last executing test programs: 10m2.337397846s ago: executing program 3 (id=295): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_TABLE(r0, 0x0, 0xcf, &(0x7f0000000040)=0xfc, 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0xc, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c) 10m2.195255194s ago: executing program 3 (id=296): r0 = socket$netlink(0x10, 0x3, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x40, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r2, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 10m2.084182601s ago: executing program 3 (id=298): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x100}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ftruncate(r0, 0x8008976) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fstat(r0, &(0x7f00000000c0)) mmap(&(0x7f00003b3000/0x2000)=nil, 0x2000, 0x200000b, 0x204031, 0xffffffffffffffff, 0x711c4000) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x820000, &(0x7f0000000100)={{}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@default_permissions}, {@default_permissions}, {@blksize={'blksize', 0x3d, 0x800}}, {@allow_other}]}}, 0x1, 0x0, &(0x7f0000000200)="4864999e867d75f37ac12cfc8431bb5983c74dcf0e1d824677644663545b490d16e555fc093c0d7c5ce448ca1c5bd7718acd481a972fd1ebe315a1ef2f410590b264be5a5a2d5640ac198e16733f067f5d6a1069693272611dd7d3d6aa279dbc43246ef44bcfbb48c630ec887d6dde59267082b5104820256b3f1c838220e3") open_tree(r1, &(0x7f0000000080)='./file0\x00', 0x1000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) 10m0.898632511s ago: executing program 3 (id=308): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5291, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x500, 0x40) open_tree(r0, &(0x7f0000000300)='\x00', 0x89901) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x800000, 0x0) 9m59.870284432s ago: executing program 3 (id=315): fsmount(0xffffffffffffffff, 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) openat$dir(0xffffffffffffff9c, 0x0, 0x458081, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0) r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 9m59.447505386s ago: executing program 2 (id=322): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18) write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xfff9, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x20, 0x8}}, 0x50) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@loose}], [], 0x6b}}) r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_fuse_handle_req(r3, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x800) 9m59.360712531s ago: executing program 3 (id=323): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) write$cgroup_devices(0xffffffffffffffff, 0x0, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0x1, 0x1009, 0x7f}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x4}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000051}, 0x4000) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e22, 0x80, @empty, 0x5d4e}}, 0x2, 0x2, 0x614, 0x4, 0xd, 0x7, 0x4}, 0x9c) 9m59.093312897s ago: executing program 32 (id=323): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) write$cgroup_devices(0xffffffffffffffff, 0x0, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0x1, 0x1009, 0x7f}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x4}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000051}, 0x4000) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e22, 0x80, @empty, 0x5d4e}}, 0x2, 0x2, 0x614, 0x4, 0xd, 0x7, 0x4}, 0x9c) 9m59.089277308s ago: executing program 2 (id=326): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f0000000580)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0xfffa, 0x5}, &(0x7f0000000100)=0x8) 9m59.002090983s ago: executing program 2 (id=328): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = gettid() timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000001340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffeffffffffffffa]}, 0x8, 0x0) r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd=r2, 0x7, 0x0}) io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a01"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 9m58.810618414s ago: executing program 2 (id=330): r0 = socket(0x10, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") getdents(0xffffffffffffffff, 0x0, 0x0) write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) creat(&(0x7f0000000100)='./bus\x00', 0x44) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100)='./file0/file0\x00') 9m57.873730719s ago: executing program 2 (id=335): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) 9m56.548787307s ago: executing program 2 (id=341): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507faff15300000d60600000ee60090bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a67267c631052bd7333769a4b8d19d4794357edce762e8136ab9d7ed34a72baffd849b90579b96b3"], &(0x7f0000000100)='GPL\x00'}, 0x48) 9m56.385225127s ago: executing program 33 (id=341): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507faff15300000d60600000ee60090bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a67267c631052bd7333769a4b8d19d4794357edce762e8136ab9d7ed34a72baffd849b90579b96b3"], &(0x7f0000000100)='GPL\x00'}, 0x48) 16.868798096s ago: executing program 6 (id=2490): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$caif_seqpacket(0x25, 0x5, 0x3) recvmmsg(r3, &(0x7f0000004040)=[{{0x0, 0x0, 0x0}, 0xf}], 0x1, 0x40010021, 0x0) 15.644691788s ago: executing program 6 (id=2493): r0 = socket$kcm(0x2, 0x5, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x25dfdbfc, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@remote, 0x4e21, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x400, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x20064, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) sendmsg$inet(r0, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8) 14.550973692s ago: executing program 6 (id=2495): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) connect$unix(0xffffffffffffffff, 0x0, 0x0) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000140), 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r3 = accept(r0, 0x0, 0x0) sendmsg$AUDIT_USER_AVC(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[], 0x454}}, 0x0) shutdown(r3, 0x1) recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x0, 0x0, 0x0) 11.963864805s ago: executing program 0 (id=2504): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x400c491}, 0x0) sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="54000000090605fb0000002000000000010000050900020073797a30000000000500010007000000080009400000000124000880100007800a0011000180c2000000000010000780"], 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 10.618227394s ago: executing program 4 (id=2507): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000380)={0xa, 0xfffe, 0x4, @remote, 0x9}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r4, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0) 10.551694878s ago: executing program 5 (id=2509): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x44, 0x0, &(0x7f0000000600)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 10.504584931s ago: executing program 5 (id=2510): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r3 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace(0x8, r3) wait4(r3, 0x0, 0x2, &(0x7f0000000040)) 9.593374785s ago: executing program 5 (id=2512): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x20, 0x0, 0x0) shutdown(r3, 0x0) recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f00000021c0)='clear_refs\x00') 9.557630307s ago: executing program 6 (id=2513): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}, {}, {0x6, 0x0, 0x0, 0x7fff0000}]}) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123"], &(0x7f0000000140)='GPL\x00'}, 0x94) add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000040)="42d7", 0xfffff, 0xfffffffffffffffe) 8.65025637s ago: executing program 4 (id=2514): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f0000000040)={0x0, 0x0, 0x3011}) socket$inet6(0xa, 0x3, 0x7) r2 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r2, 0x84, 0x1, 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) io_setup(0x401, 0x0) 8.609817352s ago: executing program 1 (id=2515): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r4, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r3}, 0x20) recvmmsg(r3, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0) 7.821694319s ago: executing program 4 (id=2516): prlimit64(0x0, 0xe, &(0x7f0000000b40)={0xa, 0x8b}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, 0x0, &(0x7f0000000200)) ptrace$ARCH_MAP_VDSO_64(0x1e, 0x0, 0x8, 0x2003) 7.647496509s ago: executing program 0 (id=2517): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = gettid() rt_sigtimedwait(&(0x7f0000000000)={[0xfffffffffffffffb]}, 0x0, 0x0, 0x8) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 7.412977613s ago: executing program 1 (id=2518): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x6) accept$ax25(r3, &(0x7f0000000180)={{0x3, @null}, [@bcast, @bcast, @remote, @default, @netrom, @remote, @default, @null]}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$alg(0x26, 0x5, 0x0) move_pages(r0, 0x3, &(0x7f0000000100)=[&(0x7f0000a9a000/0x1000)=nil, &(0x7f00003c9000/0x2000)=nil, &(0x7f000043a000/0x2000)=nil], 0x0, &(0x7f0000000280), 0x0) accept4(r4, 0x0, 0x0, 0x80000) 7.412608083s ago: executing program 6 (id=2519): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r2, 0x0) r3 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) write$binfmt_elf64(r3, &(0x7f0000000240)=ANY=[], 