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 421.947830][ C0] smp_text_poke_batch_finish+0x5f5/0x1160 [ 421.953648][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 421.959836][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 421.964862][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 421.971120][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.976854][ C0] ? arch_jump_label_transform_queue+0x97/0x110 [ 421.983119][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 421.988766][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 421.994806][ C0] static_key_enable_cpuslocked+0x128/0x240 [ 422.000732][ C0] static_key_enable+0x1a/0x20 [ 422.005526][ C0] toggle_allocation_gate+0xab/0x290 [ 422.010826][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 422.016733][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.022375][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.028108][ C0] ? process_scheduled_works+0xa70/0x1860 [ 422.033828][ C0] ? process_scheduled_works+0xa70/0x1860 [ 422.039608][ C0] process_scheduled_works+0xb5d/0x1860 [ 422.045187][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.051738][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 422.057740][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.063402][ C0] ? assign_work+0x3d5/0x5e0 [ 422.068097][ C0] worker_thread+0xa53/0xfc0 [ 422.072697][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.078362][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.084009][ C0] kthread+0x389/0x470 [ 422.088095][ C0] ? __pfx_worker_thread+0x10/0x10 [ 422.093208][ C0] ? __pfx_kthread+0x10/0x10 [ 422.097811][ C0] ret_from_fork+0x514/0xb70 [ 422.102521][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 422.107642][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 422.113283][ C0] ? __switch_to+0xc79/0x1410 [ 422.117985][ C0] ? __pfx_kthread+0x10/0x10 [ 422.122594][ C0] ret_from_fork_asm+0x1a/0x30 [ 422.127391][ C0]