last executing test programs: 8m32.684336577s ago: executing program 2 (id=119): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x2000040) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002003, 0x0) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d00000000000000009cf153dc0bf708", @ANYRESHEX=0x0], 0x1, 0x194, &(0x7f0000000640)="$eJzsmD9P+kAYx7/X8if88ktw1UUTScDB0hY1MjgwO2ii0bhJpBK0iIEOwGZ8Ec6+AmfiwvvQQZ0cxM3Joebawx4oYuI/jM9neO57dw/Hc0+Tb5OCIIg/y831w9VZMhHj+j8SiIr1WzXIUaT8Vvxx5qK0cn6i31+22svZ/vMYANd9//+HALRzKhwxd93eXyfEuA6lq8Py/iYYNKG3oWBDaAsMW0LvSbrC8zVtt2Rb2k7FLnCh82DwYPKQ6a+vc8RQkOpj0n6t0dzP27ZV/UIxrH+dnIIlqT75eXV7owf9gwEFhtAZMKwJvYhotzd+S6T7T4SC89Vvvv/vFuPxITlhjEqpJD5BMHBxFwNGo56fEoE/uacMScmfQpJ/pJ3yYbrWaM6WyvmiVbQOTDOzoM/p+ryZ9ozIj2/4X8zzp3/S+eEBuREWQT3vOFXDj89zsx6FUzVfc9yI538KUtN+1UysyXjvgzE2xYeUChwPrJYgCIIgCIIgCIIgCIIgCOIjTIJ5X0F7yL5YMle97KcAAAD//5Z1cak=") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') preadv(r2, &(0x7f0000000040)=[{&(0x7f00000024c0)=""/4127, 0x101f}], 0x1, 0x4000, 0x0) setgroups(0x51, 0x0) setreuid(0xee01, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fcntl$lock(0xffffffffffffffff, 0x26, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) 8m27.425308164s ago: executing program 2 (id=125): r0 = socket(0x1e, 0x4, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20) close(0x3) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x2, 0x1}, 0x20) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r5, r4, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xd52, &(0x7f0000000600)={@random="ad4d307a9be9", @remote, @val={@val={0x88a8, 0x2, 0x1}, {0x8100, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @icmpv6={0xc, 0x6, "22dad9", 0xd14, 0x3a, 0x1, @mcast1, @private2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x22, 0x348d, 0x3ff, 0x8, [{0x2, 0x1b, "0ca5783e49d1de9ad7346821bce19c16e499f3ba2657d5f37a2ca24918b924467737ce0b50c61c83ee20a5c03f2d4679f63eb9bb8a78bfdee5b2447d615b8cd97cb633b82f1af10c8c76575b5b61cbd4bdaaa0b78a1e66fee3317b1ec1c7a108a4099fd89e5b53d227fda740af380a7242ef85f56c8cb2fa5e239cffe30b3dfb0f793e21d03468c531dd2862fbd5edde3af4d9debf0cf4277c07c2340a1dec573627a97e821cd4a3e2141be6d874339050686b294532b8e99a7dfa94f9682d5e0f26af88d1ceb22ea4c8753fa105bafcc18784c8a6493e36"}, {0x4, 0x4, "5052e6538b936e18b71dc8564fa61d072d4363cd2a2e9c3a693235c5b7ad8251295b9be3"}, {0x18, 0xb, "cadc3cf7a52eee02b66c0155b57b731515f90c2adfe3e0e28e708786b528c36dae25f405000c3df6c8f0a3e8699a5fc2f45ca447ccd8d506da9c18838ba33b31ade02b6f072ed1f43c429f2bf959f8c9f9f3293300162e4417"}, {0x5, 0x9, "a68eafe278c0b62783e3984e94a06e41e6fa237d72233ad7240c9a3e319aa7b6b765be5d12934e57b17cc0af42ed7e142b1b49bd674149457ec9381cc73aa8f69b34af638483f77846dbe8a4"}, {0xe, 0x16b, "0cb89ab2a8301fbf007ad1ec75e8fbb4e11d6b3ef94fd436703fdee84c0404cb8a6874d1da74c8b6049bdbae2b3074dc8d1cfd0c64834f88a3f93a687888d0e8d6a3aa848788070ab0371c5b1fbd0352add1be0282a340597b47d4cc500ff36aa58d919cb34e3c5009432d6732d54697dc46855f5638c4e148460075be49d15bdbd0d5f7dc19e0dbb674c3e2a7b3aa3fb0ed44171fd8b836f0b7f3c5f8134af70f09fae8f84b113519589ba311821d3aa16bcf227f0b3415582fb9841adc932084ed9c344a2fe662c94b921101cacebf76d9b12a5255c8319810958cf608818c2368fdc91e6dbeaf60f12a60ae46b533c0525c3fdfa59950f136c408eae1000e779fe879f0832b413a0c41d39229c79abc86f6bb82dd98e5f1dea334e74ad6daefd5f64afe0544fbb2770112f36af15b02b212f353f6486c9818b7c2879f63042cf6882752973c382321f4cf61e1b62ef8fc523355553a35ae78ac5cfc25770013345587a9cbe177da79568f5fce50ff9ad874e2a4c7eb0975599614babd68b5b094644db6a6dee2e8768a6443e9776d9644030bbd93c7622de0cf5ec62c1ecccad23b7f44025bdd34807b4e8fd54f419d3ef7fd9f644d67eb95cbb1b90b8e4719844bb2b0f093bbcb80f2263340d19921902a93fd3ad2cfcc63aa55065e6f158b4fafb805ef6e4cbc3c4cc73ad634f193513af205600ceaa8baeaf459a16fe934d781a157720fa864b4117354906faff1ef5f9fa17467c390ceadaf157824eb172ea93193a6e9332322784aea9fb09437016945a2af8105aaf56580261e863a1869f35c39d1c081895f5260b822d41368b17a7f9f987224ddf7cf1258008ec3e693aefa6375143bb080642145f7d9581d7e734ed77d0152b7b861a393639adb670fa94e566d7df0a55108c1442e9af6d2aea0c8d1052f81db22de02ec13d24e1140c88a93c49d7799493bef1bca7ecc9d88d5bd23855bd624094dcb5e823ff4cf2edbab4bdbb556ab18fcfe8700a26b8e9ee4a2ea75d1db01cbf5b16f059bac6af78807addd1589438f465109b09d2003d067ce91be265e03b00145da84cd43fb8d3a323d17952643445efc7676dc115404f901ad8c8767d71d392b4fe8b1f39d8d24aace87d6300e23e0af7ae3389bc5c959fc865bd88144b9ae6e536c2bd3fd35ca87b3615fe1f7d55513c6dc52468d75a9d301d222b1b84d673c41b8304bb3502b6a03cadaad311ecb613c209a4a49dd4e30d7fc5a061953b54c6c1bd2c92e14c971531b79b4cab9cb540d85bf9c8d7902fd459fd915085c138f60a733c7ed5ad5f3600d3d52a3cff140e3a242ca4b63731ee0cdfa4cef46a6371493ca9101f30f7e8904fc354f7b98ac99af81dacd43107f7337e42ab0412cb7bbf0b553fff2ec9a49c957b9518b2f399ae77231f16d02459b743f436913ee0d7e277c68f23e50abd1ec9b5adf7fff911a29c66a81f38bd9978a7f80bb0ff6170705bef5969fb6aaf1404753e7ca446c6b2182d284c82021e4a157a393b978e60de9f9c3ea75815eecf4a795be9080e844875dbe243728d0e7bf4b079be2c9aeb536c5861d0e160145107a8765cac0bccdb168213b13f0cddf6a8e6a7bdecee0da600bb279f30ee2d7c02f7e28919e9feb1cb009ca975a6b20d52123a92f39f27393bfd80680d53bcf052162755bbcccb235ba9b7967d9758bd3321a4a72e24a417265285dfa5ed794f508abcd5468eb2feeece8107441e6fc8b57b4eeb11e2c0f348ae9e9769267ecf0288a7cb80370e656e78701a0bbbd9f784b33dc308e1b4c6c358471b9f8960a39ebd98ca5030ad7fcf31af0c7fc73312cc3c0632c4b5d145a1e95995c9ed7b44ce12a98b80d7d17aa714c937a41a120c21c481edd7bb47107cdecca0ccfcefef92b9b32da0a8196aa09fc945244131c1252ab45c0d65a6d12ca584c5f6a65e87ce68f4cf9de402591471a8a1610c48dcd7752a59ef510a57fa406af5fbdbf54b69a9d8d5c8d48c412fbd07cd2f0943db0427337d6fff10c17efad3f951f0dcd7fb618f9ff42ffcec5da4d4db053d70ef1b6d9b0dd98fe85e2806eeca4d2dd406580633916d41e6adcbcaf05ac2b35d3eefb22fe82a1d40701b71afdd9e59502763f216db9062cb1cfd01763ec74d706c60630e68f476318191dd4e2d7931bcbddcbee03ce7172be8e3780e7e5d8d8640485db1f33dc189ea18ef40d004685782e62133bfcd8e50c9635ebd9aadc110f9977916bc56fc96dcdfd713e80158a6a777c6dd44d16169be438bf59cc516b423e3c95af21e789a81312fb3ae4fd1500b76c312b4451f183347c4c4bd83901f067fda19f4211e545e386ddb941c10104d5205f1ce90b6131275229ced080a161ac592e5605429a31bdd6e646fe31dc88e5450104b7bf44786ad514e5676606cd188752fac2adf835944cf75c64b199e789781ca3719a66afee04bc81dc71b147cfd0fc4207f7ae7f768e36a2138e02f6026d23b39d228df0b70b82b25745066a249ae951a6ab79c071a7d798392743dc27297c8ca35bf999d3b5963cbc4d1feffdf81660e518b2e423b7947a46bc6ccd6caf532f871f0b068a8a9f684fe74310cfe250c45a29e819977f1e626c11c9023723f3496e3555205454fe12fa3eb503b5ab589e62696382d168aa7952635ca42e17c93ab22bbe869c2d03c336572f42c377d05e76a2664ba1ca15a9eaafee4ed2919659acc0288fb7301a58fbe2e1c3201d3f3c989d7c69ff131c369e9e7f9b8c478b096186d9453aba6a388a114deedb918bc1db112d5643c222744fcd4e83b3a8d44cd902d3897dafd70e6c283f665fdb1ebb998240e554f4b31b3e9bc668e16d5d58cf4fbbc17a470a0892a8ccb23976a4fab38e2ea4e0654b18d1651286213c93e894a57a3e9abef587ec1036359301d95924a1e1dc1a41a13b0e998d856f61312c3504838ea1d2bd41a57b905bc98faed6d15c260dbea588794de4eab950f14f0acb86dab7e9afe20bd643188f08680a8391d24e6f3d2937d6a6160992cea4ae260fd427f2b9514f90512ac7602a0937fd16cac96014903b0409bccf5da4d6b3cd365baffc808da3bf85fcbf87c663fd5bc9762df58d286e9a6d864d593f8ef28c53ae3960a1be6de9880ae0bdd821f7adf0ea2fec5836f44e369f11055a0dbcd013cc9561d28f0efaad51beb6815447165ebe48b6105b6918cf6d2d1487bff807c6fbb367377dc3849ce0fd73c110c3629a6a817997618d09396f31b1f83a7b5bbaf7079879f54ab27ed8322b0d743755968cdb0e8b921a593985f8bfaeafa44bf48a51cfe1d6c27eadc0e05d556ba33823e384f91dd775d1cfa87292c8ec424bf85e4dde184157dfbf534f0e533a43f5b544464c5ec0471b3319203fb884f4addf8b6c2124d465f323c505078ae504943fc2b94baa4ecc954cbdf834107d39bf1c22d154ebb3f98aec4ccc9f3ff59b0df61e74467b9fef0fd04efef6abb9ad6c911f96824a8b3b69d8228a0304972c55f6b7310ac84c37c04ce4ae0fd5a25ba9d9af70cb1a5cf92ba665e2d57d2b6b32727917372be839f9aa9b9f904817aef4d6864e00e62ab365fbb1304d32c6fb90a54264b37b53b362221b7b89bb4d1925e974b0bc330199171a875d0c4283fc566de84e4a5b9c6a9980cc5be5d4e1c11058691659be62a1878278eb579bcc6b3ecd3470a5c394f2011a7428c2cab2c37388dfa4fe4028e008799b5bac096de7f5da27022e4363592945d2da704be622d79b2f83e10b5348332c694fb34192de184fc0688663c60f738cb14b7468bc113999c2505a1d678f7211dd19c1c3bf530a1b432f8ff9732d476ed7051d908fff6694d1d55ef65eaac553e9de075eb63d3f3fdf8ed4ab8261e17fe2b559a7b2be3c291daaeb5c18dc89ea1345d8180c9f7273a210855c556003e876c286ac30f8a28e227598c4cfa8bff6692366f34673776b047cdb2855c521eb480a70dc24524f3fdfa30672e93d3b6c03d953aab2fa090f196108f32850d0b72c8cb81aff530f22034921da6a9617eb3e83dc3a1cf81fcfa12026b4277a71f4af8d721694d43139819ca72387198ee117e7e9d28e155e"}]}}}}}}, 0x0) 8m26.842695088s ago: executing program 2 (id=128): socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0185879, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="070600000000000000002d00000006000400000000000c0005000201aaaaaaaaaaaa0a0001007770616e3000000008002f000500000005002e001500000005002b"], 0x4c}}, 0x20048840) 8m25.083920392s ago: executing program 2 (id=130): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nobarrier}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) socketpair(0x2b, 0x4, 0x5, &(0x7f0000000400)) fallocate(r0, 0x0, 0x0, 0x8ffff) write$FUSE_IOCTL(r1, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x6, 0x4, 0x6, 0xf}}, 0x20) 8m23.144634202s ago: executing program 2 (id=132): r0 = gettid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, 0x0, 0x0) listen(r2, 0x5) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet(r3, 0x0, 0x0, 0x48045) close_range(r2, 0xffffffffffffffff, 0x0) setresuid(0xee00, 0xee01, 0x0) add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) syz_usb_connect$uac3(0x0, 0x80, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x0, 0x0}]}) add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd) prlimit64(r0, 0xd, &(0x7f0000000100)={0xfffffffffffffffe, 0x5a}, &(0x7f0000000180)) timer_settime(0x0, 0x1, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0xe}, 0x300, 0x0, 0x2, 0x9, 0x0, 0x4}, 0x20) 8m21.919999967s ago: executing program 1 (id=136): r0 = syz_open_dev$usbmon(&(0x7f0000000380), 0x0, 0x60040) r1 = dup(r0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0xcef26) 8m20.676117769s ago: executing program 2 (id=137): ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000040)) r0 = socket(0x400000000010, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$F2FS_IOC_GARBAGE_COLLECT(r3, 0x4004f506, &(0x7f0000000180)=0x1) getsockopt(r3, 0x400000000000003a, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x884, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x8, 0x65, 0x2, 0x4d, {0x1, 0x2, 0x2, 0x3, 0x3, 0x4}, {0x5, 0x1, 0x3, 0xab, 0x0, 0x9}, 0x2, 0x6, 0x8000}}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x7fffffff, 0x8, 0x7ff, 0x3, 0x2, 0x1, 0x401, 0xb9, 0xace, 0x0, 0x1, 0x9, 0x43, 0x7, 0x2, 0x0, 0x1ce00000, 0x7, 0x6, 0x103, 0x3, 0x1c000, 0x1ff, 0x2, 0x6, 0x9b16, 0x6, 0x100, 0x15a, 0xe, 0x40, 0x5, 0x4, 0x80000001, 0x4a, 0x1, 0x8, 0x99a9, 0x340d, 0x3, 0x2, 0x7, 0xd, 0x400, 0xfffffffa, 0x6, 0x100, 0x2, 0x5, 0x5, 0xe, 0xffff0001, 0x2, 0xdd1, 0x9, 0xfb, 0x4, 0xf, 0x324, 0x6, 0x3, 0x6, 0xff, 0x8, 0x401, 0x7fffffff, 0x4, 0x5, 0x800, 0x8261, 0x3, 0x6, 0x8, 0x2, 0x9, 0x4, 0x4, 0x6, 0x5, 0xf, 0x9, 0x38c8, 0x80000001, 0x4, 0xa11, 0x6, 0x3, 0x604, 0xfff, 0xab, 0x7, 0x5, 0x8, 0x1, 0x9, 0x401, 0x0, 0x4, 0x1ff, 0x4, 0x17, 0xffffff7f, 0x7c, 0x4, 0x4, 0xa42, 0xfffffff7, 0x4, 0x5b564ea6, 0xaa32, 0x2, 0x2, 0x4000008, 0x1ff, 0x5, 0x3, 0x7, 0x6, 0xfffff000, 0x12aeb60c, 0x4, 0xbb6, 0x1, 0x3, 0x5, 0x2, 0x3, 0x85, 0x10, 0x1, 0x5, 0x1, 0x4, 0x6, 0xf65, 0x1d7, 0x9, 0x100, 0x0, 0x0, 0xc2, 0x1, 0x3, 0xffffffff, 0x1ff, 0x1, 0x30bb, 0x7, 0x40, 0xfffffff8, 0x5, 0x2, 0x1, 0x8, 0x8000, 0x5, 0x4, 0x31e, 0xffff8001, 0x6, 0xff, 0xa, 0x1ff, 0x9, 0x7, 0x7, 0x2, 0x412, 0x6, 0xf441, 0x6, 0x1, 0x7, 0x89, 0x3, 0x5, 0x0, 0x9, 0x7, 0x1, 0x4, 0x0, 0x4, 0x4, 0x200, 0x1, 0x720a, 0xffff, 0xfff, 0x9, 0x7fff, 0x8, 0x3ac8efcb, 0x8, 0xf2c, 0x7, 0x80000000, 0x12, 0xfffff802, 0x2e4, 0x7, 0xfffffff9, 0x400, 0x4, 0x30, 0x10000, 0xfd, 0x4, 0x1, 0x5, 0x7, 0x0, 0x7, 0x47, 0x0, 0x0, 0x1, 0x7, 0x0, 0x8, 0x3, 0x6, 0x0, 0x10001, 0x0, 0xe9, 0x5, 0x1, 0x8d, 0xaacc, 0x6f, 0x7fffffff, 0x5, 0x6, 0x2, 0x10001, 0x4, 0x10000, 0x9, 0xe, 0x45e8, 0x9, 0xfffffff8, 0x6, 0x100, 0x5, 0xe, 0x73d, 0x31, 0x3, 0x0, 0x2, 0x3, 0xb70, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xfffffff7, 0x5, 0x7, 0x4, 0x2, 0x6, 0x1, 0xfb0, 0x8, 0x3, 0x5, 0x3, 0x0, 0x4, 0x9a, 0x9, 0x7, 0xfff, 0x7, 0x40, 0x5, 0x7fff, 0x6c, 0x3, 0x5, 0x7ff, 0x4, 0x2, 0x7, 0x2, 0x83b, 0x2, 0x3b, 0x4, 0x0, 0x4, 0x9, 0xc, 0x1cabbb02, 0x4, 0x4, 0x2, 0x8001, 0x7fff, 0x80000000, 0x10000, 0xffff8906, 0x7fffffff, 0x0, 0x0, 0x9, 0xc0000000, 0x2, 0x6, 0x83, 0x3, 0x10000, 0x3, 0x1, 0x6, 0x0, 0x1, 0x100, 0xcc2, 0x3800, 0x6, 0x18, 0x0, 0xfffffe00, 0x3, 0x6, 0x4, 0x3, 0x7, 0x1, 0xfffffffc, 0x8e4, 0xf5c1, 0x1, 0x5077, 0x3, 0x5, 0x7fff, 0x2, 0x4, 0x2, 0x3, 0x401, 0x6, 0x40, 0x7, 0x95, 0x5, 0x200, 0x1, 0x2, 0x7ff, 0x4, 0x8, 0xb, 0x0, 0x2, 0x0, 0xd266, 0x4, 0x0, 0x10001, 0x2, 0x101, 0x401, 0x200, 0x6, 0x1, 0x4a, 0x8, 0x2, 0xfffffffe, 0x14e, 0x4, 0x3, 0x1, 0x2, 0x94e6, 0xfffffbff, 0x5, 0x2, 0xfffd, 0xc, 0x4, 0x2, 0x40800000, 0x1f, 0x4, 0xffffffff, 0x800, 0x7, 0x3ff, 0x7ff, 0x101, 0x10, 0x5, 0x374, 0xc2f, 0x3, 0xffffff81, 0xfffffff7, 0x6, 0x8000, 0x8, 0x1, 0x1, 0x200, 0xcae, 0xc64, 0xffff, 0x7fff, 0x1, 0x8, 0x3c0, 0x9, 0x0, 0x6d5, 0xfffffff3, 0x9, 0x476b3752, 0xff, 0x0, 0x9, 0x7ff, 0x4, 0x3, 0x4, 0x7, 0x7249, 0x7, 0xffff8001, 0x95f, 0x8, 0x0, 0x1000, 0x800, 0x0, 0xfff, 0xf2, 0x0, 0x3, 0xffff, 0x103, 0x0, 0x8000, 0x9, 0x4, 0xcc6, 0xffe01000, 0x22, 0xd56, 0xfffffff0, 0x3bb8, 0x10, 0x140, 0x81, 0x9, 0x40, 0x2, 0x2, 0x4, 0x3, 0x0, 0x3, 0xf, 0x0, 0xc527, 0x9, 0x8, 0x1, 0xffff86fd, 0x7, 0x2, 0x8, 0x3, 0x9, 0x5, 0x0, 0x4, 0xc12, 0x7f, 0x0, 0x0, 0x80000000, 0x6f3, 0x7, 0x9, 0x7, 0x9, 0x4, 0x2, 0xc9, 0xaf8, 0x3, 0x80000000, 0xad8c, 0x4, 0x2, 0xea9, 0x9, 0x5, 0x1, 0x4, 0x8, 0x5, 0x10000, 0x3, 0x7fb, 0xdbbb, 0x4, 0x2]}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000840)={[{@nomblk_io_submit}, {@noquota}]}, 0x1, 0x489, &(0x7f0000000d40)="$eJzs3M9vFFUcAPDv7Lblt62IP0AUFI1EY0sLKgcPYDTxoImJHvBm3RaCFGpoNUKIVg94NCTejUcT/gJPejHqycTEk94NCTFcQE9jZnem3V121/7YstT9fJKl783M9r0v773ue/M6DaBv7c/+SSK2R8TvETFcyzZesL/25daNS5W/b1yqJJGmb/6VVK+7eeNSpbi0eN+2IrPQeLze3IWLZyZnZqbP5/mx+bPvj81duPjs6bOTp6ZPTZ+bOHr0yOHxF56feK4rcWZ1urnn49m9u199+8rrlRNX3v3palLE3xDHh10pr+5b1ysXiSe7VcpdYkddOhnoYUVYkaxDZs01WB3/w1GOpcYbjlc+62nlgHWVpmm6qf3phRT4H0ui1zUAeiP/nE8iFirZGrh+Pd8Prh+vLYCyuG/lr9qZgSjl1ww2rW+7KVttnVj456vsFU33UwAA1sN3x2tfi7nf0vyj1HAX/1i+NzQSEfdGxM6IuC8idkXE/RHxQEQ8GBEP1b2n1b5Ps+ZNktvnP6VrqwpsmbL534v53lbj/K+Y/cVIOc/tqMY/mJw8PTN9KCLuiYiDMbgpy493KOP7l3/9ot25/XXzv+yVlV/MBfN6XBtoukE3NTk/uZaY613/NGLPQKv4k8WdgKwdd0fEnn2rK+P009/sbXfuv+PvoAv7TOnXEU/V2n8hmuIvJJ33J8c2x8z0obGiV9zu518uv1GXrQzXZdYUfxdk7b+1Zf9fjH8kqd+vnVt5GZf/+LztmmaZ/X+o/j1Z/x9K3qqmixMfTc7Pnx+PGEpey48fy483lle9bmLp+iz+gwdaj/+dsfQ/8XBEZJ34kYh4NCL25XV/LCIej4gDHeL/8aUn3lt9/PFOh2+9Zln8Uytq/7aJYm/7tlPlMz98Wz1TNNZIh/iTqJz4rbn9j1RTB/MjrX7+DTd2kehY0/Nr6c0AAACw8ZQiYnskpdHFdKk0Olr7ffldsbU0Mzs3/8zJ2Q/OTdWeERiJwVJxp2t48X5oLIzny/qr5Yjs/ESeL+6XHs7vG39Z3lLNj1ZmZ6ZqTwoAPbKtzfjP/Fnude2Aded5Lehfqx3/aZp+0uWqAHeYz3/oX8Y/9K1Si2NbmvId/kYAsJG1+vy3sIf+YP4P/cv4h/5l/EP/Mv6hL+VPwg8s5wH/dUtkP396V/rKE2l6Z8raHBENR4Z6H/tiIko9Kz16HfvKEkn+tzTSu6Q+y0tUq2wXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2PD+DQAA//+4s91W") 8m19.483784483s ago: executing program 1 (id=138): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, 0x0) 8m18.860662321s ago: executing program 1 (id=141): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000540)={0x1c, &(0x7f0000000380)={0x40, 0xc}, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, &(0x7f0000000180)={0x14, &(0x7f0000000040)=ANY=[@ANYBLOB="2025b3000000b3"], 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000f80)=ANY=[@ANYBLOB="00df19"], 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000001000)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000c80)={0x44, &(0x7f0000000940)={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000e00)={0x34, &(0x7f0000000840)={0x20, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0}) 8m15.65920829s ago: executing program 1 (id=146): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2004de, &(0x7f0000000100), 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000200)='./bus\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x101000, 0x190) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 8m13.756521302s ago: executing program 1 (id=148): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$invalidate(0x15, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r4, &(0x7f0000000180), 0x400008a, 0x0) 8m6.12490806s ago: executing program 1 (id=154): r0 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000180)={'fscrypt:', @auto=[0x0, 0x74, 0x0, 0x0, 0x0, 0x62, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62]}, &(0x7f00000001c0)={0x0, "e2030013d278a1fc4a8d8c8eb43087655e4365991c3e1e6f89550928b7bc882f37d43e4bd36e0000438c04419900"}, 0x48, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r1) 8m5.663002191s ago: executing program 32 (id=154): r0 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000180)={'fscrypt:', @auto=[0x0, 0x74, 0x0, 0x0, 0x0, 0x62, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62]}, &(0x7f00000001c0)={0x0, "e2030013d278a1fc4a8d8c8eb43087655e4365991c3e1e6f89550928b7bc882f37d43e4bd36e0000438c04419900"}, 0x48, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r1) 8m5.562970065s ago: executing program 33 (id=137): ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000040)) r0 = socket(0x400000000010, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$F2FS_IOC_GARBAGE_COLLECT(r3, 0x4004f506, &(0x7f0000000180)=0x1) getsockopt(r3, 0x400000000000003a, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x884, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x8, 0x65, 0x2, 0x4d, {0x1, 0x2, 0x2, 0x3, 0x3, 0x4}, {0x5, 0x1, 0x3, 0xab, 0x0, 0x9}, 0x2, 0x6, 0x8000}}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x7fffffff, 0x8, 0x7ff, 0x3, 0x2, 0x1, 0x401, 0xb9, 0xace, 0x0, 0x1, 0x9, 0x43, 0x7, 0x2, 0x0, 0x1ce00000, 0x7, 0x6, 0x103, 0x3, 0x1c000, 0x1ff, 0x2, 0x6, 0x9b16, 0x6, 0x100, 0x15a, 0xe, 0x40, 0x5, 0x4, 0x80000001, 0x4a, 0x1, 0x8, 0x99a9, 0x340d, 0x3, 0x2, 0x7, 0xd, 0x400, 0xfffffffa, 0x6, 0x100, 0x2, 0x5, 0x5, 0xe, 0xffff0001, 0x2, 0xdd1, 0x9, 0xfb, 0x4, 0xf, 0x324, 0x6, 0x3, 0x6, 0xff, 0x8, 0x401, 0x7fffffff, 0x4, 0x5, 0x800, 0x8261, 0x3, 0x6, 0x8, 0x2, 0x9, 0x4, 0x4, 0x6, 0x5, 0xf, 0x9, 0x38c8, 0x80000001, 0x4, 0xa11, 0x6, 0x3, 0x604, 0xfff, 0xab, 0x7, 0x5, 0x8, 0x1, 0x9, 0x401, 0x0, 0x4, 0x1ff, 0x4, 0x17, 0xffffff7f, 0x7c, 0x4, 0x4, 