0x40000) 5.363291264s ago: executing program 4 (id=2520): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000040) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x292}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x9, 0x2, 0x56d, 0x3, 0x2, 0xffffffffffffffff, 0x4}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), 0x0, 0xfffffffb, r2}, 0x38) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) ioctl(r3, 0x2272, 0x0) 5.354045204s ago: executing program 0 (id=2521): setreuid(0xee01, 0xee01) r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0x8) r2 = socket$inet(0xa, 0x801, 0x84) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) listen(r3, 0x100) listen(r2, 0x8) r4 = socket$inet(0xa, 0x801, 0x84) listen(r4, 0x1) r5 = socket$netlink(0x10, 0x3, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r5) writev(r5, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 4.863807833s ago: executing program 5 (id=2522): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) setgroups(0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, 0x0, &(0x7f0000000040)) 4.652819766s ago: executing program 1 (id=2523): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100), 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r0, 0x58, &(0x7f0000000000)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={r9}, 0xc) 3.940029428s ago: executing program 6 (id=2524): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_CLOSE={0x13, 0x4}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd, 0x8, 0x0, 0x0, 0x2, 0x0, {0x3}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x7fe2, 0x2}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000006c0)={r3, &(0x7f0000000500), &(0x7f0000000600)=""/155}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r3, &(0x7f0000000040), &(0x7f0000000480)=""/146}, 0x1d) 3.930766178s ago: executing program 5 (id=2525): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8") mkdir(&(0x7f0000000040)='./control\x00', 0x0) mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0) truncate(0x0, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './cgroup\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x4c, r2, 0x1, 0x70bd2b, 0x4000, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0xffffffffffffff28, 0xb, 0xfffffffa}, {0x6}}]}, 0x4c}}, 0x4040000) 3.780785827s ago: executing program 1 (id=2526): syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f00000001c0), 0x1, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, r4, 0x1}, 0x14}}, 0x0) ftruncate(r0, 0x2000009) 2.633588685s ago: executing program 1 (id=2527): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x18, 0x3d, 0x107, 0x0, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x37}]}, 0x18}}, 0xc000) 2.629325375s ago: executing program 0 (id=2528): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) 2.577970508s ago: executing program 4 (id=2529): write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = shmget(0x1, 0x4000, 0xa20, &(0x7f0000ffb000/0x4000)=nil) shmat(r3, &(0x7f0000ffd000/0x2000)=nil, 0x4000) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) accept4$bt_l2cap(r4, &(0x7f0000000200), 0x0, 0x800) 1.620720654s ago: executing program 0 (id=2530): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) write$vga_arbiter(r0, &(0x7f0000000980)=@other={'trylock', ' ', 'io+mem'}, 0xf) 804.732712ms ago: executing program 1 (id=2531): socket$inet_sctp(0x2, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000001600)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0xffffffffffffff0f}, 0x48) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000001380)={0xffffffffffffffff}) sendmsg$nl_route_sched(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000980)=@newtclass={0x24, 0x28, 0x4, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xa}, {0x5, 0xa}, {0xe, 0xffe0}}}, 0xfdef}, 0x1, 0x0, 0x0, 0x40d1}, 0x40d8) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r3) 65.848856ms ago: executing program 0 (id=2532): r0 = socket$inet6(0xa, 0x3, 0x2) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e25, 0x0, @empty, 0x7}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x81}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0xf0) 65.494266ms ago: executing program 4 (id=2533): syz_usb_connect(0x3, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x18, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 0s ago: executing program 5 (id=2534): r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket(0x15, 0x5, 0x0) getsockopt(r4, 0x200000000114, 0x271f, &(0x7f000001eec0)=""/102400, &(0x7f0000000080)=0x19000) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) kernel console output (not intermixed with test programs): 80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.79 (4681) [ 79.327936][ T4280] Bluetooth: hci1: unexpected event 0x3e length: 263 > 260 [ 79.327967][ T4280] Bluetooth: hci1: unexpected subevent 0x0d length: 262 > 260 [ 79.343203][ T4280] Bluetooth: hci1: adv larger than maximum supported [ 79.343252][ T4280] Bluetooth: hci1: adv larger than maximum supported [ 79.392899][ T4681] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 79.625531][ T4681] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 79.642847][ T4681] BTRFS info (device loop3): using free space tree [ 80.855731][ T4681] BTRFS info (device loop3): enabling ssd optimizations [ 80.950311][ T4271] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 81.037784][ T4737] loop2: detected capacity change from 0 to 7 [ 81.155110][ T4259] loop2: [ 81.158257][ T4259] loop2: partition table partially beyond EOD, truncated [ 81.421374][ T4737] loop2: [ 81.469634][ T4737] loop2: partition table partially beyond EOD, truncated [ 81.490738][ T4746] sctp: [Deprecated]: syz.4.94 (pid 4746) Use of struct sctp_assoc_value in delayed_ack socket option. [ 81.490738][ T4746] Use struct sctp_sack_info instead [ 81.576500][ T4741] loop3: detected capacity change from 0 to 4096 [ 81.658260][ T4741] ntfs: volume version 3.1. [ 81.769492][ T4748] overlayfs: failed to clone upperpath [ 83.607572][ T4754] tipc: Failed to remove unknown binding: 66,1,1/0:3848361469/3848361471 [ 83.661040][ T4754] tipc: Failed to remove unknown binding: 66,1,1/0:3848361469/3848361471 [ 83.680206][ T4754] tipc: Failed to remove unknown binding: 66,1,1/0:3848361469/3848361471 [ 84.512976][ T4769] netlink: 'syz.0.103': attribute type 10 has an invalid length. [ 84.552559][ T4769] netlink: 40 bytes leftover after parsing attributes in process `syz.0.103'. [ 84.694464][ T4769] team0: Port device geneve0 added [ 85.818776][ T4783] loop1: detected capacity change from 0 to 764 [ 86.292828][ T4790] Driver unsupported XDP return value 0 on prog (id 16) dev N/A, expect packet loss! [ 87.299814][ T4805] sch_tbf: burst 21990 is lower than device lo mtu (65550) ! [ 87.398316][ T4807] tipc: Enabling of bearer rejected, failed to enable media [ 87.412357][ T4793] loop0: detected capacity change from 0 to 32768 [ 87.459713][ T4793] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.112 (4793) [ 87.528676][ T4793] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 87.569440][ T4793] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 87.582728][ T4793] BTRFS info (device loop0): using free space tree [ 87.880028][ T4793] BTRFS info (device loop0): enabling ssd optimizations [ 87.979741][ T4832] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 88.011004][ T4793] BTRFS info (device loop0): balance: start -s [ 88.133464][ T26] audit: type=1804 audit(1768924401.364:3): pid=4833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.112" name="/newroot/32/file1/bus" dev="loop0" ino=263 res=1 errno=0 [ 88.153931][ T4793] BTRFS info (device loop0): relocating block group 1048576 flags system [ 88.498708][ T4793] BTRFS info (device loop0): balance: ended with status: 0 [ 88.640980][ T4266] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 89.216856][ T4719] Set syz1 is full, maxelem 65536 reached [ 90.434851][ T4862] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967272. macoff=96 [ 90.934561][ T4884] loop0: detected capacity change from 0 to 256 [ 90.962932][ T4310] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 90.980635][ T4884] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 90.998153][ T4884] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 91.057462][ T4884] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 91.162544][ T4310] usb 3-1: Using ep0 maxpacket: 8 [ 91.173623][ T4310] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 91.236385][ T4310] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 91.289564][ T4310] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 91.324217][ T26] audit: type=1800 audit(1768924404.594:4): pid=4884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.142" name="file1" dev="loop0" ino=1048596 res=0 errno=0 [ 91.349688][ T4310] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 91.366686][ T4310] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 91.400136][ T4310] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.412096][ T4310] usb 3-1: GET_CAPABILITIES returned 0 [ 92.422615][ T4310] usbtmc 3-1:16.0: can't read capabilities [ 92.532471][ T4324] usb 3-1: USB disconnect, device number 2 [ 94.025838][ T4913] loop0: detected capacity change from 0 to 32768 [ 95.052041][ T4937] loop1: detected capacity change from 0 to 4096 [ 95.219015][ T4937] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 95.423546][ T4937] ntfs3: loop1: ntfs_sync_fs r=9 failed, -22. [ 95.455539][ T4937] ntfs3: loop1: ntfs_evict_inode r=9 failed, -22. [ 95.528844][ T4954] delete_channel: no stack [ 95.955508][ T4963] netlink: 16 bytes leftover after parsing attributes in process `syz.1.169'. [ 96.241849][ T4969] netlink: 'syz.1.171': attribute type 1 has an invalid length. [ 96.279331][ T4969] netlink: 1156 bytes leftover after parsing attributes in process `syz.1.171'. [ 96.469578][ T4921] loop3: detected capacity change from 0 to 131072 [ 96.536820][ T4977] loop2: detected capacity change from 0 to 2048 [ 96.605664][ T4977] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 96.992027][ T4967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 97.050966][ T4995] loop2: detected capacity change from 0 to 128 [ 97.088018][ T4995] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 97.134763][ T4995] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 98.482231][ T5034] loop0: detected capacity change from 0 to 1024 [ 98.584397][ T5034] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 98.736118][ T5046] netlink: 8 bytes leftover after parsing attributes in process `syz.3.196'. [ 98.803865][ T5034] device pim6reg1 entered promiscuous mode [ 99.056782][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 100.672504][ C1] sched: RT throttling activated [ 101.900031][ T5088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.213'. [ 101.948905][ T5088] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.072297][ T5088] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.359397][ T5095] netlink: 'syz.3.215': attribute type 1 has an invalid length. [ 102.411371][ T5095] device bond1 entered promiscuous mode [ 102.432123][ T5095] 8021q: adding VLAN 0 to HW filter on device bond1 [ 102.489098][ T5095] device bridge1 entered promiscuous mode [ 102.515683][ T4521] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 102.526460][ T5095] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 102.538168][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 102.648420][ T5102] "syz.1.217" (5102) uses obsolete ecb(arc4) skcipher [ 102.713782][ T4521] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 103.155392][ T5123] netlink: 12 bytes leftover after parsing attributes in process `syz.0.226'. [ 103.193843][ T5123] IPv6: addrconf: prefix option has invalid lifetime [ 103.632434][ T5139] loop0: detected capacity change from 0 to 256 [ 103.649016][ T5139] FAT-fs (loop0): "posix" option is obsolete, not supported now [ 103.699729][ T4280] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11 [ 103.854431][ T5143] loop3: detected capacity change from 0 to 256 [ 103.881913][ T5141] loop0: detected capacity change from 0 to 1024 [ 104.087864][ T5145] tipc: Failed to remove unknown binding: 66,0,0/0:1472505533/1472505534 [ 104.123267][ T5145] tipc: Failed to remove unknown binding: 66,0,0/0:1472505533/1472505534 [ 104.737455][ T5173] loop3: detected capacity change from 0 to 512 [ 104.753696][ T5173] EXT4-fs: Ignoring removed i_version option [ 104.760922][ T5173] EXT4-fs: Ignoring removed bh option [ 104.837267][ T5175] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 104.861971][ T5175] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 104.876954][ T5175] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 104.892196][ T5175] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 104.905979][ T5173] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 104.925570][ T5175] device geneve2 entered promiscuous mode [ 104.934745][ T5173] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 104.959516][ T5175] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 104.973013][ T5175] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 104.986715][ T5175] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 104.998983][ T5175] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 105.405289][ T4271] EXT4-fs (loop3): unmounting filesystem. [ 106.890611][ T5204] overlayfs: unrecognized mount option "\']*=°¢°©æ[\1\" or missing value [ 106.904880][ T5208] loop3: detected capacity change from 0 to 256 [ 106.981407][ T5208] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d) [ 107.911335][ T5244] netlink: 'syz.2.268': attribute type 4 has an invalid length. [ 107.991225][ T5240] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 108.015157][ T5240] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.024471][ T5240] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.065883][ T5245] netlink: 'syz.2.268': attribute type 17 has an invalid length. [ 108.067585][ T5248] loop0: detected capacity change from 0 to 1024 [ 108.082341][ T5245] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 108.102272][ T5248] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.127662][ T5248] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 108.157212][ T5248] EXT4-fs (loop0): Test dummy encryption mode enabled [ 108.252768][ T5248] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 108.547094][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 109.366352][ T5279] syz.1.281 uses obsolete (PF_INET,SOCK_PACKET) [ 109.446303][ T5283] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 109.460115][ T5283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 109.469108][ T5283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 109.487068][ T5283] device bridge_slave_0 left promiscuous mode [ 109.494251][ T5283] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.505837][ T5283] device bridge_slave_1 left promiscuous mode [ 109.512159][ T5283] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.529758][ T5283] bond0: (slave bond_slave_0): Releasing backup interface [ 109.557609][ T5283] bond0: (slave bond_slave_1): Releasing backup interface [ 109.613357][ T5283] team0: Port device team_slave_0 removed [ 109.640769][ T5283] team0: Port device team_slave_1 removed [ 109.647734][ T5283] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.655927][ T5283] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.665800][ T5283] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.673825][ T5283] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.322974][ T952] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 110.464468][ T5305] netlink: 'syz.3.291': attribute type 1 has an invalid length. [ 110.542697][ T952] usb 3-1: Using ep0 maxpacket: 16 [ 110.549863][ T952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.603814][ T952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.677627][ T952] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 110.711371][ T5311] 8021q: adding VLAN 0 to HW filter on device bond3 [ 110.741489][ T5311] bond2: (slave bond3): making interface the new active one [ 110.749696][ T952] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 110.781623][ T5311] bond2: (slave bond3): Enslaving as an active interface with an up link [ 110.783870][ T952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.803875][ T5305] netlink: 28 bytes leftover after parsing attributes in process `syz.3.291'. [ 110.826960][ T5305] device bond2 entered promiscuous mode [ 110.848202][ T952] usb 3-1: config 0 descriptor?? [ 110.853421][ T5305] device bond3 entered promiscuous mode [ 110.881446][ T5305] 8021q: adding VLAN 0 to HW filter on device bond2 [ 111.287217][ T952] microsoft 0003:045E:07DA.0001: report is too long [ 111.356647][ T952] microsoft 0003:045E:07DA.0001: item 0 4 0 8 parsing failed [ 111.424272][ T952] microsoft 0003:045E:07DA.0001: parse failed [ 111.469389][ T952] microsoft: probe of 0003:045E:07DA.0001 failed with error -22 [ 111.600767][ T952] usb 3-1: USB disconnect, device number 3 [ 112.268564][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 112.298460][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 112.322051][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 112.829546][ T5352] netlink: 'syz.0.309': attribute type 10 has an invalid length. [ 112.864346][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.871649][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.906836][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.914082][ T5352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.922865][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.930041][ T5352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.945816][ T5352] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 113.102437][ T5362] netlink: 8 bytes leftover after parsing attributes in process `syz.4.312'. [ 113.179945][ T5364] netlink: 'syz.0.313': attribute type 1 has an invalid length. [ 113.377715][ T5366] bond1: (slave ip6gretap1): making interface the new active one [ 113.459877][ T5366] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 113.477854][ T5364] device bond1 entered promiscuous mode [ 113.512733][ T5364] device ip6gretap1 entered promiscuous mode [ 113.542545][ T5364] 8021q: adding VLAN 0 to HW filter on device bond1 [ 114.591008][ T5398] netlink: 72 bytes leftover after parsing attributes in process `syz.2.328'. [ 114.850715][ T5403] loop2: detected capacity change from 0 to 2048 [ 114.915199][ T5403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 115.054037][ T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 115.076727][ T4283] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 115.086271][ T4283] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 115.102707][ T4283] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 115.115431][ T4283] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 115.133218][ T4283] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 115.364086][ T5403] UDF-fs: error (device loop2): udf_read_inode: (ino 1) failed !bh [ 115.664068][ T5407] chnl_net:caif_netlink_parms(): no params data found [ 115.677952][ T4275] UDF-fs: error (device loop2): udf_read_inode: (ino 1) failed !bh [ 115.719637][ T4275] UDF-fs: error (device loop2): udf_read_inode: (ino 1) failed !bh [ 116.049107][ T5407] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.212632][ T5407] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.303684][ T5407] device bridge_slave_0 entered promiscuous mode [ 116.377796][ T5407] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.499096][ T5407] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.562642][ T5407] device bridge_slave_1 entered promiscuous mode [ 116.660539][ T5465] overlayfs: failed to clone upperpath [ 116.774096][ T5407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.800455][ T5407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.817421][ T5469] netlink: 4 bytes leftover after parsing attributes in process `syz.0.339'. [ 116.853737][ T5471] netlink: 'syz.1.340': attribute type 13 has an invalid length. [ 117.203301][ T4280] Bluetooth: hci2: command 0x0409 tx timeout [ 117.336961][ T5471] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.344466][ T5471] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.521051][ T4283] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 117.530682][ T4283] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 117.539494][ T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 117.548326][ T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 117.557374][ T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 117.571871][ T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 117.830090][ T5471] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.866936][ T5471] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 118.159884][ T5471] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.168980][ T5471] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.178217][ T5471] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.187521][ T5471] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.331788][ T5407] team0: Port device team_slave_0 added [ 118.345978][ T5471] syz.1.340 (5471) used greatest stack depth: 20656 bytes left [ 118.408927][ T5407] team0: Port device team_slave_1 added [ 118.500840][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.631572][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.696765][ T5407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.708230][ T5407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.787714][ T5407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.823719][ T5407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.830694][ T5407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.869271][ T5407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.932061][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.019258][ T5407] device hsr_slave_0 entered promiscuous mode [ 119.033078][ T5407] device hsr_slave_1 entered promiscuous mode [ 119.045086][ T5407] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 119.058911][ T5407] Cannot create hsr debugfs directory [ 119.086709][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.283488][ T4283] Bluetooth: hci2: command 0x041b tx timeout [ 119.425541][ T5482] chnl_net:caif_netlink_parms(): no params data found [ 119.602944][ T4283] Bluetooth: hci3: command 0x0409 tx timeout [ 119.961405][ T5532] IPv6: NLM_F_REPLACE set, but no existing node found! [ 120.140632][ T5482] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.161948][ T5482] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.203240][ T5482] device bridge_slave_0 entered promiscuous mode [ 120.235308][ T5482] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.242419][ T5482] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.280988][ T5482] device bridge_slave_1 entered promiscuous mode [ 120.321403][ T5407] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 120.411159][ T5407] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 120.464881][ T5482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 120.482161][ T5407] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 120.503748][ T5407] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 120.564787][ T5482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.800249][ T5482] team0: Port device team_slave_0 added [ 120.814199][ T5482] team0: Port device team_slave_1 added [ 120.888527][ T5482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 120.910450][ T5482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.040826][ T5482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.111190][ T5482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.120344][ T5482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.146663][ T5482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 121.279952][ T5407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.362673][ T4283] Bluetooth: hci2: command 0x040f tx timeout [ 121.434071][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 121.443492][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 121.455877][ T5407] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.467252][ T5482] device hsr_slave_0 entered promiscuous mode [ 121.484295][ T5482] device hsr_slave_1 entered promiscuous mode [ 121.502722][ T5482] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 121.510323][ T5482] Cannot create hsr debugfs directory [ 121.587259][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 121.604537][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 121.614109][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.621212][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.702800][ T4283] Bluetooth: hci3: command 0x041b tx timeout [ 121.807658][ T11] device hsr_slave_0 left promiscuous mode [ 121.837679][ T11] device hsr_slave_1 left promiscuous mode [ 121.871931][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.909037][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.965133][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.982719][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.992032][ T5604] loop0: detected capacity change from 0 to 8 [ 122.018581][ T11] device bridge_slave_1 left promiscuous mode [ 122.033462][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.119379][ T11] device bridge_slave_0 left promiscuous mode [ 122.133020][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.249733][ T11] device veth1_macvtap left promiscuous mode [ 122.256333][ T11] device veth0_macvtap left promiscuous mode [ 122.262386][ T11] device veth1_vlan left promiscuous mode [ 122.268661][ T11] device veth0_vlan left promiscuous mode [ 122.762747][ T11] team0 (unregistering): Port device team_slave_1 removed [ 122.829914][ T11] team0 (unregistering): Port device team_slave_0 removed [ 122.870342][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 122.910925][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 123.168141][ T11] bond0 (unregistering): Released all slaves [ 123.268599][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 123.278306][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 123.287563][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 123.299083][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.306215][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.322092][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 123.330722][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 123.347779][ T5614] netlink: 'syz.4.379': attribute type 3 has an invalid length. [ 123.356123][ T5614] netlink: 'syz.4.379': attribute type 3 has an invalid length. [ 123.377905][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 123.411489][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 123.441221][ T5407] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 123.452230][ T4280] Bluetooth: hci2: command 0x0419 tx timeout [ 123.474466][ T5407] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 123.500977][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 123.515046][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 123.534412][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 123.553282][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 123.562864][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 123.571230][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 123.580247][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 123.588807][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 123.768934][ T4280] Bluetooth: hci3: command 0x040f tx timeout [ 123.880972][ T5482] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 123.892920][ T5482] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 123.904879][ T5482] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 123.939571][ T5482] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 124.162816][ T5482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 124.197464][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 124.215938][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 124.254308][ T5482] 8021q: adding VLAN 0 to HW filter on device team0 [ 124.293358][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 124.311361][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 124.331201][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.338386][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 124.363261][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 124.401677][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 124.454298][ T5407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 