0xa42, 0xfffffff7, 0x4, 0x5b564ea6, 0xaa32, 0x2, 0x2, 0x4000008, 0x1ff, 0x5, 0x3, 0x7, 0x6, 0xfffff000, 0x12aeb60c, 0x4, 0xbb6, 0x1, 0x3, 0x5, 0x2, 0x3, 0x85, 0x10, 0x1, 0x5, 0x1, 0x4, 0x6, 0xf65, 0x1d7, 0x9, 0x100, 0x0, 0x0, 0xc2, 0x1, 0x3, 0xffffffff, 0x1ff, 0x1, 0x30bb, 0x7, 0x40, 0xfffffff8, 0x5, 0x2, 0x1, 0x8, 0x8000, 0x5, 0x4, 0x31e, 0xffff8001, 0x6, 0xff, 0xa, 0x1ff, 0x9, 0x7, 0x7, 0x2, 0x412, 0x6, 0xf441, 0x6, 0x1, 0x7, 0x89, 0x3, 0x5, 0x0, 0x9, 0x7, 0x1, 0x4, 0x0, 0x4, 0x4, 0x200, 0x1, 0x720a, 0xffff, 0xfff, 0x9, 0x7fff, 0x8, 0x3ac8efcb, 0x8, 0xf2c, 0x7, 0x80000000, 0x12, 0xfffff802, 0x2e4, 0x7, 0xfffffff9, 0x400, 0x4, 0x30, 0x10000, 0xfd, 0x4, 0x1, 0x5, 0x7, 0x0, 0x7, 0x47, 0x0, 0x0, 0x1, 0x7, 0x0, 0x8, 0x3, 0x6, 0x0, 0x10001, 0x0, 0xe9, 0x5, 0x1, 0x8d, 0xaacc, 0x6f, 0x7fffffff, 0x5, 0x6, 0x2, 0x10001, 0x4, 0x10000, 0x9, 0xe, 0x45e8, 0x9, 0xfffffff8, 0x6, 0x100, 0x5, 0xe, 0x73d, 0x31, 0x3, 0x0, 0x2, 0x3, 0xb70, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xfffffff7, 0x5, 0x7, 0x4, 0x2, 0x6, 0x1, 0xfb0, 0x8, 0x3, 0x5, 0x3, 0x0, 0x4, 0x9a, 0x9, 0x7, 0xfff, 0x7, 0x40, 0x5, 0x7fff, 0x6c, 0x3, 0x5, 0x7ff, 0x4, 0x2, 0x7, 0x2, 0x83b, 0x2, 0x3b, 0x4, 0x0, 0x4, 0x9, 0xc, 0x1cabbb02, 0x4, 0x4, 0x2, 0x8001, 0x7fff, 0x80000000, 0x10000, 0xffff8906, 0x7fffffff, 0x0, 0x0, 0x9, 0xc0000000, 0x2, 0x6, 0x83, 0x3, 0x10000, 0x3, 0x1, 0x6, 0x0, 0x1, 0x100, 0xcc2, 0x3800, 0x6, 0x18, 0x0, 0xfffffe00, 0x3, 0x6, 0x4, 0x3, 0x7, 0x1, 0xfffffffc, 0x8e4, 0xf5c1, 0x1, 0x5077, 0x3, 0x5, 0x7fff, 0x2, 0x4, 0x2, 0x3, 0x401, 0x6, 0x40, 0x7, 0x95, 0x5, 0x200, 0x1, 0x2, 0x7ff, 0x4, 0x8, 0xb, 0x0, 0x2, 0x0, 0xd266, 0x4, 0x0, 0x10001, 0x2, 0x101, 0x401, 0x200, 0x6, 0x1, 0x4a, 0x8, 0x2, 0xfffffffe, 0x14e, 0x4, 0x3, 0x1, 0x2, 0x94e6, 0xfffffbff, 0x5, 0x2, 0xfffd, 0xc, 0x4, 0x2, 0x40800000, 0x1f, 0x4, 0xffffffff, 0x800, 0x7, 0x3ff, 0x7ff, 0x101, 0x10, 0x5, 0x374, 0xc2f, 0x3, 0xffffff81, 0xfffffff7, 0x6, 0x8000, 0x8, 0x1, 0x1, 0x200, 0xcae, 0xc64, 0xffff, 0x7fff, 0x1, 0x8, 0x3c0, 0x9, 0x0, 0x6d5, 0xfffffff3, 0x9, 0x476b3752, 0xff, 0x0, 0x9, 0x7ff, 0x4, 0x3, 0x4, 0x7, 0x7249, 0x7, 0xffff8001, 0x95f, 0x8, 0x0, 0x1000, 0x800, 0x0, 0xfff, 0xf2, 0x0, 0x3, 0xffff, 0x103, 0x0, 0x8000, 0x9, 0x4, 0xcc6, 0xffe01000, 0x22, 0xd56, 0xfffffff0, 0x3bb8, 0x10, 0x140, 0x81, 0x9, 0x40, 0x2, 0x2, 0x4, 0x3, 0x0, 0x3, 0xf, 0x0, 0xc527, 0x9, 0x8, 0x1, 0xffff86fd, 0x7, 0x2, 0x8, 0x3, 0x9, 0x5, 0x0, 0x4, 0xc12, 0x7f, 0x0, 0x0, 0x80000000, 0x6f3, 0x7, 0x9, 0x7, 0x9, 0x4, 0x2, 0xc9, 0xaf8, 0x3, 0x80000000, 0xad8c, 0x4, 0x2, 0xea9, 0x9, 0x5, 0x1, 0x4, 0x8, 0x5, 0x10000, 0x3, 0x7fb, 0xdbbb, 0x4, 0x2]}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000840)={[{@nomblk_io_submit}, {@noquota}]}, 0x1, 0x489, &(0x7f0000000d40)="$eJzs3M9vFFUcAPDv7Lblt62IP0AUFI1EY0sLKgcPYDTxoImJHvBm3RaCFGpoNUKIVg94NCTejUcT/gJPejHqycTEk94NCTFcQE9jZnem3V121/7YstT9fJKl783M9r0v773ue/M6DaBv7c/+SSK2R8TvETFcyzZesL/25daNS5W/b1yqJJGmb/6VVK+7eeNSpbi0eN+2IrPQeLze3IWLZyZnZqbP5/mx+bPvj81duPjs6bOTp6ZPTZ+bOHr0yOHxF56feK4rcWZ1urnn49m9u199+8rrlRNX3v3palLE3xDHh10pr+5b1ysXiSe7VcpdYkddOhnoYUVYkaxDZs01WB3/w1GOpcYbjlc+62nlgHWVpmm6qf3phRT4H0ui1zUAeiP/nE8iFirZGrh+Pd8Prh+vLYCyuG/lr9qZgSjl1ww2rW+7KVttnVj456vsFU33UwAA1sN3x2tfi7nf0vyj1HAX/1i+NzQSEfdGxM6IuC8idkXE/RHxQEQ8GBEP1b2n1b5Ps+ZNktvnP6VrqwpsmbL534v53lbj/K+Y/cVIOc/tqMY/mJw8PTN9KCLuiYiDMbgpy493KOP7l3/9ot25/XXzv+yVlV/MBfN6XBtoukE3NTk/uZaY613/NGLPQKv4k8WdgKwdd0fEnn2rK+P009/sbXfuv+PvoAv7TOnXEU/V2n8hmuIvJJ33J8c2x8z0obGiV9zu518uv1GXrQzXZdYUfxdk7b+1Zf9fjH8kqd+vnVt5GZf/+LztmmaZ/X+o/j1Z/x9K3qqmixMfTc7Pnx+PGEpey48fy483lle9bmLp+iz+gwdaj/+dsfQ/8XBEZJ34kYh4NCL25XV/LCIej4gDHeL/8aUn3lt9/PFOh2+9Zln8Uytq/7aJYm/7tlPlMz98Wz1TNNZIh/iTqJz4rbn9j1RTB/MjrX7+DTd2kehY0/Nr6c0AAACw8ZQiYnskpdHFdKk0Olr7ffldsbU0Mzs3/8zJ2Q/OTdWeERiJwVJxp2t48X5oLIzny/qr5Yjs/ESeL+6XHs7vG39Z3lLNj1ZmZ6ZqTwoAPbKtzfjP/Fnude2Aded5Lehfqx3/aZp+0uWqAHeYz3/oX8Y/9K1Si2NbmvId/kYAsJG1+vy3sIf+YP4P/cv4h/5l/EP/Mv6hL+VPwg8s5wH/dUtkP396V/rKE2l6Z8raHBENR4Z6H/tiIko9Kz16HfvKEkn+tzTSu6Q+y0tUq2wXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2PD+DQAA//+4s91W") 11.00660236s ago: executing program 4 (id=1004): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r1, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r2, &(0x7f0000000200)=ANY=[], 0x2e) 10.447313527s ago: executing program 3 (id=1009): r0 = socket$nl_route(0x10, 0x3, 0x0) mlockall(0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_SLAVE2={0x8, 0x2, r2}]}}}]}, 0x40}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000200)={@local, @broadcast, @val={@val={0x88a8, 0x7, 0x1, 0x1}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x88fb, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010104, @broadcast}, {0x100, 0x4e20, 0x8}}}}}, 0x0) 9.419792036s ago: executing program 4 (id=1010): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @remote}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) r4 = socket$inet(0x2, 0x3, 0xa) sendmmsg$inet(r4, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB], 0x20}}], 0x1, 0x24000004) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) unshare(0x62000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) r5 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="14000000f503010000000000000000000000000a1ab3f356090aa0076c14000000ed030100000000"], 0x28}}, 0x4010) 7.406770973s ago: executing program 3 (id=1011): syz_emit_ethernet(0x46, &(0x7f0000000240)={@broadcast, @dev, @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8100, 0x0, 0x1}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x3c, 0x0, 0xfffd, 0x4de, 0x0, 0x4, 0x0, @dev, @remote}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0xfdef) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70bd2c, 0x7fffe, {0x0, 0x0, 0x0, r6, {}, {0xf, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x20205, 0x1, 0xc}, 0xb, 0xffffffff, 0x32, 0x5, 0x7, 0x2, 0x9, 0x1, 0x1, 0x1, {0xffff1c72, 0x0, 0x7, 0xc, 0xfffffffa, 0x7583}}}}]}, 0x78}}, 0x8000) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x3, 0xd}, {}, {0x3, 0xfff1}}}, 0x24}}, 0x40004) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x2000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00) 5.431678313s ago: executing program 0 (id=1014): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32ef", 0x45}], 0x1, 0x0, 0x0, 0x7}, 0x20044810) 4.825683877s ago: executing program 0 (id=1015): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, 0x0, 0x0) mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4.544073789s ago: executing program 0 (id=1016): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 4.136329252s ago: executing program 0 (id=1017): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd502000000090001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x4000) r1 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x20}, 0x0) 3.384183266s ago: executing program 3 (id=1018): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000000206010200000000000000000700000014000780080011400000000005001500040000000500010006000000050005000200000005000400000000000900020073797a"], 0x60}, 0x1, 0x0, 0x0, 0x20004000}, 0x20004000) 3.074918664s ago: executing program 3 (id=1019): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="60000000020603000000000000830000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240ffffffff12000300686173683a6e6574"], 0x60}, 0x1, 0x0, 0x0, 0x4008801}, 0x0) 3.02394426s ago: executing program 0 (id=1020): openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) kcmp(r0, r0, 0x4, r2, 0xffffffffffffffff) io_setup(0x3, &(0x7f0000000180)) r3 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003040)=@deltfilter={0x24, 0x2d, 0x119, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffe0, 0x1}, {0xfff3, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrusage(0x1, &(0x7f0000000000)) syz_open_dev$tty1(0xc, 0x4, 0x2) 2.398424888s ago: executing program 3 (id=1021): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000f00)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000081007d60b7030000000000006a0a00fefdff0000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c3a1f59916ffc9bf0bd09279c362f80e5cf8df265e1b40e4c8ae7a89cf8bd819b5c0c000000008da68076774bb4db2c769937000090af27db5b56024dcbbbd2cb2000ce94284673b4e8d5467e357754508535766c801100000000b290a248a120c9c6e39f3052aae80677eeba68562eaeaea5fecf298ca20f274233106e2baf69b1c60f0ce4099f366b89ab63ecf772de7b265040b6b1acbef92b2704550a4d1dd5c50b7420b58a93fe94c756008afcd0b2eb785632e0a85f02a5a6474ae549070000000000001294fba0ed5020e6477cc921fee1f6d8ad6a80d0947cd6d4a561ced23b0b4a902be6af7ec2d1ba000057f301000000000000000000000000100000aaf253886c0b9f6d4731d714ad72e5ad8530a6380ed2d29f47f96a576cd20cef7ed95157ab050000f0077e9d13d8b93eb0f2c6f8941e35e1577c10e509c9b133c849eb709df5c6ba73cccdfa3c58bc5204339b0b487f0eeed581cb202900000d322717c338033213c18a34ee0ca2cf61efb4b3797a642735d6d482ba98d252f36c54333aab1aa736369392239820f5f1557b0bf7ccb0a5a13c714e0b1a5bc3f9caff3283076cda3d0b1a2905cf7bd04f2db530abcbe44bc40528ad807970727fb819afa14aad99f93093ced7dd51995edcf53b907228fa9e83433eedb4ac88d0285594ffb0d14e71d5c57f33702f22b22417bfb38d04c8441ceec8bcaffbe800aa41307bd8325a76f395bc9a8b0c9d905979f34adddb521914f92eed3d3e9de82942a952e86bd67aff5bc2e3c1fcc00f61124dd06df4b8fd356cb365adc037e443820c05c5db160087a9cf471e0eff227f25b2c5cacebfcd55f8c81f5eb1f8d615ca27efb2193bb61665b8ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50223517a07a3484124c5563cd3700000000001825b05a580ea8cb7f85b77b35a06a895b287b47efbe220bc215aca4a65d7018a7f91c4228b35f71a7c183360ab7a7b6b7870086d851ff861ee07bbec801b79afa477ebab255c7265820456fdc3f34f9d729315d856be7ec564613d5e28cf7c405d6e2b6aeb20000b8505a36a8067cb459fab87c8de118117733d30f4fe049658a2c3edd43546ead9c7882858868cff89a49a693731140db1b7b7116060c30690a39de8b3e0eb4f5401e8354870848c546f9defe1a9c534c9030830fec3eeb5faf1d64bb8e80000000f6ff0000000000000055d843352632b829ceb5200a2cdeb63c0bc7e835e061f9ac3c052b5b6f689bf203aeb8858be07691bc83e178181fab55e6ed9e8a17819de49564d0f0c00dd507441b80cd499c39c5d03d6c00cf5be5215bae09a4f52abf8f1c1add498470a0bb9d7ab757a8b28e4accc939b3621e4c2c9e02741c51eeeaad40cf2e1c3659d83ed71fc628807739d70edda93542445e3204828c49bef648efdc2208341357dd158f411d379df9b1feffbe7c7ee80558a040fa3d5a303f36d5c1a66d9644fc0559aa0e291355ee3de6c7a705b8f7b45bb825044b9a82a6fd2f6eeb14eee0c3f71eeea9984e14c57022ef72850b6dc5fda167d6f98f6c1c73feb424b7937e3c7ca0d2525efbdac50eb94797cf3747b83b56cfea8c74dd3f957dc462e715b789934b422b7ddf3e11a6ad6ad9afd5389c728d14"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3f, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xd3, 0x304, &(0x7f0000000040)="b90703600000f007049e0ff088471fffffe10ec53308633a77fbac141441e0022001be3e7d2a2007ff", 0x0, 0x104, 0xa000000, 0x0, 0xfeb9, &(0x7f0000000640)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea02f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7", &(0x7f0000000100)}, 0x28) 1.266074254s ago: executing program 4 (id=1022): shutdown(0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x200000000000000) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = io_uring_setup(0x1978, &(0x7f0000000040)={0x0, 0xca72, 0x1cc90, 0x0, 0x20002fb}) r3 = socket$inet(0x2, 0x80001, 0x84) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x1, {0x0, 0x0, 0x0, '\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x0, 0x100000}, 0x0, 0x0, 0x2000}}}}) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) 807.666446ms ago: executing program 4 (id=1023): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32ef", 0x45}], 0x1, 0x0, 0x0, 0x7}, 0x20044810) 700.312048ms ago: executing program 4 (id=1024): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d65b"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}, @NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 279.896988ms ago: executing program 3 (id=1025): r0 = socket$kcm(0x23, 0x5, 0x0) listen(r0, 0x800) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000200)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a7ef595105ea1698fa51f60a64c9f408000000e786a6d0bdbdc3d44bd70011b6c0504bb9189d9193e9bd00"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x240040c4) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r2, &(0x7f0000000040)={0x23, 0x0, 0x58}, 0x10) r3 = fcntl$dupfd(r2, 0x0, r2) write$tun(r3, &(0x7f0000000480)=ANY=[], 0x3db) accept4(r0, 0x0, 0x0, 0x80000) 61.302281ms ago: executing program 4 (id=1026): syz_emit_ethernet(0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x800082, &(0x7f0000000680)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030333737372c616c6c6f775f7574696d653d30303030303030332c000000000083ec4c0d6e84de0249d09f31ef580c3d00000000"], 0x1, 0x1b1, &(0x7f0000000240)="$eJzs3cFqE0EYB/Bv23UbxEPP4mHBi6egPkFUWiguCMoe9KRQvbQi2MvqqW/hG/gqvo7k1FskTmhoWcEetrvJ/n6XfOx/wnwzgcwpk/cPPp8cfzn79PPXj5hMsshnMYuLLPZjJ3YjOY8rstanAMDGuFgs4vci+Y/hz2+hJQCgYzc8/wGALeD8B4Dxcf4DwPi8efvu5bOqOnhdlpOI+XlTN3V6TfnhUXXwuPxrf/2uedPUu5f5k5SXV/M7cXeVP23Ni3j0MOXL7MWrKuV5GtHUe3Hc1vAs62AXAAAAAAAAAAAAAAAAAAAAAADgdk3LS633+0ynxT/yVB0eFatn1+/3yeN+3jJh0ckyAAAAAAAAAAAAAAAAAAAAYKOdfft+8uH09OPX4RbzYbQxtOJe55/g3mqGvle67cVynwfQxrWixy8lAAAAAAAAAAAAAAAAAAAYqfWPfvvuBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6s/7//+6K5Tw7fS8UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBR+xMAAP//+cFD/w==") bpf$MAP_CREATE(0x0, 0x0, 0x50) close(0x3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, 0x0) socket$inet6_icmp(0xa, 0x2, 0x3a) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, 0x0) 0s ago: executing program 0 (id=1027): syz_emit_ethernet(0x46, &(0x7f0000000240)={@broadcast, @dev, @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8100, 0x0, 0x1}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x3c, 0x0, 0xfffd, 0x4de, 0x0, 0x4, 0x0, @dev, @remote}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0xfdef) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70bd2c, 0x7fffe, {0x0, 0x0, 0x0, r6, {}, {0xf, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x20205, 0x1, 0xc}, 0xb, 0xffffffff, 0x32, 0x5, 0x7, 0x2, 0x9, 0x1, 0x1, 0x1, {0xffff1c72, 0x0, 0x7, 0xc, 0xfffffffa, 0x7583}}}}]}, 0x78}}, 0x8000) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x3, 0xd}, {}, {0x3, 0xfff1}}}, 0x24}}, 0x40004) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x2000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00) kernel console output (not intermixed with test programs): 266.715515][ T6275] bond0 (unregistering): Released all slaves [ 266.905542][ T5823] syz-executor: attempt to access beyond end of device [ 266.905542][ T5823] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 266.915401][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 266.915431][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 266.915461][ T5823] Call Trace: [ 266.915488][ T5823] [ 266.915499][ T5823] dump_stack_lvl+0xe8/0x150 [ 266.915544][ T5823] f2fs_stop_checkpoint+0x383/0x540 [ 266.915575][ T5823] f2fs_write_end_io+0x1274/0x1740 [ 266.915630][ T5823] __submit_merged_bio+0x256/0x6a0 [ 266.915663][ T5823] __submit_merged_write_cond+0x3c9/0x4e0 [ 266.915700][ T5823] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 266.915751][ T5823] f2fs_write_data_pages+0x287e/0x34f0 [ 266.915827][ T5823] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 266.915913][ T5823] ? do_raw_spin_lock+0x12b/0x2f0 [ 266.915954][ T5823] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 266.915983][ T5823] ? lockdep_hardirqs_on+0x7a/0x110 [ 266.916009][ T5823] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 266.916036][ T5823] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 266.916072][ T5823] ? reacquire_held_locks+0x104/0x190 [ 266.916107][ T5823] ? rt_spin_lock+0x1e0/0x400 [ 266.916149][ T5823] ? rt_spin_unlock+0x14f/0x200 [ 266.916188][ T5823] ? rt_spin_unlock+0x160/0x200 [ 266.916222][ T5823] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 266.916253][ T5823] do_writepages+0x32e/0x550 [ 266.916286][ T5823] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 266.916322][ T5823] ? rt_spin_unlock+0x14f/0x200 [ 266.916368][ T5823] filemap_fdatawrite+0x1ec/0x2f0 [ 266.916405][ T5823] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 266.916436][ T5823] ? __lock_acquire+0x6b5/0x2cf0 [ 266.916511][ T5823] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 266.916555][ T5823] ? rt_spin_unlock+0x160/0x200 [ 266.916591][ T5823] f2fs_sync_dirty_inodes+0x30e/0x830 [ 266.916639][ T5823] f2fs_write_checkpoint+0x9df/0x26a0 [ 266.916670][ T5823] ? lockdep_hardirqs_on+0x7a/0x110 [ 266.916730][ T5823] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 266.916812][ T5823] ? kfree+0x1c5/0x6c0 [ 266.916840][ T5823] ? __wake_up_common_lock+0x18a/0x1e0 [ 266.916868][ T5823] ? f2fs_stop_gc_thread+0x82/0xb0 [ 266.916912][ T5823] kill_f2fs_super+0x314/0x730 [ 266.916950][ T5823] ? __pfx_kill_f2fs_super+0x10/0x10 [ 266.916995][ T5823] ? lockdep_hardirqs_on+0x7a/0x110 [ 266.917037][ T5823] deactivate_locked_super+0xbc/0x130 [ 266.917072][ T5823] cleanup_mnt+0x437/0x4d0 [ 266.917106][ T5823] ? _raw_spin_unlock_irq+0x23/0x50 [ 266.917137][ T5823] task_work_run+0x1d9/0x270 [ 266.917174][ T5823] ? __pfx_task_work_run+0x10/0x10 [ 266.917215][ T5823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.917242][ T5823] exit_to_user_mode_loop+0xed/0x480 [ 266.917270][ T5823] ? rcu_is_watching+0x15/0xb0 [ 266.917306][ T5823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.917331][ T5823] do_syscall_64+0x33e/0xf80 [ 266.917357][ T5823] ? trace_irq_disable+0x3b/0x140 [ 266.917384][ T5823] ? clear_bhb_loop+0x40/0x90 [ 266.917412][ T5823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.917437][ T5823] RIP: 0033:0x7f4a728eda57 [ 266.917459][ T5823] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 266.917478][ T5823] RSP: 002b:00007ffd3f160628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 266.917508][ T5823] RAX: 0000000000000000 RBX: 00007f4a72982048 RCX: 00007f4a728eda57 [ 266.917523][ T5823] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd3f1606e0 [ 266.917537][ T5823] RBP: 00007ffd3f1606e0 R08: 00007ffd3f1616e0 R09: 00000000ffffffff [ 266.917552][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd3f161770 [ 266.917565][ T5823] R13: 00007f4a72982048 R14: 0000000000041053 R15: 00007ffd3f1617b0 [ 266.917604][ T5823] [ 266.917647][ T5823] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 267.790870][ T6534] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.097600][ T5141] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 271.200873][ T5141] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 271.210755][ T60] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 271.260045][ T60] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 