124.484409][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 124.514480][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 124.533496][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 124.552745][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.559857][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 124.582890][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 124.614828][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 124.695204][ T5482] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 124.705715][ T5482] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 124.729552][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 124.765913][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 124.952067][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 125.153741][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 125.280498][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 125.430677][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 125.493377][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 125.513083][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 125.552954][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 125.579469][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 125.842659][ T4280] Bluetooth: hci3: command 0x0419 tx timeout [ 126.695905][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 126.712813][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 126.757456][ T5482] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.836907][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 126.856130][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 126.944870][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 126.984969][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 127.025243][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 127.084516][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 127.108561][ T5407] device veth0_vlan entered promiscuous mode [ 127.155247][ T5407] device veth1_vlan entered promiscuous mode [ 127.241903][ T5407] device veth0_macvtap entered promiscuous mode [ 127.271705][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 127.287487][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 127.310546][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.341068][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.354598][ T5407] device veth1_macvtap entered promiscuous mode [ 127.410488][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 127.423174][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 127.470315][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.507380][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.521747][ T5706] fuse: Bad value for 'fd' [ 127.542605][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.573399][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.615709][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.625734][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 127.648098][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 127.691586][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.718348][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.737246][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.794546][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 127.808825][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 127.843999][ T5407] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.863373][ T5407] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.872111][ T5407] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.921499][ T5407] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.106101][ T4521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.152461][ T4521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.170542][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 128.220658][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.238977][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.271666][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 128.290494][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 128.308475][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 128.357695][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 128.379107][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 128.404208][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 128.419298][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 128.433998][ T5482] device veth0_vlan entered promiscuous mode [ 128.481033][ T5482] device veth1_vlan entered promiscuous mode [ 128.551726][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 128.576055][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 128.600360][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 128.625974][ T4533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 128.640580][ T5482] device veth0_macvtap entered promiscuous mode [ 128.685133][ T5482] device veth1_macvtap entered promiscuous mode [ 128.712994][ T5482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.737691][ T5482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.758930][ T5482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.781602][ T5482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.794664][ T5482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.813267][ T5482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.829984][ T5482] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 128.840631][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 128.855851][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 128.869148][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 128.880547][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 128.903427][ T5482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.915251][ T5482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.926794][ T5482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.938235][ T5482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.958406][ T5482] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 128.976352][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 128.988774][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 129.010246][ T5482] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.043602][ T5482] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.062400][ T5482] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.088118][ T5482] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.179715][ T5745] netlink: 'syz.1.401': attribute type 10 has an invalid length. [ 129.204849][ T5745] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 129.252371][ T4521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.282834][ T4521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.311887][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 129.346748][ T4542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.372804][ T4542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.393079][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 130.547908][ T26] audit: type=1326 audit(1768924443.814:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5796 comm="syz.1.415" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe36df9acb9 code=0x0 [ 130.632437][ T5802] netlink: 12 bytes leftover after parsing attributes in process `syz.5.417'. [ 130.771858][ T5807] overlayfs: failed to clone upperpath [ 130.990221][ T5815] netlink: 'syz.4.422': attribute type 1 has an invalid length. [ 131.077616][ T5815] 8021q: adding VLAN 0 to HW filter on device bond1 [ 131.125236][ T5818] bond1: (slave vlan3): making interface the new active one [ 131.134892][ T5818] bond1: (slave vlan3): Enslaving as an active interface with an up link [ 131.151645][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 131.160470][ T5820] loop5: detected capacity change from 0 to 256 [ 131.221310][ T5820] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 131.315106][ T5820] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 131.541462][ T5833] loop0: detected capacity change from 0 to 128 [ 131.638929][ T5833] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 131.655136][ T5833] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 131.706471][ T5833] EXT4-fs (loop0): shut down requested (1) [ 131.713355][ T5833] fscrypt (loop0, inode 12): Error -5 getting encryption context [ 132.341926][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 132.725062][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.731413][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.101544][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'. [ 133.187451][ T5862] device bridge_slave_1 left promiscuous mode [ 133.214451][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.254757][ T5862] device bridge_slave_0 left promiscuous mode [ 133.279810][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.403320][ T5862] bond0: (slave bridge0): Releasing backup interface [ 134.291294][ T5880] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 134.379523][ T5883] tipc: Failed to remove unknown binding: 66,1,1/0:2158190786/2158190788 [ 134.481192][ T5890] tipc: Failed to remove unknown binding: 66,1,1/0:2158190786/2158190788 [ 134.507429][ T5890] tipc: Failed to remove unknown binding: 66,1,1/0:2158190786/2158190788 [ 134.906946][ T5903] loop5: detected capacity change from 0 to 4096 [ 134.993840][ T5903] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 135.078906][ T5903] ntfs3: loop5: ntfs_sync_fs r=9 failed, -22. [ 135.100962][ T5903] ntfs3: loop5: ntfs_evict_inode r=9 failed, -22. [ 135.413382][ T5917] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 