271.267287][ T5141] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 271.308748][ T5141] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 271.318947][ T5141] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 271.334865][ T6927] loop4: detected capacity change from 0 to 16 [ 271.337511][ T60] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 271.338797][ T6927] erofs (device loop4): mounted with root inode @ nid 36. [ 271.356650][ T38] kauditd_printk_skb: 17 callbacks suppressed [ 271.356672][ T38] audit: type=1326 audit(1776513647.523:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356723][ T38] audit: type=1326 audit(1776513647.523:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356778][ T38] audit: type=1326 audit(1776513647.523:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356824][ T38] audit: type=1326 audit(1776513647.523:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356870][ T38] audit: type=1326 audit(1776513647.523:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356917][ T38] audit: type=1326 audit(1776513647.523:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.356963][ T38] audit: type=1326 audit(1776513647.523:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.357010][ T38] audit: type=1326 audit(1776513647.523:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.357056][ T38] audit: type=1326 audit(1776513647.523:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.357103][ T38] audit: type=1326 audit(1776513647.523:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6926 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 271.434619][ T60] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 271.769841][ T60] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 272.254494][ T6936] loop3: detected capacity change from 0 to 16 [ 272.270863][ T6936] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 272.431449][ T6934] loop4: detected capacity change from 0 to 4096 [ 272.546073][ T6934] EXT4-fs: inline encryption not supported [ 272.586337][ T6934] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 272.586364][ T6934] EXT4-fs (loop4): Test dummy encryption mode enabled [ 272.713888][ T6934] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a856c019, mo2=0003] [ 272.714018][ T6934] System zones: 0-5 [ 272.828904][ T6934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.981416][ T6934] EXT4-fs (loop4): shut down requested (0) [ 273.317925][ T6944] loop3: detected capacity change from 0 to 512 [ 273.357668][ T6944] EXT4-fs: Ignoring removed nobh option [ 273.533116][ T6944] EXT4-fs (loop3): orphan cleanup on readonly fs [ 273.740427][ T5835] Bluetooth: hci3: command tx timeout [ 273.743093][ T6944] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.263: ea_inode file size=4294967295 entry size=6 [ 273.743383][ T6944] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 273.831252][ T6944] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.263: corrupted inode contents [ 273.831289][ T6944] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 273.879073][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 273.879101][ C1] EXT4-fs (loop3): initial error at time 1776513650: ext4_do_update_inode:5690: inode 15 [ 273.879133][ C1] EXT4-fs (loop3): last error at time 1776513650: ext4_do_update_inode:5690: inode 15 [ 273.979256][ T5835] Bluetooth: hci6: command tx timeout [ 274.116070][ T6944] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #15: comm syz.3.263: mark_inode_dirty error [ 274.116105][ T6944] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 274.116769][ T6944] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.263: corrupted inode contents [ 274.116801][ T6944] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 274.122333][ T6944] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3001: inode #15: comm syz.3.263: mark_inode_dirty error [ 274.122430][ T6944] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 274.249233][ T6944] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3004: inode #15: comm syz.3.263: mark inode dirty (error -117) [ 274.249269][ T6944] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 274.316009][ T6944] EXT4-fs warning (device loop3): ext4_evict_inode:287: xattr delete (err -117) [ 274.316281][ T6944] EXT4-fs (loop3): 1 orphan inode deleted [ 274.320366][ T6944] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 274.451045][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.796932][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.943926][ T6968] loop3: detected capacity change from 0 to 256 [ 274.945966][ T6968] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 274.972562][ T6968] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 276.407560][ T5835] Bluetooth: hci3: command tx timeout [ 276.407597][ T5835] Bluetooth: hci6: command tx timeout [ 277.313079][ T6978] loop4: detected capacity change from 0 to 4096 [ 277.314476][ T6978] EXT4-fs: Ignoring removed i_version option [ 277.314498][ T6978] EXT4-fs: Ignoring removed oldalloc option [ 277.361067][ T6978] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 277.361093][ T6978] EXT4-fs (loop4): Test dummy encryption mode enabled [ 277.363319][ T6978] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 278.034860][ T6990] loop4: detected capacity change from 0 to 256 [ 279.023886][ T5835] Bluetooth: hci3: command tx timeout [ 279.024147][ T60] Bluetooth: hci6: command tx timeout [ 279.409791][ T6990] FAT-fs (loop4): Directory bread(block 64) failed [ 279.409829][ T6990] FAT-fs (loop4): Directory bread(block 65) failed [ 279.410008][ T6990] FAT-fs (loop4): Directory bread(block 66) failed [ 279.410034][ T6990] FAT-fs (loop4): Directory bread(block 67) failed [ 279.410138][ T6990] FAT-fs (loop4): Directory bread(block 68) failed [ 279.410164][ T6990] FAT-fs (loop4): Directory bread(block 69) failed [ 279.410275][ T6990] FAT-fs (loop4): Directory bread(block 70) failed [ 279.410300][ T6990] FAT-fs (loop4): Directory bread(block 71) failed [ 279.410441][ T6990] FAT-fs (loop4): Directory bread(block 72) failed [ 279.410466][ T6990] FAT-fs (loop4): Directory bread(block 73) failed [ 279.713042][ T6999] syz.0.273 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 279.738935][ T5486] 8021q: adding VLAN 0 to HW filter on device eth4 [ 281.620822][ T5835] Bluetooth: hci3: command tx timeout [ 281.620879][ T60] Bluetooth: hci6: command tx timeout [ 282.356171][ T7042] loop4: detected capacity change from 0 to 16 [ 282.358953][ T7042] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 283.571775][ T7046] loop4: detected capacity change from 0 to 4096 [ 283.576531][ T7046] EXT4-fs: Ignoring removed i_version option [ 283.576556][ T7046] EXT4-fs: Ignoring removed oldalloc option [ 284.652832][ T7046] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 284.652854][ T7046] EXT4-fs (loop4): Test dummy encryption mode enabled [ 284.653301][ T7046] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 284.936628][ T6275] hsr_slave_0: left promiscuous mode [ 285.012275][ T6275] hsr_slave_1: left promiscuous mode [ 285.013479][ T6275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.013505][ T6275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.071815][ T6275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.071844][ T6275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.123921][ T7058] loop3: detected capacity change from 0 to 256 [ 285.174009][ T7058] exfat: Deprecated parameter 'utf8' [ 285.273478][ T7058] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 285.404100][ T6275] veth1_macvtap: left promiscuous mode [ 285.404217][ T6275] veth0_macvtap: left promiscuous mode [ 285.404508][ T6275] veth1_vlan: left promiscuous mode [ 285.464469][ T6275] veth0_vlan: left promiscuous mode [ 285.584060][ T7062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.287'. [ 287.809954][ T6275] team0 (unregistering): Port device team_slave_1 removed [ 287.860822][ T6275] team0 (unregistering): Port device team_slave_0 removed [ 293.082905][ T7106] netlink: 4 bytes leftover after parsing attributes in process `syz.0.295'. [ 293.142164][ T7106] netlink: 28 bytes leftover after parsing attributes in process `syz.0.295'. [ 293.891577][ T6925] chnl_net:caif_netlink_parms(): no params data found [ 294.139671][ T6924] chnl_net:caif_netlink_parms(): no params data found [ 299.567362][ T5486] 8021q: adding VLAN 0 to HW filter on device eth5 [ 299.568318][ T6925] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.568652][ T6925] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.568984][ T6925] bridge_slave_0: entered allmulticast mode [ 299.640459][ T6925] bridge_slave_0: entered promiscuous mode [ 299.921067][ T6925] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.921499][ T6925] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.921805][ T6925] bridge_slave_1: entered allmulticast mode [ 299.960302][ T6925] bridge_slave_1: entered promiscuous mode [ 300.180951][ T6924] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.181288][ T6924] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.181633][ T6924] bridge_slave_0: entered allmulticast mode [ 300.222419][ T6924] bridge_slave_0: entered promiscuous mode [ 300.281874][ T6924] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.282271][ T6924] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.283827][ T6924] bridge_slave_1: entered allmulticast mode [ 300.313342][ T6924] bridge_slave_1: entered promiscuous mode [ 300.464972][ T6925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 300.650413][ T6925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 303.647834][ T6924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 303.841928][ T6924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 303.862337][ T6925] team0: Port device team_slave_0 added [ 303.958147][ T6925] team0: Port device team_slave_1 added [ 304.501198][ T6924] team0: Port device team_slave_0 added [ 304.929612][ T6924] team0: Port device team_slave_1 added [ 305.127583][ T7192] loop3: detected capacity change from 0 to 16 [ 305.167403][ T7192] erofs (device loop3): mounted with root inode @ nid 36. [ 305.419480][ T38] kauditd_printk_skb: 19 callbacks suppressed [ 305.419503][ T38] audit: type=1326 audit(1776513681.363:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419559][ T38] audit: type=1326 audit(1776513681.363:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419606][ T38] audit: type=1326 audit(1776513681.363:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419655][ T38] audit: type=1326 audit(1776513681.363:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419702][ T38] audit: type=1326 audit(1776513681.363:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419749][ T38] audit: type=1326 audit(1776513681.363:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419797][ T38] audit: type=1326 audit(1776513681.373:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419844][ T38] audit: type=1326 audit(1776513681.373:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419891][ T38] audit: type=1326 audit(1776513681.373:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 305.419939][ T38] audit: type=1326 audit(1776513681.373:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 306.737659][ T6925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 306.737672][ T6925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 306.737694][ T6925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 307.011794][ T5839] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 307.172820][ T5839] usb 4-1: config 0 interface 0 has no altsetting 0 [ 307.172864][ T5839] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 307.172889][ T5839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.230830][ T5839] usb 4-1: config 0 descriptor?? [ 307.457913][ T6925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 307.458161][ T6925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 307.458195][ T6925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 307.822559][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.822604][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.822632][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.822659][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.822687][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.822715][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.826813][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.826850][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.826878][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x0 [ 307.826906][ T5839] ryos 0003:1E7D:31CE.0002: unknown main item tag 0x5 [ 307.828105][ T6924] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 307.828121][ T6924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 307.828153][ T6924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 307.854065][ T5839] ryos 0003:1E7D:31CE.0002: item fetching failed at offset 40/41 [ 307.865948][ T5839] ryos 0003:1E7D:31CE.0002: parse failed [ 307.871181][ T5839] ryos 0003:1E7D:31CE.0002: probe with driver ryos failed with error -22 [ 308.107958][ T5839] usb 4-1: USB disconnect, device number 7 [ 308.393218][ T6924] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 308.393237][ T6924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 308.393269][ T6924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 309.246504][ T7218] loop3: detected capacity change from 0 to 128 [ 309.282226][ T7218] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 309.341460][ T7218] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 310.517700][ T7225] loop4: detected capacity change from 0 to 16 [ 310.673462][ T7225] erofs (device loop4): mounted with root inode @ nid 36. [ 310.709549][ T38] kauditd_printk_skb: 94 callbacks suppressed [ 310.709570][ T38] audit: type=1326 audit(1776513686.883:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.709625][ T38] audit: type=1326 audit(1776513686.883:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.713564][ T38] audit: type=1326 audit(1776513686.893:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.713621][ T38] audit: type=1326 audit(1776513686.893:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.713671][ T38] audit: type=1326 audit(1776513686.893:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.713720][ T38] audit: type=1326 audit(1776513686.893:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.713783][ T38] audit: type=1326 audit(1776513686.893:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.859420][ T38] audit: type=1326 audit(1776513687.013:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 310.859490][ T38] audit: type=1326 audit(1776513687.013:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 311.689786][ T38] audit: type=1326 audit(1776513687.873:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 312.120422][ T6925] hsr_slave_0: entered promiscuous mode [ 312.128212][ T6925] hsr_slave_1: entered promiscuous mode [ 312.235281][ T7231] loop4: detected capacity change from 0 to 256 [ 312.238013][ T7231] exfat: Deprecated parameter 'utf8' [ 312.307441][ T7231] exFAT-fs (loop4): IO charset maccâ|roatian¹gid=0x000000000000000000000000000000000000 not found [ 315.586230][ T6924] hsr_slave_0: entered promiscuous mode [ 315.642072][ T6924] hsr_slave_1: entered promiscuous mode [ 315.695627][ T6924] debugfs: 'hsr0' already exists in 'hsr' [ 315.695652][ T6924] Cannot create hsr debugfs directory [ 319.081366][ T7275] sp0: Synchronizing with TNC [ 319.910580][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 319.910692][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.220053][ T5486] 8021q: adding VLAN 0 to HW filter on device eth6 [ 321.476033][ T7293] loop4: detected capacity change from 0 to 512 [ 321.652405][ T7293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 321.652558][ T7293] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 322.702347][ T7301] loop3: detected capacity change from 0 to 1024 [ 322.842508][ T7301] EXT4-fs (loop3): unsupported inode size: 143 [ 322.842537][ T7301] EXT4-fs (loop3): blocksize: 1024 [ 323.081647][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.365780][ T7307] loop3: detected capacity change from 0 to 16 [ 323.368584][ T7307] erofs (device loop3): mounted with root inode @ nid 36. [ 323.371305][ T7307] syz.3.341: attempt to access beyond end of device [ 323.371305][ T7307] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 323.384133][ T7307] syz.3.341: attempt to access beyond end of device [ 323.384133][ T7307] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 323.384536][ T7307] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 8192 [ 323.384572][ T7307] erofs (device loop3): read error -117 @ 1 of nid 89 [ 323.410238][ T38] kauditd_printk_skb: 40 callbacks suppressed [ 323.410260][ T38] audit: type=1800 audit(1776513699.563:424): pid=7307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.341" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 325.217358][ T7318] input: syz0 as /devices/virtual/input/input8 [ 326.299133][ T5942] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 326.449122][ T5942] usb 1-1: Using ep0 maxpacket: 8 [ 326.457399][ T5942] usb 1-1: unable to get BOS descriptor or descriptor too short [ 326.458475][ T5942] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 326.458513][ T5942] usb 1-1: can't read configurations, error -71 [ 328.218040][ T5486] 8021q: adding VLAN 0 to HW filter on device eth7 [ 329.074780][ T7360] loop3: detected capacity change from 0 to 512 [ 329.292719][ T7360] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 329.292831][ T7360] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 329.517343][ T7360] EXT4-fs (loop3): 1 truncate cleaned up [ 329.554164][ T7360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.641230][ T1282] bridge_slave_1: left allmulticast mode [ 329.641262][ T1282] bridge_slave_1: left promiscuous mode [ 329.641555][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.710204][ T7360] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #2: block 4: comm syz.3.348: lblock 0 mapped to illegal pblock 4 (length 1) [ 330.174819][ T1282] bridge_slave_0: left allmulticast mode [ 330.174852][ T1282] bridge_slave_0: left promiscuous mode [ 330.175147][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.332797][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.539457][ T1282] bridge_slave_1: left allmulticast mode [ 330.539488][ T1282] bridge_slave_1: left promiscuous mode [ 330.539750][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.752144][ T1282] bridge_slave_0: left allmulticast mode [ 330.752183][ T1282] bridge_slave_0: left promiscuous mode [ 330.752415][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.170302][ T7386] loop3: detected capacity change from 0 to 2048 [ 331.387879][ T7386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.388007][ T7386] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 331.468325][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 331.524755][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 331.527328][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 331.645418][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 331.662797][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 332.364905][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.531881][ T5835] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 332.538697][ T5835] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 332.555507][ T5835] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 332.565584][ T5835] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 332.607100][ T5835] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 334.411302][ T60] Bluetooth: hci4: command tx timeout [ 334.779513][ T60] Bluetooth: hci5: command tx timeout [ 336.459249][ T60] Bluetooth: hci4: command tx timeout [ 336.859235][ T60] Bluetooth: hci5: command tx timeout [ 337.019871][ T5832] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 337.710176][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.721617][ T5832] usb 4-1: unable to get BOS descriptor or descriptor too short [ 337.725501][ T5832] usb 4-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 337.725534][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.725557][ T5832] usb 4-1: Product: syz [ 337.725568][ T5832] usb 4-1: Manufacturer: syz [ 337.725579][ T5832] usb 4-1: SerialNumber: syz [ 337.790396][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.832698][ T1282] bond0 (unregistering): Released all slaves [ 338.298243][ T5832] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 338.360194][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.460075][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.504074][ T5832] usb 4-1: USB disconnect, device number 8 [ 338.541292][ T60] Bluetooth: hci4: command tx timeout [ 338.564351][ T1282] bond0 (unregistering): Released all slaves [ 338.646726][ T7414] udevd[7414]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 338.765428][ T5486] 8021q: adding VLAN 0 to HW filter on device eth8 [ 338.947874][ T60] Bluetooth: hci5: command tx timeout [ 340.492073][ T7422] loop4: detected capacity change from 0 to 512 [ 340.619337][ T60] Bluetooth: hci4: command tx timeout [ 340.880040][ T7422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.030172][ T60] Bluetooth: hci5: command tx timeout [ 341.214094][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.779342][ T7445] loop4: detected capacity change from 0 to 2048 [ 343.121198][ T7445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.121359][ T7445] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.104719][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.399505][ T1282] hsr_slave_0: left promiscuous mode [ 344.439368][ T1282] hsr_slave_1: left promiscuous mode [ 344.440582][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.497399][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.749190][ T1282] hsr_slave_0: left promiscuous mode [ 344.789201][ T1282] hsr_slave_1: left promiscuous mode [ 344.790352][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.810056][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 345.309160][ T5878] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 345.380796][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 345.420753][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 345.821770][ T5878] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 345.821803][ T5878] usb 1-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 345.821826][ T5878] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 345.821880][ T5878] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 345.821910][ T5878] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 345.825825][ T5878] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 345.825870][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 345.825917][ T5878] usb 1-1: Product: syz [ 345.825933][ T5878] usb 1-1: Manufacturer: syz [ 346.093331][ T5878] cdc_wdm 1-1:1.0: skipping garbage [ 346.093353][ T5878] cdc_wdm 1-1:1.0: skipping garbage [ 346.093906][ T5878] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 346.412841][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 346.449939][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 347.638145][ T5486] 8021q: adding VLAN 0 to HW filter on device eth9 [ 348.049203][ T5878] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 348.213528][ T5878] usb 4-1: unable to get BOS descriptor or descriptor too short [ 348.224324][ T7465] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 348.234378][ T5878] usb 4-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 348.234413][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.234434][ T5878] usb 4-1: Product: syz [ 348.234451][ T5878] usb 4-1: Manufacturer: syz [ 348.234467][ T5878] usb 4-1: SerialNumber: syz [ 348.652186][ T9] usb 1-1: USB disconnect, device number 11 [ 349.209925][ T5878] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 349.491728][ T5878] usb 4-1: USB disconnect, device number 9 [ 349.591929][ T7414] udevd[7414]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 351.239208][ T7489] loop3: detected capacity change from 0 to 256 [ 351.240521][ T7489] exfat: Deprecated parameter 'utf8' [ 351.240545][ T7489] exfat: Deprecated parameter 'utf8' [ 351.240624][ T7489] exfat: Deprecated parameter 'utf8' [ 351.548286][ T7489] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb63bdf5f, utbl_chksum : 0xe619d30d) [ 352.997193][ T7394] chnl_net:caif_netlink_parms(): no params data found [ 356.725177][ T7543] overlayfs: failed to clone upperpath [ 356.760565][ T7543] overlayfs: failed to clone upperpath [ 357.384882][ T7390] chnl_net:caif_netlink_parms(): no params data found [ 358.740420][ T7394] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.740840][ T7394] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.741166][ T7394] bridge_slave_0: entered allmulticast mode [ 358.777916][ T7394] bridge_slave_0: entered promiscuous mode [ 358.816859][ T6925] netdevsim netdevsim5: probe with driver netdevsim failed with error -12 [ 358.891904][ T7394] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.892185][ T7394] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.892506][ T7394] bridge_slave_1: entered allmulticast mode [ 358.968286][ T7394] bridge_slave_1: entered promiscuous mode [ 359.685115][ T7394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 360.831985][ T7394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 360.925655][ T7557] loop4: detected capacity change from 0 to 40427 [ 360.999549][ T7557] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 360.999580][ T7557] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 361.022402][ T7557] F2FS-fs (loop4): invalid crc value [ 361.144757][ T7390] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.145090][ T7390] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.145453][ T7390] bridge_slave_0: entered allmulticast mode [ 361.184202][ T7390] bridge_slave_0: entered promiscuous mode [ 362.202780][ T7390] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.203103][ T7390] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.203479][ T7390] bridge_slave_1: entered allmulticast mode [ 362.239711][ T7390] bridge_slave_1: entered promiscuous mode [ 362.632176][ T7557] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 363.758633][ T7557] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 363.758669][ T7557] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 368.992166][ T7588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.386'. [ 369.282728][ T7591] loop3: detected capacity change from 0 to 512 [ 369.394163][ T7591] EXT4-fs (loop3): 1 truncate cleaned up [ 369.397332][ T7591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.575233][ T7394] team0: Port device team_slave_0 added [ 369.636842][ T7588] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.792381][ T7588] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.976165][ T7394] team0: Port device team_slave_1 added [ 370.004807][ T7390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.179076][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.600635][ T7390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 374.357531][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 374.357550][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 374.357581][ T7394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 374.458072][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 374.458091][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 374.458123][ T7394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 374.513547][ T7390] team0: Port device team_slave_0 added [ 374.861161][ T7390] team0: Port device team_slave_1 added [ 375.759496][ T1282] bridge_slave_1: left allmulticast mode [ 375.759529][ T1282] bridge_slave_1: left promiscuous mode [ 375.759822][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.846687][ T1282] bridge_slave_0: left allmulticast mode [ 375.846721][ T1282] bridge_slave_0: left promiscuous mode [ 375.847003][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.084472][ T1282] bridge_slave_1: left allmulticast mode [ 376.084505][ T1282] bridge_slave_1: left promiscuous mode [ 376.084787][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.267493][ T1282] bridge_slave_0: left allmulticast mode [ 376.267523][ T1282] bridge_slave_0: left promiscuous mode [ 376.319847][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.580333][ T5839] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 376.741702][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 376.741742][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.741767][ T5839] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 376.741820][ T5839] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 376.741846][ T5839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.823777][ T5839] usb 5-1: config 0 descriptor?? [ 377.458116][ T7653] overlayfs: failed to clone lowerpath [ 377.977299][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 379.942103][ T5942] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 380.707338][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 380.768528][ T5839] hid_parser_main: 11 callbacks suppressed [ 380.768555][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768601][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768629][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768662][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768689][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768717][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768745][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768774][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768801][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.768830][ T5839] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 380.791889][ T1282] bond0 (unregistering): Released all slaves [ 380.977119][ T5839] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 381.090025][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 381.137480][ T7661] loop3: detected capacity change from 0 to 16 [ 381.180612][ T7661] erofs (device loop3): mounted with root inode @ nid 36. [ 381.199104][ T38] audit: type=1326 audit(1776513757.373:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.200384][ T38] audit: type=1326 audit(1776513757.383:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.200438][ T38] audit: type=1326 audit(1776513757.383:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.201186][ T38] audit: type=1326 audit(1776513757.383:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.201240][ T38] audit: type=1326 audit(1776513757.383:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.201805][ T38] audit: type=1326 audit(1776513757.383:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.204183][ T38] audit: type=1326 audit(1776513757.383:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.220623][ T38] audit: type=1326 audit(1776513757.383:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.220779][ T38] audit: type=1326 audit(1776513757.383:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.242967][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 381.271405][ T38] audit: type=1326 audit(1776513757.403:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a728ec819 code=0x7ffc0000 [ 381.482423][ T1282] bond0 (unregistering): Released all slaves [ 381.834329][ T5839] usb 5-1: USB disconnect, device number 18 [ 382.900754][ T7390] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 382.900774][ T7390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 382.900806][ T7390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 383.091278][ T7394] hsr_slave_0: entered promiscuous mode [ 383.115851][ T7394] hsr_slave_1: entered promiscuous mode [ 383.127181][ T7394] debugfs: 'hsr0' already exists in 'hsr' [ 383.127210][ T7394] Cannot create hsr debugfs directory [ 383.155117][ T7390] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 383.155136][ T7390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 383.155168][ T7390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 383.918785][ T7390] hsr_slave_0: entered promiscuous mode [ 383.933167][ T7390] hsr_slave_1: entered promiscuous mode [ 383.947398][ T7390] debugfs: 'hsr0' already exists in 'hsr' [ 383.947427][ T7390] Cannot create hsr debugfs directory [ 384.254670][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.254785][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.316989][ T7683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.405'. [ 387.314056][ T1282] hsr_slave_0: left promiscuous mode [ 387.409739][ T1282] hsr_slave_1: left promiscuous mode [ 387.421597][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 387.439705][ T37] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 387.721015][ T7704] overlayfs: failed to clone lowerpath [ 388.150220][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 388.722939][ T37] usb 4-1: unable to get BOS descriptor or descriptor too short [ 388.729283][ T37] usb 4-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 388.729318][ T37] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 388.729342][ T37] usb 4-1: Product: syz [ 388.729358][ T37] usb 4-1: Manufacturer: syz [ 388.729374][ T37] usb 4-1: SerialNumber: syz [ 389.403073][ T1282] hsr_slave_0: left promiscuous mode [ 389.439335][ T1282] hsr_slave_1: left promiscuous mode [ 389.441684][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 389.480251][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 389.491893][ T7695] loop3: detected capacity change from 0 to 4096 [ 389.506611][ T7695] EXT4-fs: Ignoring removed orlov option [ 389.515628][ T7695] EXT4-fs (loop3): Test dummy encryption mode enabled [ 389.572453][ T7695] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.707725][ T37] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 389.898274][ T37] usb 4-1: USB disconnect, device number 11 [ 389.919993][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 389.969947][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 390.305610][ T7642] udevd[7642]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 390.498354][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.559945][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 390.610438][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 391.729449][ T7724] loop4: detected capacity change from 0 to 16 [ 392.134070][ T7724] erofs (device loop4): mounted with root inode @ nid 36. [ 392.172868][ T38] kauditd_printk_skb: 61 callbacks suppressed [ 392.172887][ T38] audit: type=1326 audit(1776513768.333:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.172943][ T38] audit: type=1326 audit(1776513768.353:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.172992][ T38] audit: type=1326 audit(1776513768.353:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.173040][ T38] audit: type=1326 audit(1776513768.353:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.181831][ T38] audit: type=1326 audit(1776513768.353:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.181888][ T38] audit: type=1326 audit(1776513768.353:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.211202][ T38] audit: type=1326 audit(1776513768.393:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.438675][ T5829] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 392.454616][ T38] audit: type=1326 audit(1776513768.433:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.454677][ T38] audit: type=1326 audit(1776513768.433:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.454716][ T38] audit: type=1326 audit(1776513768.433:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.4.