135.530930][ T5917] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 135.557122][ T5917] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 135.830024][ T5932] bond0: (slave bond_slave_0): Releasing backup interface [ 135.875648][ T5932] bond0: (slave bond_slave_1): Releasing backup interface [ 135.929485][ T5932] team0: Port device team_slave_0 removed [ 135.963166][ T5932] team0: Port device team_slave_1 removed [ 135.989552][ T5932] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 136.023373][ T5932] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 136.272324][ T5948] loop0: detected capacity change from 0 to 2048 [ 136.301305][ T5948] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 136.620571][ T5960] loop6: detected capacity change from 0 to 8 [ 136.714111][ T5960] SQUASHFS error: zlib decompression failed, data probably corrupt [ 136.758828][ T5960] SQUASHFS error: Failed to read block 0x9b: -5 [ 136.789154][ T5960] SQUASHFS error: Unable to read metadata cache entry [99] [ 136.816798][ T5960] SQUASHFS error: Unable to read inode 0x127 [ 137.392253][ T5982] netlink: 12 bytes leftover after parsing attributes in process `syz.6.465'. [ 137.977492][ T6001] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 138.032244][ T6001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 138.080222][ T6001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 138.136969][ T6001] device bridge_slave_0 left promiscuous mode [ 138.192849][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.261073][ T6001] device bridge_slave_1 left promiscuous mode [ 138.289213][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.404665][ T6001] bond0: (slave bond_slave_0): Releasing backup interface [ 138.453410][ T6001] bond0: (slave bond_slave_1): Releasing backup interface [ 138.621886][ T6001] team0: Port device team_slave_0 removed [ 138.680097][ T6001] team0: Port device team_slave_1 removed [ 138.722694][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.730119][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 138.840480][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.907822][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 140.546051][ T6055] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 140.838838][ T6064] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 140.985566][ T6064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 141.003601][ T6064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 141.035932][ T6064] device bridge_slave_0 left promiscuous mode [ 141.059444][ T6064] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.099767][ T6064] device bridge_slave_1 left promiscuous mode [ 141.134257][ T6064] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.186598][ T6064] bond0: (slave bond_slave_0): Releasing backup interface [ 141.239464][ T6064] bond0: (slave bond_slave_1): Releasing backup interface [ 141.372363][ T6064] team0: Port device team_slave_0 removed [ 141.461791][ T6064] team0: Port device team_slave_1 removed [ 141.469050][ T6064] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.479844][ T6064] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.489543][ T6064] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.499258][ T6064] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 143.171869][ T6110] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 143.200679][ T6110] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 143.221387][ T6110] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 143.296796][ T6110] bond1: (slave vlan3): Releasing active interface [ 144.287185][ T6126] netlink: 12 bytes leftover after parsing attributes in process `syz.4.510'. [ 144.414692][ T6142] bond0: (slave bridge0): Releasing backup interface [ 144.446582][ T6142] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.453971][ T6142] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.487097][ T6142] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 144.503763][ T6142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 144.519067][ T6142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 144.528494][ T6142] device bridge_slave_0 left promiscuous mode [ 144.538234][ T6142] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.547106][ T6142] device bridge_slave_1 left promiscuous mode [ 144.558111][ T6142] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.567488][ T6142] bond0: (slave bond_slave_0): Releasing backup interface [ 144.587920][ T6142] bond0: (slave bond_slave_1): Releasing backup interface [ 144.628191][ T6142] team0: Port device team_slave_0 removed [ 144.648989][ T6142] team0: Port device team_slave_1 removed [ 144.655340][ T6142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.663092][ T6142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.671274][ T6142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 144.679020][ T6142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.716449][ T6142] team0: Port device geneve0 removed [ 144.727182][ T6142] bond1: (slave ip6gretap1): Releasing active interface [ 144.734557][ T6142] device ip6gretap1 left promiscuous mode [ 144.799351][ T6149] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 144.841384][ T6149] team0: Port device batadv1 added [ 146.195061][ T6179] netlink: 216 bytes leftover after parsing attributes in process `syz.6.524'. [ 146.296258][ T6179] netlink: 16 bytes leftover after parsing attributes in process `syz.6.524'. [ 146.315242][ T6187] fuse: Bad value for 'fd' [ 146.492153][ T6193] overlayfs: failed to clone upperpath [ 148.163845][ T6233] fuse: Bad value for 'fd' [ 149.036763][ T4854] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 149.350063][ T6270] fuse: Bad value for 'fd' [ 149.864064][ T4854] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 149.889740][ T4854] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 149.932296][ T4854] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 149.948291][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056e52400: rx timeout, send abort [ 149.994853][ T4854] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 150.032934][ T4854] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.060808][ T4854] usb 7-1: Product: syz [ 150.079767][ T4854] usb 7-1: Manufacturer: syz [ 150.091975][ T4854] usb 7-1: SerialNumber: syz [ 150.142203][ T4854] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found [ 150.197038][ T4854] cdc_ncm 7-1:1.0: bind() failure [ 150.352051][ T4854] usb 7-1: USB disconnect, device number 2 [ 150.448342][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056e50800: rx timeout, send abort [ 150.456772][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056e52400: abort rx timeout. Force session deactivation [ 150.576217][ T6298] netlink: 'syz.4.563': attribute type 4 has an invalid length. [ 150.632112][ T6298] netlink: 'syz.4.563': attribute type 4 has an invalid length. [ 150.914016][ T6305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'. [ 150.956664][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056e50800: abort rx timeout. Force session deactivation [ 151.002344][ T6305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'. [ 151.088517][ T6314] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 151.095803][ T6314] IPv6: NLM_F_CREATE should be set when creating new route [ 151.260675][ T6317] binder: BINDER_SET_CONTEXT_MGR already set [ 151.298026][ T6317] binder: 6316:6317 ioctl 4018620d 2000000001c0 returned -16 [ 152.480959][ T6314] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.490784][ T6314] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.500014][ T6314] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.509388][ T6314] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.729335][ T6349] netlink: 40 bytes leftover after parsing attributes in process `syz.5.581'. [ 152.759921][ T6349] netlink: 3 bytes leftover after parsing attributes in process `syz.5.581'. [ 152.893199][ T6361] fuse: Bad value for 'fd' [ 153.658196][ T6370] syz.1.584 sent an empty control message without MSG_MORE. [ 155.075582][ T26] audit: type=1326 audit(1768924468.344:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 155.634549][ T26] audit: type=1326 audit(1768924468.424:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 155.747787][ T26] audit: type=1326 audit(1768924468.514:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 155.770923][ T26] audit: type=1326 audit(1768924468.514:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 155.801444][ T6423] loop6: detected capacity change from 0 to 256 [ 155.831861][ T6423] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 155.897366][ T26] audit: type=1326 audit(1768924468.514:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 155.989269][ T26] audit: type=1326 audit(1768924468.514:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 156.141964][ T26] audit: type=1326 audit(1768924468.514:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 156.209194][ T26] audit: type=1326 audit(1768924468.514:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 156.241105][ T26] audit: type=1326 audit(1768924468.514:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 156.473266][ T26] audit: type=1326 audit(1768924468.514:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6414 comm="syz.0.