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 392.539275][ T5829] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 392.545143][ T5829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 392.581862][ T5141] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 392.585119][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 392.693950][ T5141] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 392.715973][ T5829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 392.745131][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 392.756510][ T5829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 392.806345][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 394.254703][ T7746] netlink: 16 bytes leftover after parsing attributes in process `syz.0.415'. [ 394.965016][ T60] Bluetooth: hci3: command tx timeout [ 395.019146][ T60] Bluetooth: hci6: command tx timeout [ 397.029150][ T60] Bluetooth: hci3: command tx timeout [ 397.107767][ T60] Bluetooth: hci6: command tx timeout [ 399.101709][ T60] Bluetooth: hci3: command tx timeout [ 399.304924][ T7785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.423'. [ 399.310730][ T60] Bluetooth: hci6: command tx timeout [ 399.409989][ T7785] netlink: 28 bytes leftover after parsing attributes in process `syz.0.423'. [ 400.907411][ T38] kauditd_printk_skb: 19 callbacks suppressed [ 400.907433][ T38] audit: type=1326 audit(1776513777.083:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 400.945562][ T38] audit: type=1326 audit(1776513777.083:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 400.945624][ T38] audit: type=1326 audit(1776513777.123:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 400.948672][ T38] audit: type=1326 audit(1776513777.123:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025137][ T38] audit: type=1326 audit(1776513777.123:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025198][ T38] audit: type=1326 audit(1776513777.133:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025248][ T38] audit: type=1326 audit(1776513777.133:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025297][ T38] audit: type=1326 audit(1776513777.173:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025346][ T38] audit: type=1326 audit(1776513777.203:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.025393][ T38] audit: type=1326 audit(1776513777.203:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7790 comm="syz.0.426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605e5cc819 code=0x7ffc0000 [ 401.183754][ T60] Bluetooth: hci3: command tx timeout [ 401.499174][ T60] Bluetooth: hci6: command tx timeout [ 401.737092][ T7729] chnl_net:caif_netlink_parms(): no params data found [ 402.471263][ T7824] loop4: detected capacity change from 0 to 2048 [ 402.555929][ T7824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.556088][ T7824] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 402.638055][ T7728] chnl_net:caif_netlink_parms(): no params data found [ 404.228177][ T7729] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.228506][ T7729] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.265019][ T7729] bridge_slave_0: entered allmulticast mode [ 404.314782][ T7729] bridge_slave_0: entered promiscuous mode [ 404.491934][ T7829] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 404.497602][ T7829] EXT4-fs (loop4): Remounting filesystem read-only [ 404.585288][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.622306][ T7729] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.622679][ T7729] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.623234][ T7729] bridge_slave_1: entered allmulticast mode [ 404.626803][ T7729] bridge_slave_1: entered promiscuous mode [ 405.055849][ T7729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 406.189222][ T1282] bridge_slave_1: left allmulticast mode [ 406.189248][ T1282] bridge_slave_1: left promiscuous mode [ 406.189494][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.250421][ T1282] bridge_slave_0: left allmulticast mode [ 406.250445][ T1282] bridge_slave_0: left promiscuous mode [ 406.250673][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 406.449370][ T1282] bridge_slave_1: left allmulticast mode [ 406.449394][ T1282] bridge_slave_1: left promiscuous mode [ 406.449615][ T1282] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.639002][ T7854] loop3: detected capacity change from 0 to 256 [ 407.598172][ T7854] FAT-fs (loop3): Directory bread(block 64) failed [ 407.598211][ T7854] FAT-fs (loop3): Directory bread(block 65) failed [ 407.598329][ T7854] FAT-fs (loop3): Directory bread(block 66) failed [ 407.598354][ T7854] FAT-fs (loop3): Directory bread(block 67) failed [ 407.598493][ T7854] FAT-fs (loop3): Directory bread(block 68) failed [ 407.598518][ T7854] FAT-fs (loop3): Directory bread(block 69) failed [ 407.598621][ T7854] FAT-fs (loop3): Directory bread(block 70) failed [ 407.598645][ T7854] FAT-fs (loop3): Directory bread(block 71) failed [ 407.598747][ T7854] FAT-fs (loop3): Directory bread(block 72) failed [ 407.598772][ T7854] FAT-fs (loop3): Directory bread(block 73) failed [ 407.665445][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.434'. [ 407.707696][ T1282] bridge_slave_0: left allmulticast mode [ 407.707721][ T1282] bridge_slave_0: left promiscuous mode [ 407.707908][ T1282] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.720021][ T7854] netlink: 28 bytes leftover after parsing attributes in process `syz.3.434'. [ 408.000148][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 408.080403][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.140957][ T1282] bond0 (unregistering): Released all slaves [ 408.289896][ T1282] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 408.370009][ T1282] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.431026][ T1282] bond0 (unregistering): Released all slaves [ 408.575045][ T7729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 408.995635][ T7728] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.996641][ T7728] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.996949][ T7728] bridge_slave_0: entered allmulticast mode [ 409.006431][ T7728] bridge_slave_0: entered promiscuous mode [ 409.040809][ T7729] team0: Port device team_slave_0 added [ 409.044726][ T7728] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.045161][ T7728] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.045509][ T7728] bridge_slave_1: entered allmulticast mode [ 409.077651][ T7728] bridge_slave_1: entered promiscuous mode [ 409.092922][ T7729] team0: Port device team_slave_1 added [ 409.296404][ T7728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.317148][ T7729] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 409.317165][ T7729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 409.317192][ T7729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 409.363209][ T37] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 409.396359][ T7728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.477896][ T7729] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 409.477910][ T7729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 409.477933][ T7729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 409.592836][ T37] usb 4-1: Using ep0 maxpacket: 32 [ 409.595206][ T37] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 409.595245][ T37] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.680491][ T37] usb 4-1: config 0 descriptor?? [ 409.707192][ T37] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 409.868824][ T7728] team0: Port device team_slave_0 added [ 411.528003][ T37] gspca_vc032x: reg_w err -110 [ 411.528028][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528040][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528051][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528061][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528071][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528080][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528091][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528101][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528111][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528121][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528131][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528141][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528151][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528160][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528170][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528190][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528201][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528211][ T37] gspca_vc032x: I2c Bus Busy Wait 00 [ 411.528220][ T37] gspca_vc032x: Unknown sensor... [ 411.528307][ T37] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 411.584185][ T7728] team0: Port device team_slave_1 added [ 411.944413][ T1282] hsr_slave_0: left promiscuous mode [ 412.001333][ T1282] hsr_slave_1: left promiscuous mode [ 412.003790][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.042528][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.049851][ T37] usb 4-1: USB disconnect, device number 12 [ 412.119192][ T1282] hsr_slave_0: left promiscuous mode [ 412.171152][ T1282] hsr_slave_1: left promiscuous mode [ 412.172304][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.378436][ T1282] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 413.400335][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 413.471614][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 414.197502][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.0.444'. [ 414.763844][ T7897] netlink: 28 bytes leftover after parsing attributes in process `syz.0.444'. [ 414.892931][ T1282] team0 (unregistering): Port device team_slave_1 removed [ 415.067452][ T1282] team0 (unregistering): Port device team_slave_0 removed [ 416.525490][ T7729] hsr_slave_0: entered promiscuous mode [ 416.545749][ T7729] hsr_slave_1: entered promiscuous mode [ 416.577896][ T7728] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 416.577911][ T7728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.577933][ T7728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 416.625142][ T7728] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 416.625156][ T7728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.625178][ T7728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.193800][ T7728] hsr_slave_0: entered promiscuous mode [ 417.196542][ T7728] hsr_slave_1: entered promiscuous mode [ 417.198927][ T7728] debugfs: 'hsr0' already exists in 'hsr' [ 417.261733][ T7728] Cannot create hsr debugfs directory [ 422.526112][ T7951] loop3: detected capacity change from 0 to 512 [ 422.653052][ T7951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.454: missing EA_INODE flag [ 422.653087][ T7951] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 422.656940][ T7951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.454: error while reading EA inode 12 err=-117 [ 422.656982][ T7951] loop3: lost filesystem error report for type 5 error -117 [ 422.657534][ T7951] EXT4-fs (loop3): 1 orphan inode deleted [ 422.715555][ T7951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.537108][ T7729] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 423.847168][ T7729] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 423.961093][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.989278][ T7729] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 425.659030][ T7729] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 425.982569][ T7729] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 426.124473][ T7975] loop4: detected capacity change from 0 to 16 [ 426.125689][ T7975] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 426.413023][ T60] Bluetooth: hci1: unexpected event for opcode 0x2023 [ 426.543536][ T7979] Zero length message leads to an empty skb [ 427.118127][ T7729] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 427.515605][ T7729] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 427.548650][ T7729] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 427.992053][ T7728] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 428.871622][ T7728] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 429.099483][ T7728] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 431.921036][ T7728] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 432.059483][ T7728] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 432.157159][ T7728] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 432.518461][ T7728] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 432.955847][ T7728] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 433.386312][ T8038] loop3: detected capacity change from 0 to 16 [ 433.405941][ T8038] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 436.815870][ T7729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 438.078025][ T7729] 8021q: adding VLAN 0 to HW filter on device team0 [ 438.351640][ T1165] bridge0: port 1(bridge_slave_0) entered blocking state [ 438.351810][ T1165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 438.861024][ T1290] bridge0: port 2(bridge_slave_1) entered blocking state [ 438.861280][ T1290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.821282][ T8104] loop3: detected capacity change from 0 to 16 [ 439.822436][ T8104] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 439.944193][ T7728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 441.626159][ T7728] 8021q: adding VLAN 0 to HW filter on device team0 [ 441.849970][ T772] bridge0: port 1(bridge_slave_0) entered blocking state [ 441.851723][ T772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 441.983479][ T1451] bridge0: port 2(bridge_slave_1) entered blocking state [ 441.983650][ T1451] bridge0: port 2(bridge_slave_1) entered forwarding state [ 442.893545][ T8121] loop3: detected capacity change from 0 to 4096 [ 442.912204][ T8121] EXT4-fs: Ignoring removed orlov option [ 442.967695][ T8121] EXT4-fs (loop3): Test dummy encryption mode enabled [ 443.096500][ T8121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.674762][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.894439][ T7729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 445.316191][ T8162] loop3: detected capacity change from 0 to 16 [ 445.331752][ T8162] erofs: Unknown parameter '0xffffffffffffffffÿÿ' [ 445.378005][ T7728] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 445.688812][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.688927][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.272799][ T8169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.492'. [ 446.281227][ T8169] netlink: 28 bytes leftover after parsing attributes in process `syz.0.492'. [ 448.435423][ T8188] loop4: detected capacity change from 0 to 4096 [ 448.442271][ T8188] EXT4-fs: Ignoring removed orlov option [ 448.556994][ T7729] veth0_vlan: entered promiscuous mode [ 448.572748][ T8188] EXT4-fs (loop4): Test dummy encryption mode enabled [ 448.738559][ T7729] veth1_vlan: entered promiscuous mode [ 448.837024][ T8188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.989367][ T7728] veth0_vlan: entered promiscuous mode [ 449.175605][ T8194] loop3: detected capacity change from 0 to 16 [ 449.178854][ T8194] erofs (device loop3): bogus i_mode (0) @ nid 34359738624 [ 449.281682][ T7728] veth1_vlan: entered promiscuous mode [ 449.408272][ T7729] veth0_macvtap: entered promiscuous mode [ 449.463969][ T7729] veth1_macvtap: entered promiscuous mode [ 449.533082][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.541953][ T7729] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 450.063938][ T7729] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 450.109158][ T821] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 450.243177][ T68] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.245657][ T68] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.268177][ T7728] veth0_macvtap: entered promiscuous mode [ 450.286109][ T68] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.290709][ T68] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.309054][ T821] usb 5-1: Using ep0 maxpacket: 8 [ 450.321735][ T821] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 450.321789][ T821] usb 5-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00 [ 450.321815][ T821] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.412046][ T821] usb 5-1: config 0 descriptor?? [ 450.416540][ T8198] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 450.561048][ T7728] veth1_macvtap: entered promiscuous mode [ 451.306816][ T821] usb 5-1: string descriptor 0 read error: -71 [ 451.307356][ T821] uclogic 0003:5543:0045.0004: failed retrieving string descriptor #200: -71 [ 451.307415][ T821] uclogic 0003:5543:0045.0004: failed retrieving pen parameters: -71 [ 451.307435][ T821] uclogic 0003:5543:0045.0004: failed probing pen v2 parameters: -71 [ 451.307498][ T821] uclogic 0003:5543:0045.0004: failed probing parameters: -71 [ 451.307633][ T821] uclogic 0003:5543:0045.0004: probe with driver uclogic failed with error -71 [ 452.358882][ T821] usb 5-1: USB disconnect, device number 19 [ 454.007178][ T5829] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 454.081418][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 454.117614][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 454.135264][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 454.320875][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 454.686533][ T60] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 454.711384][ T60] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 454.752756][ T60] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 454.774370][ T60] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 454.789807][ T60] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 455.133885][ T8233] loop4: detected capacity change from 0 to 256 [ 456.135030][ T8233] FAT-fs (loop4): Directory bread(block 64) failed [ 456.135070][ T8233] FAT-fs (loop4): Directory bread(block 65) failed [ 456.135185][ T8233] FAT-fs (loop4): Directory bread(block 66) failed [ 456.135217][ T8233] FAT-fs (loop4): Directory bread(block 67) failed [ 456.135328][ T8233] FAT-fs (loop4): Directory bread(block 68) failed [ 456.135355][ T8233] FAT-fs (loop4): Directory bread(block 69) failed [ 456.135460][ T8233] FAT-fs (loop4): Directory bread(block 70) failed [ 456.135485][ T8233] FAT-fs (loop4): Directory bread(block 71) failed [ 456.135588][ T8233] FAT-fs (loop4): Directory bread(block 72) failed [ 456.135612][ T8233] FAT-fs (loop4): Directory bread(block 73) failed [ 456.176600][ T8232] netlink: 4 bytes leftover after parsing attributes in process `syz.4.503'. [ 456.249998][ T8233] netlink: 28 bytes leftover after parsing attributes in process `syz.4.503'. [ 456.937082][ T5829] Bluetooth: hci4: command tx timeout [ 456.947628][ T5829] Bluetooth: hci5: command tx timeout [ 459.152503][ T60] Bluetooth: hci4: command tx timeout [ 459.152547][ T60] Bluetooth: hci5: command tx timeout [ 460.248900][ T8257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.508'. [ 461.437444][ T60] Bluetooth: hci4: command tx timeout [ 461.466829][ T5829] Bluetooth: hci5: command tx timeout [ 463.523832][ T5829] Bluetooth: hci4: command tx timeout [ 463.595604][ T5829] Bluetooth: hci5: command tx timeout [ 464.419637][ T8289] netlink: 8 bytes leftover after parsing attributes in process `syz.0.515'. [ 464.419686][ T8289] netlink: 8 bytes leftover after parsing attributes in process `syz.0.515'. [ 470.124528][ T8321] overlayfs: failed to clone lowerpath [ 473.599195][ T9] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 474.870241][ T9] usb 5-1: device not accepting address 20, error -71 [ 476.622197][ T8362] process 'syz.4.535' launched './file0' with NULL argv: empty string added [ 480.047993][ T8223] chnl_net:caif_netlink_parms(): no params data found [ 481.018658][ T8389] overlayfs: failed to clone lowerpath [ 481.515093][ T38] kauditd_printk_skb: 42 callbacks suppressed [ 481.515116][ T38] audit: type=1326 audit(1776513856.883:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515171][ T38] audit: type=1326 audit(1776513856.883:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515216][ T38] audit: type=1326 audit(1776513856.883:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515262][ T38] audit: type=1326 audit(1776513856.883:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515307][ T38] audit: type=1326 audit(1776513856.883:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515353][ T38] audit: type=1326 audit(1776513856.883:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515405][ T38] audit: type=1326 audit(1776513856.883:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515453][ T38] audit: type=1326 audit(1776513856.893:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515499][ T38] audit: type=1326 audit(1776513856.893:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 481.515549][ T38] audit: type=1326 audit(1776513856.893:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 482.017771][ T8226] chnl_net:caif_netlink_parms(): no params data found [ 487.339387][ T8426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.548'. [ 487.369583][ T38] kauditd_printk_skb: 51 callbacks suppressed [ 487.369606][ T38] audit: type=1326 audit(1776513863.483:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369664][ T38] audit: type=1326 audit(1776513863.483:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369714][ T38] audit: type=1326 audit(1776513863.483:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369764][ T38] audit: type=1326 audit(1776513863.483:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369812][ T38] audit: type=1326 audit(1776513863.483:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369878][ T38] audit: type=1326 audit(1776513863.483:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369929][ T38] audit: type=1326 audit(1776513863.483:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.369979][ T38] audit: type=1326 audit(1776513863.483:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.370027][ T38] audit: type=1326 audit(1776513863.483:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.370077][ T38] audit: type=1326 audit(1776513863.483:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d02f4c819 code=0x7ffc0000 [ 487.371191][ T40] bridge_slave_1: left allmulticast mode [ 487.371217][ T40] bridge_slave_1: left promiscuous mode [ 487.371522][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.223686][ T8432] overlayfs: failed to clone lowerpath [ 490.824686][ T40] bridge_slave_0: left allmulticast mode [ 490.824719][ T40] bridge_slave_0: left promiscuous mode [ 490.825007][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.570099][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 493.652263][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 493.675193][ T40] bond0 (unregistering): Released all slaves [ 493.919067][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.919353][ T8223] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.919673][ T8223] bridge_slave_0: entered allmulticast mode [ 493.997327][ T8223] bridge_slave_0: entered promiscuous mode [ 494.193502][ T8223] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.193883][ T8223] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.194237][ T8223] bridge_slave_1: entered allmulticast mode [ 494.350262][ T8223] bridge_slave_1: entered promiscuous mode [ 494.425332][ T8460] netlink: 28 bytes leftover after parsing attributes in process `syz.0.559'. [ 494.655924][ T5829] Bluetooth: hci1: connection err: -111 [ 496.349000][ T40] hsr_slave_0: left promiscuous mode [ 496.379148][ T40] hsr_slave_1: left promiscuous mode [ 496.390932][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 496.421759][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 498.153647][ T40] veth1_macvtap: left promiscuous mode [ 498.153756][ T40] veth0_macvtap: left promiscuous mode [ 498.154051][ T40] veth1_vlan: left promiscuous mode [ 498.154248][ T40] veth0_vlan: left promiscuous mode [ 499.092126][ T8485] netlink: 4 bytes leftover after parsing attributes in process `syz.4.566'. [ 499.159626][ T8487] netlink: 28 bytes leftover after parsing attributes in process `syz.4.566'. [ 500.019837][ T40] team0 (unregistering): Port device team_slave_1 removed [ 500.070151][ T40] team0 (unregistering): Port device team_slave_0 removed [ 500.270644][ T8226] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.270972][ T8226] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.271321][ T8226] bridge_slave_0: entered allmulticast mode [ 500.275499][ T8226] bridge_slave_0: entered promiscuous mode [ 500.355081][ T8223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 500.611430][ T8226] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.612529][ T8226] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.612866][ T8226] bridge_slave_1: entered allmulticast mode [ 500.616650][ T8226] bridge_slave_1: entered promiscuous mode [ 500.639888][ T8223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 502.701571][ T8226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 502.733679][ T8223] team0: Port device team_slave_0 added [ 502.763871][ T8226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 502.783525][ T8223] team0: Port device team_slave_1 added [ 503.562779][ T8226] team0: Port device team_slave_0 added [ 503.817710][ T8223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 503.817729][ T8223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 503.817792][ T8223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 504.143701][ T8226] team0: Port device team_slave_1 added [ 504.145986][ T8223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 504.146002][ T8223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 504.146028][ T8223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 504.365315][ T8513] netlink: 28 bytes leftover after parsing attributes in process `syz.0.575'. [ 504.365348][ T8513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.575'. [ 504.381102][ T8226] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 504.381121][ T8226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 504.381160][ T8226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 504.521706][ T8226] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 504.521726][ T8226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 504.521757][ T8226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 504.637283][ T8223] hsr_slave_0: entered promiscuous mode [ 504.646448][ T8223] hsr_slave_1: entered promiscuous mode [ 504.648721][ T8223] debugfs: 'hsr0' already exists in 'hsr' [ 504.648749][ T8223] Cannot create hsr debugfs directory [ 505.567967][ T8226] hsr_slave_0: entered promiscuous mode [ 505.574412][ T8226] hsr_slave_1: entered promiscuous mode [ 505.578586][ T8226] debugfs: 'hsr0' already exists in 'hsr' [ 505.578616][ T8226] Cannot create hsr debugfs directory [ 505.804005][ T5829] Bluetooth: hci1: unexpected event for opcode 0x2043 [ 505.853916][ T8528] fuse: fd is not a fuse device [ 506.909560][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.909676][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.416595][ T5486] 8021q: adding VLAN 0 to HW filter on device eth9 [ 511.565021][ T40] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 513.276388][ T40] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 513.607295][ T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 513.683258][ T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 513.684721][ T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 513.724201][ T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 513.728863][ T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 513.983091][ T40] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 514.513231][ T8589] netlink: 156 bytes leftover after parsing attributes in process `syz.4.593'. [ 514.761739][ T60] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 514.813150][ T60] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 514.814531][ T60] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 514.816347][ T60] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 514.851137][ T60] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 514.957904][ T40] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.929858][ T60] Bluetooth: hci3: command tx timeout [ 517.604677][ T60] Bluetooth: hci6: command tx timeout [ 518.018283][ T60] Bluetooth: hci3: command tx timeout [ 518.468526][ T8612] netlink: 'syz.4.599': attribute type 10 has an invalid length. [ 518.501898][ T60] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 518.596953][ T8612] team0: Device veth1_macvtap failed to register rx_handler [ 519.661478][ T60] Bluetooth: hci6: command tx timeout [ 520.059520][ T60] Bluetooth: hci3: command tx timeout [ 520.512441][ T8628] netlink: 28 bytes leftover after parsing attributes in process `syz.3.604'. [ 523.194472][ T60] Bluetooth: hci3: command tx timeout [ 524.211870][ T60] Bluetooth: hci6: command tx timeout [ 525.256620][ T8579] chnl_net:caif_netlink_parms(): no params data found [ 526.239224][ T5829] Bluetooth: hci6: command tx timeout [ 529.720444][ T40] bridge_slave_1: left allmulticast mode [ 529.720476][ T40] bridge_slave_1: left promiscuous mode [ 529.720787][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.020356][ T40] bridge_slave_0: left allmulticast mode [ 530.020379][ T40] bridge_slave_0: left promiscuous mode [ 530.020782][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.769968][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 534.850025][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 534.892476][ T40] bond0 (unregistering): Released all slaves [ 535.065944][ T8721] netlink: 596 bytes leftover after parsing attributes in process `syz.0.633'. [ 535.094711][ T8690] C: renamed from team_slave_0 (while UP) [ 535.151803][ T8690] netlink: 'syz.4.624': attribute type 2 has an invalid length. [ 535.151828][ T8690] netlink: 128 bytes leftover after parsing attributes in process `syz.4.624'. [ 535.151846][ T8690] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 535.338983][ T8716] netlink: 'syz.0.633': attribute type 29 has an invalid length. [ 535.695620][ T8590] chnl_net:caif_netlink_parms(): no params data found [ 535.793650][ T8719] netlink: 'syz.0.633': attribute type 29 has an invalid length. [ 536.086192][ T8726] netlink: 'syz.4.635': attribute type 29 has an invalid length. [ 536.919053][ T8725] netlink: 'syz.4.635': attribute type 29 has an invalid length. [ 537.778019][ T8579] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.778781][ T8579] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.791299][ T8579] bridge_slave_0: entered allmulticast mode [ 537.802272][ T8579] bridge_slave_0: entered promiscuous mode [ 539.472897][ T8771] xt_l2tp: missing protocol rule (udp|l2tpip) [ 539.681309][ T40] hsr_slave_0: left promiscuous mode [ 539.719096][ T40] hsr_slave_1: left promiscuous mode [ 539.720293][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 539.720320][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 540.822523][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 540.822553][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 541.918802][ T40] veth1_macvtap: left promiscuous mode [ 541.918962][ T40] veth0_macvtap: left promiscuous mode [ 541.919257][ T40] veth1_vlan: left promiscuous mode [ 541.919446][ T40] veth0_vlan: left promiscuous mode [ 544.259952][ T40] team0 (unregistering): Port device team_slave_1 removed [ 544.303340][ T40] team0 (unregistering): Port device team_slave_0 removed [ 546.845528][ T8579] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.845798][ T8579] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.846128][ T8579] bridge_slave_1: entered allmulticast mode [ 546.898893][ T8579] bridge_slave_1: entered promiscuous mode [ 548.857863][ T8579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 548.859767][ T8590] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.861187][ T8590] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.861541][ T8590] bridge_slave_0: entered allmulticast mode [ 548.879219][ T8590] bridge_slave_0: entered promiscuous mode [ 548.941316][ T8579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 548.942408][ T8590] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.942824][ T8590] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.943143][ T8590] bridge_slave_1: entered allmulticast mode [ 548.985541][ T8590] bridge_slave_1: entered promiscuous mode [ 550.285347][ T8579] team0: Port device team_slave_0 added [ 550.304401][ T8590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 550.349987][ T8579] team0: Port device team_slave_1 added [ 550.356140][ T8590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 550.487073][ T5829] Bluetooth: hci0: unexpected event for opcode 0x0000 [ 550.704778][ T8579] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 550.704798][ T8579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 550.704830][ T8579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 551.769985][ T8590] team0: Port device team_slave_0 added [ 551.772807][ T8579] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 551.772823][ T8579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 551.772849][ T8579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 552.226931][ T8590] team0: Port device team_slave_1 added [ 554.463284][ T5829] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 554.463461][ T5829] Bluetooth: hci0: Injecting HCI hardware error event [ 554.466140][ T5829] Bluetooth: hci0: hardware error 0x00 [ 555.459577][ T8590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 555.459596][ T8590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.459635][ T8590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 555.744170][ T8590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 555.744189][ T8590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.744222][ T8590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 556.124062][ T8579] hsr_slave_0: entered promiscuous mode [ 556.126593][ T8579] hsr_slave_1: entered promiscuous mode [ 556.542240][ T5829] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 557.497972][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.3.688'. [ 558.351526][ T8590] hsr_slave_0: entered promiscuous mode [ 558.358712][ T8590] hsr_slave_1: entered promiscuous mode [ 558.378593][ T8590] debugfs: 'hsr0' already exists in 'hsr' [ 558.378622][ T8590] Cannot create hsr debugfs directory [ 558.789211][ T40] bridge_slave_1: left allmulticast mode [ 558.789235][ T40] bridge_slave_1: left promiscuous mode [ 558.789447][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 558.872624][ T40] bridge_slave_0: left allmulticast mode [ 558.872657][ T40] bridge_slave_0: left promiscuous mode [ 558.872984][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.054874][ T8960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.698'. [ 559.069847][ T40] bridge_slave_1: left allmulticast mode [ 559.069879][ T40] bridge_slave_1: left promiscuous mode [ 559.070190][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 559.165273][ T40] bridge_slave_0: left allmulticast mode [ 559.165310][ T40] bridge_slave_0: left promiscuous mode [ 559.165619][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.245213][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'. [ 559.245240][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'. [ 561.712243][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 561.832051][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 561.851698][ T8992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.712'. [ 561.868606][ T8990] netlink: 8 bytes leftover after parsing attributes in process `syz.4.711'. [ 561.868624][ T8990] netlink: 8 bytes leftover after parsing attributes in process `syz.4.711'. [ 561.912491][ T40] bond0 (unregistering): Released all slaves [ 562.259305][ T8998] netlink: 'syz.4.715': attribute type 4 has an invalid length. [ 562.259330][ T8998] netlink: 152 bytes leftover after parsing attributes in process `syz.4.715'. [ 562.389971][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 562.510776][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 562.591012][ T40] bond0 (unregistering): Released all slaves [ 563.152765][ T8998] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 563.319601][ T9003] netlink: 72 bytes leftover after parsing attributes in process `syz.4.716'. [ 565.964924][ T9015] netlink: 12 bytes leftover after parsing attributes in process `syz.3.721'. [ 566.141912][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.723'. [ 566.141940][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.723'. [ 566.221182][ T40] hsr_slave_0: left promiscuous mode [ 566.262656][ T40] hsr_slave_1: left promiscuous mode [ 566.265436][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 566.301877][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 569.192878][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 569.192995][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 571.250390][ T40] hsr_slave_0: left promiscuous mode [ 571.318411][ T40] hsr_slave_1: left promiscuous mode [ 571.319631][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 571.351355][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 572.251852][ T40] team0 (unregistering): Port device team_slave_1 removed [ 572.311892][ T40] team0 (unregistering): Port device team_slave_0 removed [ 574.730372][ T40] team0 (unregistering): Port device team_slave_1 removed [ 574.769937][ T40] team0 (unregistering): Port device team_slave_0 removed [ 575.769180][ T60] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 575.837387][ T60] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 575.847669][ T60] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 575.936518][ T60] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 576.008835][ T60] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 576.385745][ T9083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'. [ 576.385773][ T9083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'. [ 