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 157.457682][ T6462] netlink: 4 bytes leftover after parsing attributes in process `syz.5.609'. [ 158.444179][ T6483] overlayfs: failed to clone upperpath [ 160.464050][ T6561] overlayfs: statfs failed on './file0' [ 160.686698][ T6566] netlink: 'syz.0.634': attribute type 1 has an invalid length. [ 160.809400][ T6570] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 160.952758][ T6570] bond2: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 160.975459][ T6570] bond2: (slave vcan1): making interface the new active one [ 161.014409][ T6570] bond2: (slave vcan1): Enslaving as an active interface with an up link [ 161.035593][ T6572] bond2: (slave vcan2): The slave device specified does not support setting the MAC address [ 161.063438][ T6572] bond2: (slave vcan2): Enslaving as a backup interface with an up link [ 161.375569][ T6585] fuse: Bad value for 'fd' [ 162.181421][ T6610] loop0: detected capacity change from 0 to 256 [ 162.193359][ T6610] exfat: Deprecated parameter 'codepage' [ 162.199061][ T6610] exfat: Deprecated parameter 'utf8' [ 162.208919][ T6610] exfat: Deprecated parameter 'namecase' [ 162.224275][ T6610] exfat: Unknown parameter 'errorsntinue' [ 162.448815][ T6624] netlink: 24 bytes leftover after parsing attributes in process `syz.5.648'. [ 163.211769][ T6629] netlink: 'syz.0.649': attribute type 4 has an invalid length. [ 163.302963][ T6631] netlink: 'syz.0.649': attribute type 4 has an invalid length. [ 163.698276][ T6649] netlink: 'syz.0.658': attribute type 10 has an invalid length. [ 163.771156][ T6649] team0: Device veth1_macvtap failed to register rx_handler [ 164.713368][ T6664] netlink: 'syz.0.673': attribute type 10 has an invalid length. [ 164.759760][ T6664] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 165.742687][ T6688] netlink: 24 bytes leftover after parsing attributes in process `syz.4.672'. [ 165.767954][ T6688] device sit1 entered promiscuous mode [ 165.918394][ T6695] overlayfs: failed to clone upperpath [ 166.068081][ T6701] netlink: 188 bytes leftover after parsing attributes in process `syz.4.680'. [ 171.487764][ T6749] process 'newroot/70/bus/file0' started with executable stack [ 172.691150][ T6777] 8021q: adding VLAN 0 to HW filter on device bond2 [ 172.716701][ T6779] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 172.729553][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 173.883411][ T6801] binder: transaction release 18 bad handle 1, ret = -22 [ 175.141002][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 175.203353][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 175.233316][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 175.439206][ T6823] device syzkaller0 entered promiscuous mode [ 175.787777][ T6832] kvm: MWAIT instruction emulated as NOP! [ 176.317593][ T6841] netlink: 'syz.6.726': attribute type 4 has an invalid length. [ 176.388265][ T6844] netlink: 'syz.6.726': attribute type 4 has an invalid length. [ 176.685060][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.6.729'. [ 176.716038][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.6.729'. [ 178.288924][ T6878] netlink: 'syz.5.739': attribute type 1 has an invalid length. [ 178.344425][ T6878] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 178.362963][ T6878] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 178.439202][ T6878] bond1: (slave vcan1): making interface the new active one [ 178.448540][ T6878] bond1: (slave vcan1): Enslaving as an active interface with an up link [ 178.460074][ T6882] bond1: (slave vcan2): The slave device specified does not support setting the MAC address [ 178.490261][ T6882] bond1: (slave vcan2): Enslaving as a backup interface with an up link [ 179.547879][ T6896] netlink: 'syz.1.743': attribute type 10 has an invalid length. [ 179.774231][ T6900] overlayfs: failed to clone upperpath [ 180.068036][ T6908] mmap: syz.6.747 (6908) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 182.848663][ T6940] netlink: 156 bytes leftover after parsing attributes in process `syz.0.756'. [ 182.875305][ T6940] netlink: 156 bytes leftover after parsing attributes in process `syz.0.756'. [ 182.999982][ T6945] batman_adv: batadv0: Adding interface: dummy0 [ 183.035511][ T6945] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.530981][ T6945] batman_adv: batadv0: Interface activated: dummy0 [ 183.570263][ T6944] batadv0: mtu less than device minimum [ 183.631581][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.644369][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.656554][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.667919][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.679237][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.690538][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.701835][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.713157][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 183.724429][ T6944] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 185.149231][ T6967] sch_tbf: burst 1821 is lower than device lo mtu (11337746) ! [ 185.449220][ T6970] netlink: 12 bytes leftover after parsing attributes in process `syz.6.764'. [ 186.063575][ T4283] Bluetooth: hci1: command 0x0406 tx timeout [ 186.070070][ T4283] Bluetooth: hci0: command 0x0406 tx timeout [ 186.976996][ T6996] device syzkaller0 entered promiscuous mode [ 188.002848][ T7009] loop6: detected capacity change from 0 to 512 [ 188.053164][ T7009] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 188.135021][ T7009] EXT4-fs error (device loop6): ext4_orphan_get:1399: inode #15: comm syz.6.781: iget: bad i_size value: 38620345925642 [ 188.151461][ T7009] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.781: couldn't read orphan inode 15 (err -117) [ 188.178605][ T7009] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 188.917135][ T7009] Invalid argument reading file caps for ./file0 [ 189.078886][ T4513] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm kworker/u4:11: bg 0: block 5: invalid block bitmap [ 189.114850][ T4513] EXT4-fs (loop6): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1 with error 28 [ 189.140650][ T4513] EXT4-fs (loop6): This should not happen!! Data will be lost [ 189.140650][ T4513] [ 189.156351][ T4513] EXT4-fs (loop6): Total free blocks count 0 [ 189.162441][ T4513] EXT4-fs (loop6): Free/Dirty block details [ 189.173250][ T4513] EXT4-fs (loop6): free_blocks=0 [ 189.188839][ T4513] EXT4-fs (loop6): dirty_blocks=1 [ 189.204832][ T4513] EXT4-fs (loop6): Block reservation details [ 189.210962][ T4513] EXT4-fs (loop6): i_reserved_data_blocks=1 [ 189.238228][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 189.465920][ T7028] overlayfs: failed to get index nlink (file1/file0, err=-61) [ 189.582160][ T7034] netlink: 'syz.5.787': attribute type 4 has an invalid length. [ 189.629645][ T7035] 9pnet: p9_errstr2errno: server reported unknown error @®ï©?ã‹Òêß¾¡IÃ퉲rŠ ò6óÒ~º“D‡ómáÊ„!\ [ 192.088555][ T7065] loop0: detected capacity change from 0 to 1024 [ 192.126552][ T7065] EXT4-fs: Ignoring removed bh option [ 192.188048][ T7065] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 192.232032][ T7065] EXT4-fs error (device loop0): ext4_iget_extra_inode:4756: inode #15: comm syz.0.797: corrupted in-inode xattr [ 192.326252][ T7060] loop6: detected capacity change from 0 to 2048 [ 192.353246][ T26] kauditd_printk_skb: 34 callbacks suppressed [ 192.353260][ T26] audit: type=1326 audit(1768924505.624:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.0.797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x0 [ 192.739649][ T7060] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 193.645366][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 193.932217][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 194.165678][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.194170][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.390087][ T7109] loop6: detected capacity change from 0 to 1024 [ 195.542948][ T7115] netlink: 24 bytes leftover after parsing attributes in process `syz.5.809'. [ 195.555739][ T7109] EXT4-fs: Ignoring removed nomblk_io_submit option [ 195.632170][ T7109] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 195.757498][ T7109] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 195.863913][ T7124] netlink: 4 bytes leftover after parsing attributes in process `syz.0.810'. [ 198.436965][ T4259] udevd[4259]: incorrect jbd checksum on /dev/loop6 [ 199.555437][ T4259] udevd[4259]: incorrect jbd checksum on /dev/loop6 [ 200.005657][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 200.066251][ T7156] netlink: 24 bytes leftover after parsing attributes in process `syz.5.823'. [ 200.299207][ T7165] SET target dimension over the limit! [ 201.553007][ T7171] netlink: 'syz.5.825': attribute type 1 has an invalid length. [ 201.619306][ T7171] 8021q: adding VLAN 0 to HW filter on device bond2 [ 201.682554][ T7171] device wlan0 entered promiscuous mode [ 201.689849][ T7171] bond2: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 205.490293][ T7231] netlink: 'syz.1.844': attribute type 1 has an invalid length. [ 205.529651][ T7231] 8021q: adding VLAN 0 to HW filter on device bond1 [ 205.689263][ T7231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.844'. [ 207.268182][ T26] audit: type=1326 audit(1768924520.534:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7249 comm="syz.5.850" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x0 [ 207.516138][ T7259] kvm: emulating exchange as write [ 209.163220][ T26] audit: type=1804 audit(1768924522.424:52): pid=7292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.861" name="/newroot/82/bus/bus" dev="overlay" ino=473 res=1 errno=0 [ 209.256518][ T7292] Invalid ELF header magic: != ELF [ 210.282439][ T7309] loop6: detected