577.166459][ T5829] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 577.193157][ T5829] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 577.258268][ T5829] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 577.273244][ T5829] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 577.338783][ T5829] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 580.304474][ T5829] Bluetooth: hci4: command tx timeout [ 580.318491][ T5829] Bluetooth: hci5: command tx timeout [ 582.361620][ T9118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.743'. [ 582.361639][ T9118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.743'. [ 582.379129][ T5829] Bluetooth: hci5: command tx timeout [ 582.379164][ T5829] Bluetooth: hci4: command tx timeout [ 582.789371][ T9119] warning: `syz.3.742' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 582.889690][ T9078] chnl_net:caif_netlink_parms(): no params data found [ 584.479515][ T60] Bluetooth: hci4: command tx timeout [ 584.479558][ T60] Bluetooth: hci5: command tx timeout [ 586.381276][ T9078] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.382960][ T9078] bridge0: port 1(bridge_slave_0) entered disabled state [ 586.383322][ T9078] bridge_slave_0: entered allmulticast mode [ 586.414845][ T9078] bridge_slave_0: entered promiscuous mode [ 586.441636][ T9078] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.441918][ T9078] bridge0: port 2(bridge_slave_1) entered disabled state [ 586.442180][ T9078] bridge_slave_1: entered allmulticast mode [ 586.467984][ T9078] bridge_slave_1: entered promiscuous mode [ 586.540085][ T5829] Bluetooth: hci5: command tx timeout [ 586.540121][ T5829] Bluetooth: hci4: command tx timeout [ 586.659576][ T9078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 586.700805][ T9160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.753'. [ 586.700824][ T9160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.753'. [ 586.702466][ T9078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 586.850548][ T9078] team0: Port device team_slave_0 added [ 586.868464][ T9078] team0: Port device team_slave_1 added [ 587.029762][ T9078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 587.029781][ T9078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 587.029812][ T9078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 591.215029][ T9078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 591.215048][ T9078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 591.215080][ T9078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 591.813747][ T9201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.762'. [ 591.813770][ T9201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.762'. [ 592.061220][ T9204] C: renamed from team_slave_0 (while UP) [ 592.095113][ T9204] netlink: 152 bytes leftover after parsing attributes in process `syz.0.763'. [ 592.132267][ T9078] hsr_slave_0: entered promiscuous mode [ 592.141854][ T9078] hsr_slave_1: entered promiscuous mode [ 592.153092][ T9078] debugfs: 'hsr0' already exists in 'hsr' [ 592.153113][ T9078] Cannot create hsr debugfs directory [ 592.153668][ T9095] chnl_net:caif_netlink_parms(): no params data found [ 592.324717][ T9214] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 595.340531][ T9225] overlayfs: failed to clone lowerpath [ 598.336050][ T9095] bridge0: port 1(bridge_slave_0) entered blocking state [ 598.337050][ T9095] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.337481][ T9095] bridge_slave_0: entered allmulticast mode [ 598.352698][ T9095] bridge_slave_0: entered promiscuous mode [ 598.409682][ T9095] bridge0: port 2(bridge_slave_1) entered blocking state [ 598.410107][ T9095] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.410507][ T9095] bridge_slave_1: entered allmulticast mode [ 598.414620][ T9095] bridge_slave_1: entered promiscuous mode [ 600.415946][ T9095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 600.663372][ T9095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 601.170665][ T9290] overlayfs: failed to clone lowerpath [ 601.737956][ T9095] team0: Port device team_slave_0 added [ 602.504741][ T9095] team0: Port device team_slave_1 added [ 602.953535][ T9095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 602.953555][ T9095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 602.953587][ T9095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 602.963635][ T9095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 602.963654][ T9095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 602.963685][ T9095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 604.089237][ T7034] bridge_slave_1: left allmulticast mode [ 604.089270][ T7034] bridge_slave_1: left promiscuous mode [ 604.089574][ T7034] bridge0: port 2(bridge_slave_1) entered disabled state [ 604.385583][ T7034] bridge_slave_0: left allmulticast mode [ 604.385616][ T7034] bridge_slave_0: left promiscuous mode [ 604.385898][ T7034] bridge0: port 1(bridge_slave_0) entered disabled state [ 604.807797][ T7034] bridge_slave_1: left allmulticast mode [ 604.807831][ T7034] bridge_slave_1: left promiscuous mode [ 604.808099][ T7034] bridge0: port 2(bridge_slave_1) entered disabled state [ 605.130800][ T7034] bridge_slave_0: left allmulticast mode [ 605.130831][ T7034] bridge_slave_0: left promiscuous mode [ 605.131105][ T7034] bridge0: port 1(bridge_slave_0) entered disabled state [ 605.923793][ T9359] overlayfs: failed to clone lowerpath [ 608.690660][ T7034] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 609.200023][ T7034] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 609.327541][ T7034] bond0 (unregistering): Released all slaves [ 609.635823][ T9393] netlink: 48 bytes leftover after parsing attributes in process `syz.4.813'. [ 609.991825][ T7034] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 610.479939][ T7034] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 610.542308][ T7034] bond0 (unregistering): Released all slaves [ 610.670618][ T9095] hsr_slave_0: entered promiscuous mode [ 610.672959][ T9095] hsr_slave_1: entered promiscuous mode [ 610.674872][ T9095] debugfs: 'hsr0' already exists in 'hsr' [ 610.674899][ T9095] Cannot create hsr debugfs directory [ 611.744285][ T7034] hsr_slave_0: left promiscuous mode [ 611.871802][ T9430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.826'. [ 611.936978][ T9434] netlink: 28 bytes leftover after parsing attributes in process `syz.3.826'. [ 612.019088][ T7034] hsr_slave_1: left promiscuous mode [ 612.020185][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 612.052646][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 613.459054][ T7034] hsr_slave_0: left promiscuous mode [ 613.500112][ T7034] hsr_slave_1: left promiscuous mode [ 613.501289][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 613.524629][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 614.069873][ T7034] team0 (unregistering): Port device team_slave_1 removed [ 614.133318][ T7034] team0 (unregistering): Port device team_slave_0 removed [ 614.962277][ T7034] team0 (unregistering): Port device team_slave_1 removed [ 615.489898][ T7034] team0 (unregistering): Port device team_slave_0 removed [ 621.020914][ T9078] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 621.190188][ T9078] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 621.214684][ T9078] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 621.479827][ T9078] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 621.507591][ T9078] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 621.574278][ T9078] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 623.554215][ T9078] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 623.731572][ T9078] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 624.414923][ T9552] netlink: 152 bytes leftover after parsing attributes in process `syz.4.853'. [ 624.510568][ T9095] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 624.547669][ T9555] netlink: 'syz.4.854': attribute type 10 has an invalid length. [ 624.567269][ T9095] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 624.589740][ T9555] syz_tun: entered promiscuous mode [ 624.824383][ T9555] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 624.824726][ T9095] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 625.890302][ T9095] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 625.920675][ T9095] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 626.008828][ T9095] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 626.046711][ T9095] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 626.085200][ T9095] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 626.465733][ T9555] netlink: 'syz.4.854': attribute type 10 has an invalid length. [ 626.648850][ T9555] 8021q: adding VLAN 0 to HW filter on device bond0 [ 626.653613][ T9555] team0: Port device bond0 added [ 627.034512][ T9574] overlayfs: failed to clone lowerpath [ 627.789773][ T9078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 628.114406][ T9078] 8021q: adding VLAN 0 to HW filter on device team0 [ 628.243438][ T1317] bridge0: port 1(bridge_slave_0) entered blocking state [ 628.244999][ T1317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 628.461763][ T9095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 628.495613][ T1317] bridge0: port 2(bridge_slave_1) entered blocking state [ 628.495789][ T1317] bridge0: port 2(bridge_slave_1) entered forwarding state [ 628.841773][ T9095] 8021q: adding VLAN 0 to HW filter on device team0 [ 629.457593][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 629.457850][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 629.654197][ T9583] netlink: 152 bytes leftover after parsing attributes in process `syz.4.862'. [ 629.753235][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.753350][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.022583][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 630.043285][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 630.748677][ T9095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 631.186678][ T9078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 631.839413][ T9624] overlayfs: failed to clone lowerpath [ 635.731033][ T9095] veth0_vlan: entered promiscuous mode [ 635.759954][ T9095] veth1_vlan: entered promiscuous mode [ 635.895570][ T9095] veth0_macvtap: entered promiscuous mode [ 635.923559][ T9095] veth1_macvtap: entered promiscuous mode [ 636.012508][ T9095] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 636.036571][ T9095] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 636.092366][ T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.092653][ T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.092697][ T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.092737][ T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.713839][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 636.798020][ T5829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 636.808786][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 636.816701][ T5829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 636.911014][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 637.865926][ T5829] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 637.884665][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 637.911234][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 637.940368][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 637.959029][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 639.645274][ T5829] Bluetooth: hci3: command tx timeout [ 640.324553][ T9674] overlayfs: failed to clone lowerpath [ 640.459319][ T5829] Bluetooth: hci4: command tx timeout [ 642.049126][ T5829] Bluetooth: hci3: command tx timeout [ 642.883076][ T5829] Bluetooth: hci4: command tx timeout [ 644.961195][ T5829] Bluetooth: hci3: command tx timeout [ 644.961231][ T5829] Bluetooth: hci4: command tx timeout [ 647.242789][ T60] Bluetooth: hci4: command tx timeout [ 647.242827][ T60] Bluetooth: hci3: command tx timeout [ 648.880140][ T9642] chnl_net:caif_netlink_parms(): no params data found [ 649.372866][ T9747] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 653.532356][ T9642] bridge0: port 1(bridge_slave_0) entered blocking state [ 653.532683][ T9642] bridge0: port 1(bridge_slave_0) entered disabled state [ 653.533007][ T9642] bridge_slave_0: entered allmulticast mode [ 653.537372][ T9642] bridge_slave_0: entered promiscuous mode [ 654.523159][ T9642] bridge0: port 2(bridge_slave_1) entered blocking state [ 654.523485][ T9642] bridge0: port 2(bridge_slave_1) entered disabled state [ 654.523841][ T9642] bridge_slave_1: entered allmulticast mode [ 654.534026][ T9642] bridge_slave_1: entered promiscuous mode [ 656.560065][ T9771] netlink: 'syz.3.910': attribute type 4 has an invalid length. [ 656.560089][ T9771] netlink: 17 bytes leftover after parsing attributes in process `syz.3.910'. [ 656.736243][ T9642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 656.751704][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.4.911'. [ 656.751742][ T9775] netlink: 'syz.4.911': attribute type 5 has an invalid length. [ 656.751758][ T9775] netlink: 12 bytes leftover after parsing attributes in process `syz.4.911'. [ 656.827105][ T9642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 657.085564][ T93] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 657.407778][ T93] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 659.188351][ T1317] bridge_slave_1: left allmulticast mode [ 659.188385][ T1317] bridge_slave_1: left promiscuous mode [ 659.188686][ T1317] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.547804][ T1317] bridge_slave_0: left allmulticast mode [ 659.547838][ T1317] bridge_slave_0: left promiscuous mode [ 659.548107][ T1317] bridge0: port 1(bridge_slave_0) entered disabled state [ 660.849383][ T9804] netlink: 4 bytes leftover after parsing attributes in process `syz.0.919'. [ 660.905260][ T9805] netlink: 28 bytes leftover after parsing attributes in process `syz.0.919'. [ 662.580845][ T1317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 662.660049][ T1317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 662.706227][ T1317] bond0 (unregistering): Released all slaves [ 662.739619][ T93] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 662.745292][ T9642] team0: Port device team_slave_0 added [ 662.747761][ T9656] chnl_net:caif_netlink_parms(): no params data found [ 662.962166][ T93] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.018055][ T9642] team0: Port device team_slave_1 added [ 663.371256][ T1317] hsr_slave_0: left promiscuous mode [ 663.409355][ T1317] hsr_slave_1: left promiscuous mode [ 663.410802][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 663.649103][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 665.342509][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.0.932'. [ 665.409935][ T9852] netlink: 28 bytes leftover after parsing attributes in process `syz.0.932'. [ 665.956529][ T1317] team0 (unregistering): Port device team_slave_1 removed [ 666.020012][ T1317] team0 (unregistering): Port device team_slave_0 removed [ 667.673893][ T9642] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 667.673917][ T9642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 667.673951][ T9642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 667.871191][ T9642] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 667.871210][ T9642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 667.871242][ T9642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 668.282689][ T9656] bridge0: port 1(bridge_slave_0) entered blocking state [ 668.283142][ T9656] bridge0: port 1(bridge_slave_0) entered disabled state [ 668.283495][ T9656] bridge_slave_0: entered allmulticast mode [ 668.315208][ T9656] bridge_slave_0: entered promiscuous mode [ 668.386905][ T9656] bridge0: port 2(bridge_slave_1) entered blocking state [ 668.394659][ T9656] bridge0: port 2(bridge_slave_1) entered disabled state [ 668.395054][ T9656] bridge_slave_1: entered allmulticast mode [ 668.419334][ T9656] bridge_slave_1: entered promiscuous mode [ 668.493468][ T9642] hsr_slave_0: entered promiscuous mode [ 668.495924][ T9642] hsr_slave_1: entered promiscuous mode [ 668.706296][ T9656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 668.806864][ T9656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 669.217267][ T9656] team0: Port device team_slave_0 added [ 669.264391][ T9656] team0: Port device team_slave_1 added [ 669.536811][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 669.536829][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 669.536855][ T9656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 669.698580][ T9901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.950'. [ 669.720656][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 669.720674][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 669.720711][ T9656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 669.881952][ T9901] netlink: 28 bytes leftover after parsing attributes in process `syz.3.950'. [ 670.653574][ T9656] hsr_slave_0: entered promiscuous mode [ 670.664378][ T9656] hsr_slave_1: entered promiscuous mode [ 670.680474][ T9656] debugfs: 'hsr0' already exists in 'hsr' [ 670.680504][ T9656] Cannot create hsr debugfs directory [ 671.797554][ T5486] 8021q: adding VLAN 0 to HW filter on device eth9 [ 674.102055][ T1317] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.321745][ T9955] netlink: 20 bytes leftover after parsing attributes in process `syz.4.966'. [ 674.788551][ T1317] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.031949][ T1317] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.612566][ T1317] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.907866][ T38] kauditd_printk_skb: 262 callbacks suppressed [ 677.907888][ T38] audit: type=1800 audit(1776514054.083:910): pid=9968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.972" name="bus" dev="tmpfs" ino=1652 res=0 errno=0 [ 678.093416][ T9977] netlink: 20 bytes leftover after parsing attributes in process `syz.3.975'. [ 679.118467][ T9993] overlayfs: failed to clone lowerpath [ 682.782826][T10019] netlink: 20 bytes leftover after parsing attributes in process `syz.4.984'. [ 682.919585][ T9896] Set syz1 is full, maxelem 65536 reached [ 682.955832][ T1317] bridge_slave_1: left allmulticast mode [ 682.955864][ T1317] bridge_slave_1: left promiscuous mode [ 682.956142][ T1317] bridge0: port 2(bridge_slave_1) entered disabled state [ 683.050879][ T1317] bridge_slave_0: left allmulticast mode [ 683.050911][ T1317] bridge_slave_0: left promiscuous mode [ 683.078982][ T1317] bridge0: port 1(bridge_slave_0) entered disabled state [ 683.217698][T10024] Set syz1 is full, maxelem 1023 reached [ 683.775519][T10048] netlink: 8 bytes leftover after parsing attributes in process `syz.3.997'. [ 684.502625][T10063] syz.4.1004 uses obsolete (PF_INET,SOCK_PACKET) [ 684.706696][ T1317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 684.762703][ T1317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 684.799131][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1007'. [ 684.825635][ T1317] bond0 (unregistering): Released all slaves [ 685.117326][T10077] netlink: 'syz.3.1009': attribute type 10 has an invalid length. [ 685.527043][T10081] overlayfs: failed to clone lowerpath [ 685.533876][T10076] bond0: entered promiscuous mode [ 685.533905][T10076] bond_slave_0: entered promiscuous mode [ 685.534268][T10076] bond_slave_1: entered promiscuous mode [ 685.538254][T10076] batadv0: entered promiscuous mode [ 685.542805][T10076] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 687.900041][T10077] syz_tun: entered promiscuous mode [ 687.918036][T10077] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 689.859143][ T1317] hsr_slave_0: left promiscuous mode [ 690.019000][ T1317] hsr_slave_1: left promiscuous mode [ 690.021492][ T1317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 690.021523][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 690.099820][ T1317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 690.099850][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 690.198209][ T1317] veth1_macvtap: left promiscuous mode [ 690.198316][ T1317] veth0_macvtap: left promiscuous mode [ 690.198646][ T1317] veth1_vlan: left promiscuous mode [ 690.198905][ T1317] veth0_vlan: left promiscuous mode [ 691.111679][ T1317] team0 (unregistering): Port device team_slave_1 removed [ 691.179140][ T1317] team0 (unregistering): Port device team_slave_0 removed [ 691.190063][ T1338] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.190175][ T1338] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.411271][T10118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1017'. [ 692.180611][T10128] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1018'. [ 692.470231][T10131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1019'. [ 692.846642][T10135] overlayfs: failed to clone lowerpath [ 694.675068][ T9642] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 695.014711][ T9642] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 695.043010][ T9642] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 695.180916][ T9642] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 695.185284][ T9642] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 695.236379][T10148] netlink: 'syz.3.1025': attribute type 2 has an invalid length. [ 695.695512][ T9642] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 695.747580][ T9642] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 695.814491][ T9642] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 696.404921][ C0] [ 696.404932][ C0] ====================================================== [ 696.404942][ C0] WARNING: possible circular locking dependency detected [ 696.404968][ C0] syzkaller #0 Not tainted [ 696.404980][ C0] ------------------------------------------------------ [ 696.404989][ C0] syz.3.1025/10147 is trying to acquire lock: [ 696.405002][ C0] ffff888062e55160 (slock-AF_PHONET/1){+.+.}-{3:3}, at: __sk_receive_skb+0x1bf/0x9e0 [ 696.405066][ C0] [ 696.405066][ C0] but task is already holding lock: [ 696.405073][ C0] ffff88807a8e62e0 (slock-AF_PHONET){+...}-{3:3}, at: __sk_receive_skb+0x1f1/0x9e0 [ 696.405121][ C0] [ 696.405121][ C0] which lock already depends on the new lock. [ 696.405121][ C0] [ 696.405129][ C0] [ 696.405129][ C0] the existing dependency chain (in reverse order) is: [ 696.405137][ C0] [ 696.405137][ C0] -> #1 (slock-AF_PHONET){+...}-{3:3}: [ 696.405166][ C0] rt_spin_lock+0x83/0x400 [ 696.405199][ C0] __sk_receive_skb+0x1f1/0x9e0 [ 696.405219][ C0] phonet_rcv+0x781/0xc40 [ 696.405244][ C0] process_backlog+0x5e1/0xc60 [ 696.405268][ C0] __napi_poll+0xab/0x550 [ 696.405289][ C0] net_rx_action+0x696/0xe00 [ 696.405305][ C0] handle_softirqs+0x1de/0x6d0 [ 696.405320][ C0] __local_bh_enable_ip+0x170/0x2b0 [ 696.405334][ C0] netif_rx+0xb9/0xf0 [ 696.405360][ C0] pn_send+0x62a/0x8e0 [ 696.405379][ C0] pn_skb_send+0x218/0x530 [ 696.405399][ C0] pipe_snd_status+0x1f1/0x320 [ 696.405420][ C0] pipe_do_rcv+0xf15/0x16a0 [ 696.405443][ C0] __sk_receive_skb+0x962/0x9e0 [ 696.405459][ C0] pep_do_rcv+0x685/0xaa0 [ 696.405480][ C0] __release_sock+0x2a9/0x3d0 [ 696.405502][ C0] release_sock+0x1be/0x290 [ 696.405518][ C0] pep_sock_accept+0xd47/0x11e0 [ 696.405540][ C0] pn_socket_accept+0xc1/0x310 [ 696.405558][ C0] do_accept+0x6ca/0x930 [ 696.405574][ C0] __sys_accept4+0x139/0x230 [ 696.405594][ C0] __x64_sys_accept4+0x9a/0xb0 [ 696.405611][ C0] do_syscall_64+0x15f/0xf80 [ 696.405627][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.405642][ C0] [ 696.405642][ C0] -> #0 (slock-AF_PHONET/1){+.+.}-{3:3}: [ 696.405666][ C0] __lock_acquire+0x15a5/0x2cf0 [ 696.405686][ C0] lock_acquire+0x106/0x350 [ 696.405704][ C0] rt_spin_lock_nested+0x81/0x3f0 [ 696.405726][ C0] __sk_receive_skb+0x1bf/0x9e0 [ 696.405742][ C0] pep_do_rcv+0x685/0xaa0 [ 696.405764][ C0] __sk_receive_skb+0x962/0x9e0 [ 696.405780][ C0] phonet_rcv+0x781/0xc40 [ 696.405799][ C0] process_backlog+0x5e1/0xc60 [ 696.405815][ C0] __napi_poll+0xab/0x550 [ 696.405829][ C0] net_rx_action+0x696/0xe00 [ 696.405845][ C0] handle_softirqs+0x1de/0x6d0 [ 696.405859][ C0] __local_bh_enable_ip+0x170/0x2b0 [ 696.405873][ C0] netif_rx+0xb9/0xf0 [ 696.405893][ C0] pn_send+0x62a/0x8e0 [ 696.405912][ C0] pn_skb_send+0x218/0x530 [ 696.405932][ C0] pep_sock_close+0x2c1/0x5b0 [ 696.405954][ C0] pn_socket_release+0x9b/0xc0 [ 696.405970][ C0] __sock_release+0xb9/0x250 [ 696.405983][ C0] sock_close+0x1c/0x30 [ 696.405995][ C0] __fput+0x461/0xa70 [ 696.406012][ C0] task_work_run+0x1d9/0x270 [ 696.406034][ C0] exit_to_user_mode_loop+0xed/0x480 [ 696.406053][ C0] do_syscall_64+0x33e/0xf80 [ 696.406068][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.406083][ C0] [ 696.406083][ C0] other info that might help us debug this: [ 696.406083][ C0] [ 696.406089][ C0] Possible unsafe locking scenario: [ 696.406089][ C0] [ 696.406095][ C0] CPU0 CPU1 [ 696.406100][ C0] ---- ---- [ 696.406105][ C0] lock(slock-AF_PHONET); [ 696.406115][ C0] lock(slock-AF_PHONET/1); [ 696.406129][ C0] lock(slock-AF_PHONET); [ 696.406141][ C0] lock(slock-AF_PHONET/1); [ 696.406154][ C0] [ 696.406154][ C0] *** DEADLOCK *** [ 696.406154][ C0] [ 696.406158][ C0] 7 locks held by syz.3.1025/10147: [ 696.406167][ C0] #0: ffff88806136f578 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x89/0x250 [ 696.406206][ C0] #1: ffff88807a8e5ad8 (sk_lock-AF_PHONET){+.+.}-{0:0}, at: pep_sock_close+0x86/0x5b0 [ 696.406250][ C0] #2: ffffffff8dfc8100 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 696.406286][ C0] #3: ffffffff8dfc8100 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x271/0xc60 [ 696.406323][ C0] #4: ffff88807a8e62e0 (slock-AF_PHONET){+...}-{3:3}, at: __sk_receive_skb+0x1f1/0x9e0 [ 696.406368][ C0] #5: ffffffff8dfc8100 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400 [ 696.406410][ C0] #6: ffff88807a8e6398 (sk_lock-AF_PHONET){+.+.}-{0:0}, at: phonet_rcv+0x781/0xc40 [ 696.406452][ C0] [ 696.406452][ C0] stack backtrace: [ 696.406473][ C0] CPU: 0 UID: 0 PID: 10147 Comm: syz.3.1025 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 696.406501][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 696.406518][ C0] Call Trace: [ 696.406527][ C0] [ 696.406534][ C0] dump_stack_lvl+0xe8/0x150 [ 696.406552][ C0] print_circular_bug+0x2e1/0x300 [ 696.406579][ C0] check_noncircular+0x12e/0x150 [ 696.406606][ C0] __lock_acquire+0x15a5/0x2cf0 [ 696.406628][ C0] ? try_to_take_rt_mutex+0x840/0xb00 [ 696.406661][ C0] ? __sk_receive_skb+0x1bf/0x9e0 [ 696.406677][ C0] lock_acquire+0x106/0x350 [ 696.406697][ C0] ? __sk_receive_skb+0x1bf/0x9e0 [ 696.406715][ C0] ? sk_filter_trim_cap+0x8f1/0xce0 [ 696.406743][ C0] rt_spin_lock_nested+0x81/0x3f0 [ 696.406767][ C0] ? __sk_receive_skb+0x1bf/0x9e0 [ 696.406784][ C0] ? __pfx_sk_filter_trim_cap+0x10/0x10 [ 696.406807][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 696.406827][ C0] ? __pfx_rt_spin_lock_nested+0x10/0x10 [ 696.406852][ C0] ? rt_spin_lock+0x1e0/0x400 [ 696.406877][ C0] __sk_receive_skb+0x1bf/0x9e0 [ 696.406898][ C0] pep_do_rcv+0x685/0xaa0 [ 696.406923][ C0] ? __pfx_pep_do_rcv+0x10/0x10 [ 696.406949][ C0] ? __pfx_pep_do_rcv+0x10/0x10 [ 696.406973][ C0] ? phonet_rcv+0x781/0xc40 [ 696.406994][ C0] __sk_receive_skb+0x962/0x9e0 [ 696.407015][ C0] phonet_rcv+0x781/0xc40 [ 696.407036][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 696.407058][ C0] ? __pfx_phonet_rcv+0x10/0x10 [ 696.407081][ C0] ? process_backlog+0x271/0xc60 [ 696.407100][ C0] ? process_backlog+0x271/0xc60 [ 696.407117][ C0] ? __pfx_phonet_rcv+0x10/0x10 [ 696.407139][ C0] process_backlog+0x5e1/0xc60 [ 696.407163][ C0] __napi_poll+0xab/0x550 [ 696.407180][ C0] net_rx_action+0x696/0xe00 [ 696.407203][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 696.407220][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 696.407240][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 696.407265][ C0] ? enqueue_to_backlog+0x340/0xcb0 [ 696.407284][ C0] handle_softirqs+0x1de/0x6d0 [ 696.407304][ C0] __local_bh_enable_ip+0x170/0x2b0 [ 696.407321][ C0] netif_rx+0xb9/0xf0 [ 696.407349][ C0] pn_send+0x62a/0x8e0 [ 696.407373][ C0] pn_skb_send+0x218/0x530 [ 696.407396][ C0] pep_sock_close+0x2c1/0x5b0 [ 696.407421][ C0] pn_socket_release+0x9b/0xc0 [ 696.407440][ C0] __sock_release+0xb9/0x250 [ 696.407455][ C0] ? __pfx_sock_close+0x10/0x10 [ 696.407469][ C0] sock_close+0x1c/0x30 [ 696.407482][ C0] __fput+0x461/0xa70 [ 696.407504][ C0] task_work_run+0x1d9/0x270 [ 696.407527][ C0] ? __pfx_task_work_run+0x10/0x10 [ 696.407553][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.407569][ C0] exit_to_user_mode_loop+0xed/0x480 [ 696.407588][ C0] ? rcu_is_watching+0x15/0xb0 [ 696.407611][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.407628][ C0] do_syscall_64+0x33e/0xf80 [ 696.407644][ C0] ? trace_irq_disable+0x3b/0x140 [ 696.407662][ C0] ? clear_bhb_loop+0x40/0x90 [ 696.407680][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.407696][ C0] RIP: 0033:0x7f4a728ec819 [ 696.407711][ C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 696.407725][ C0] RSP: 002b:00007ffd3f161518 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 696.407741][ C0] RAX: 0000000000000000 RBX: 00007f4a72b67da0 RCX: 00007f4a728ec819 [ 696.407752][ C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 696.407761][ C0] RBP: 00007f4a72b67da0 R08: 0000000000000006 R09: 0000000000000000 [ 696.407771][ C0] R10: 00007f4a72b67cb0 R11: 0000000000000246 R12: 00000000000a9d52 [ 696.407782][ C0] R13: 00007f4a72b6618c R14: 00000000000a9c0a R15: 00007ffd3f161620 [ 696.407800][ C0] [ 697.349277][ T9656] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 697.393078][ T9656] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 697.394687][ T9656] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 697.432506][ T9656] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 697.434335][ T9656] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 697.474711][ T9656] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 697.475631][ T9656] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 697.512342][ T9656] 8021q: adding VLAN 0 to HW filter on device netdevsim3 SYZFAIL: failed to send rpc fd=3 want=5368 sent=0 n=-1 (errno 32: Broken pipe) [ 697.598954][ T9656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 697.654865][ T9656] 8021q: adding VLAN 0 to HW filter on device team0 [ 697.734122][ T6275] bridge0: port 1(bridge_slave_0) entered blocking state [ 697.734222][ T6275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 697.813247][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1028'. [ 697.815514][ T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 697.851323][ T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 697.867959][ T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 697.941787][ T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 697.943889][ T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 698.531696][ T9902] bond0: (slave syz_tun): Releasing backup interface [ 699.240654][T10181] bond0: (slave syz_tun): Releasing backup interface [ 699.979132][ T60] Bluetooth: hci3: command tx timeout [ 700.110498][T10178] chnl_net:caif_netlink_parms(): no params data found [ 700.329800][T10178] bridge0: port 1(bridge_slave_0) entered blocking state [ 700.330119][T10178] bridge0: port 1(bridge_slave_0) entered disabled state [ 700.330357][T10178] bridge_slave_0: entered allmulticast mode [ 700.331995][T10178] bridge_slave_0: entered promiscuous mode [ 700.340729][T10178] bridge0: port 2(bridge_slave_1) entered blocking state [ 700.341595][T10178] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.342721][T10178] bridge_slave_1: entered allmulticast mode [ 700.346205][T10178] bridge_slave_1: entered promiscuous mode [ 700.407411][T10178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 700.418215][T10178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 700.452792][T10178] team0: Port device team_slave_0 added [ 700.471871][T10178] team0: Port device team_slave_1 added [ 700.511573][T10178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 700.511587][T10178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 700.511609][T10178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 700.529138][T10178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 700.529157][T10178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 700.529188][T10178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 700.652622][T10178] hsr_slave_0: entered promiscuous mode [ 700.653926][T10178] hsr_slave_1: entered promiscuous mode [ 700.654994][T10178] debugfs: 'hsr0' already exists in 'hsr' [ 700.655018][T10178] Cannot create hsr debugfs directory [ 700.729206][ T1317] bridge_slave_1: left allmulticast mode [ 700.729234][ T1317] bridge_slave_1: left promiscuous mode [ 700.729425][ T1317] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.789560][ T1317] bridge_slave_0: left allmulticast mode [ 700.789582][ T1317] bridge_slave_0: left promiscuous mode [ 700.789734][ T1317] bridge0: port 1(bridge_slave_0) entered disabled state [ 701.049594][ T1317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 701.129671][ T1317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 701.191281][ T1317] bond0 (unregistering): Released all slaves [ 701.659511][ T1317] hsr_slave_0: left promiscuous mode [ 701.679077][ T1317] hsr_slave_1: left promiscuous mode [ 701.679835][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 701.719896][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 702.029567][ T1317] team0 (unregistering): Port device team_slave_1 removed [ 702.059305][ T60] Bluetooth: hci3: command tx timeout [ 702.079599][ T1317] team0 (unregistering): Port device team_slave_0 removed [ 702.685745][ T5486] 8021q: adding VLAN 0 to HW filter on device eth9 [ 703.087416][T10178] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 703.113168][T10178] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 703.114180][T10178] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 703.152803][T10178] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 703.190844][T10178] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 703.233308][T10178] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 703.236757][T10178] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 703.275485][T10178] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 703.394583][T10178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 703.417756][T10178] 8021q: adding VLAN 0 to HW filter on device team0 [ 703.574696][ T7034] bridge0: port 1(bridge_slave_0) entered blocking state [ 703.574808][ T7034] bridge0: port 1(bridge_slave_0) entered forwarding state [ 703.594050][ T5985] bridge0: port 2(bridge_slave_1) entered blocking state [ 703.594129][ T5985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 704.139218][ T60] Bluetooth: hci3: command tx timeout [ 704.270968][T10178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 704.600659][ T1317] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 704.600689][ T1317] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.840635][ T1317] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 704.840684][ T1317] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.884624][T10178] veth0_vlan: entered promiscuous mode [ 704.912385][T10178] veth1_vlan: entered promiscuous mode [ 705.080719][ T1317] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.080749][ T1317] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 705.121907][ T5486] 8021q: adding VLAN 0 to HW filter on device eth9 [ 705.158701][T10178] veth0_macvtap: entered promiscuous mode [ 705.175475][T10178] veth1_macvtap: entered promiscuous mode [ 705.320772][ T1317] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.320812][ T1317] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 705.398027][T10178] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 705.424801][T10178] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 705.452942][ T5985] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.464885][ T5985] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.465063][ T5985] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.465950][ T5985] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.661832][ T5486] 8021q: adding VLAN 0 to HW filter on device eth10 [ 705.665616][T10178] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 705.823641][ T1317] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 705.884076][ T7034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.884099][ T7034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 705.886724][T10178] ieee80211 phy15: Selected rate control algorithm 'minstrel_ht' [ 706.070658][ T1317] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.111775][ T7034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 706.111798][ T7034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 706.220247][ T60] Bluetooth: hci3: command tx timeout [ 706.331187][ T1317] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0