capacity change from 0 to 1024 [ 210.308257][ T7309] EXT4-fs: Ignoring removed bh option [ 210.400118][ T7309] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 210.471602][ T7309] EXT4-fs error (device loop6): ext4_iget_extra_inode:4756: inode #15: comm syz.6.869: corrupted in-inode xattr [ 210.657097][ T26] audit: type=1326 audit(1768924523.924:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7308 comm="syz.6.869" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x0 [ 211.531671][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 211.602945][ T4280] Bluetooth: hci4: command 0x0406 tx timeout [ 211.812929][ T7332] netlink: 4 bytes leftover after parsing attributes in process `syz.6.875'. [ 211.846658][ T7334] netlink: 12 bytes leftover after parsing attributes in process `syz.4.876'. [ 211.876768][ T7334] device bond3 entered promiscuous mode [ 211.889359][ T7339] netlink: 4 bytes leftover after parsing attributes in process `syz.6.875'. [ 212.043676][ T7341] device macvlan2 entered promiscuous mode [ 212.055979][ T7341] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 212.636268][ T7331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 212.879820][ T7333] device bond3 left promiscuous mode [ 212.885886][ T7346] binder: 7345:7346 ioctl c0306201 2000000001c0 returned -14 [ 213.541179][ T7355] netlink: 'syz.6.881': attribute type 1 has an invalid length. [ 215.117990][ T7355] 8021q: adding VLAN 0 to HW filter on device bond1 [ 215.200816][ T7355] device wlan0 entered promiscuous mode [ 215.386052][ T7355] bond1: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 219.406541][ T7419] netlink: 'syz.4.900': attribute type 1 has an invalid length. [ 219.598554][ T7419] 8021q: adding VLAN 0 to HW filter on device bond4 [ 219.668221][ T7425] device wlan0 entered promiscuous mode [ 220.060907][ T7425] bond4: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 222.614350][ T7467] netlink: 24 bytes leftover after parsing attributes in process `syz.6.913'. [ 222.628577][ T7467] netlink: 24 bytes leftover after parsing attributes in process `syz.6.913'. [ 223.504763][ T7479] netlink: 'syz.4.917': attribute type 10 has an invalid length. [ 223.645154][ T7479] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 223.906115][ T7490] device team0 entered promiscuous mode [ 223.941847][ T7490] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 223.954262][ T7490] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 223.981340][ T7494] netlink: 24 bytes leftover after parsing attributes in process `syz.6.925'. [ 224.015566][ T7490] bridge0: port 1(vlan2) entered blocking state [ 224.021992][ T7490] bridge0: port 1(vlan2) entered disabled state [ 224.166056][ T7500] bond1: option mode: unable to set because the bond device has slaves [ 225.327243][ T7521] netlink: 56 bytes leftover after parsing attributes in process `syz.1.935'. [ 225.702792][ T7533] device team0 entered promiscuous mode [ 225.716442][ T7533] device batadv1 entered promiscuous mode [ 225.729536][ T7533] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 225.760677][ T7533] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 225.827138][ T7538] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 227.229780][ T7566] netlink: 32 bytes leftover after parsing attributes in process `syz.5.948'. [ 227.284425][ T7566] netlink: 32 bytes leftover after parsing attributes in process `syz.5.948'. [ 227.440845][ T7572] net_ratelimit: 10 callbacks suppressed [ 227.440863][ T7572] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check. [ 227.484901][ T7572] netlink: 28 bytes leftover after parsing attributes in process `syz.1.950'. [ 232.263936][ T7624] netlink: 1347 bytes leftover after parsing attributes in process `syz.1.968'. [ 232.463733][ T7626] netlink: 4 bytes leftover after parsing attributes in process `syz.4.967'. [ 232.680401][ T7640] netlink: 'syz.1.971': attribute type 1 has an invalid length. [ 232.791514][ T7640] 8021q: adding VLAN 0 to HW filter on device bond2 [ 232.818032][ T7644] device wlan0 entered promiscuous mode [ 232.846799][ T7644] bond2: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 234.196516][ T7681] netlink: 24 bytes leftover after parsing attributes in process `syz.4.983'. [ 234.334434][ T7686] loop6: detected capacity change from 0 to 1024 [ 234.376847][ T7686] EXT4-fs: Ignoring removed orlov option [ 234.453570][ T7686] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 234.512161][ T26] audit: type=1800 audit(1768924547.774:54): pid=7686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.985" name="bus" dev="loop6" ino=18 res=0 errno=0 [ 234.553614][ T7693] overlayfs: failed to clone upperpath [ 234.579020][ T7686] Trying to write to read-only block-device loop6 [ 234.632109][ T7686] Trying to write to read-only block-device loop6 [ 234.713196][ T7686] Trying to write to read-only block-device loop6 [ 234.742799][ T7686] Trying to write to read-only block-device loop6 [ 234.783196][ T7697] Trying to write to read-only block-device loop6 [ 235.582118][ T46] Trying to write to read-only block-device loop6 [ 235.583189][ T5482] Trying to write to read-only block-device loop6 [ 235.610138][ T46] Trying to write to read-only block-device loop6 [ 235.636892][ T5482] Trying to write to read-only block-device loop6 [ 235.642210][ T46] Trying to write to read-only block-device loop6 [ 235.673051][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 235.693735][ T7709] netlink: 'syz.1.993': attribute type 10 has an invalid length. [ 235.713647][ T7709] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 236.856068][ T7721] device team0 entered promiscuous mode [ 236.862324][ T7721] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 236.872156][ T7721] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 236.887619][ T7718] overlayfs: failed to clone lowerpath [ 237.258198][ T7735] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 239.147729][ T7758] loop6: detected capacity change from 0 to 128 [ 240.193385][ T4259] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 241.497507][ T7805] loop0: detected capacity change from 0 to 16 [ 241.530581][ T7805] erofs: (device loop0): mounted with root inode @ nid 36. [ 242.943863][ T7819] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1020'. [ 242.962750][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 242.968818][ T48] Bluetooth: hci3: command 0x0406 tx timeout [ 244.091133][ T7810] loop6: detected capacity change from 0 to 32768 [ 246.761038][ T7872] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1038'. [ 249.386738][ T7904] 8021q: adding VLAN 0 to HW filter on device bond4 [ 249.394771][ T7904] bond3: (slave bond4): Enslaving as an active interface with an up link [ 249.408800][ T7902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1046'. [ 249.441171][ T7902] bond3 (unregistering): (slave bond4): Releasing backup interface [ 249.878505][ T7902] bond3 (unregistering): Released all slaves [ 250.455712][ T7933] overlayfs: failed to clone upperpath [ 253.335580][ T7972] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 253.608671][ T7977] bond0: (slave wlan1): Releasing backup interface [ 253.636176][ T7977] device batadv1 left promiscuous mode [ 253.648803][ T7979] loop0: detected capacity change from 0 to 1024 [ 253.721955][ T7979] EXT4-fs: Ignoring removed orlov option [ 253.733486][ T7977] team0: Port device batadv1 removed [ 253.752730][ T7979] EXT4-fs: Ignoring removed i_version option [ 253.753244][ T7977] bond0: (slave macvlan2): Releasing backup interface [ 253.790246][ T7977] device team0 left promiscuous mode [ 253.853082][ T7979] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 254.514901][ T7980] team0: Mode changed to "loadbalance" [ 254.576484][ T7979] netlink: 'syz.0.1068': attribute type 3 has an invalid length. [ 254.591436][ T7979] netlink: 'syz.0.1068': attribute type 3 has an invalid length. [ 254.610461][ T7991] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1071'. [ 254.779352][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 255.633316][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.639829][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.338606][ T7897] Set syz1 is full, maxelem 65536 reached [ 256.426856][ T8024] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1084'. [ 256.528367][ T8028] batman_adv: batadv0: Adding interface: dummy0 [ 256.565828][ T8028] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.598836][ T8028] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 256.711052][ T8033] 8021q: adding VLAN 0 to HW filter on device bond4 [ 256.733364][ T8033] bond3: (slave bond4): Enslaving as an active interface with an up link [ 256.793678][ T8038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1088'. [ 257.159403][ T8038] bond3 (unregistering): (slave bond4): Releasing backup interface [ 257.423451][ T8038] bond3 (unregistering): Released all slaves [ 257.468247][ T8046] netlink: 'syz.5.1099': attribute type 12 has an invalid length. [ 258.584894][ T8067] loop0: detected capacity change from 0 to 128 [ 258.879434][ T48] Bluetooth: Frame is too long (len 16, expected len 4) [ 262.232465][ T8108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1113'. [ 262.245795][ T8086] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1105'. [ 263.387779][ T8128] netlink: 'syz.0.1118': attribute type 1 has an invalid length. [ 263.681943][ T8128] 8021q: adding VLAN 0 to HW filter on device bond3 [ 264.164176][ T8130] bond3: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms [ 264.249613][ T8128] bond3: (slave ip6gretap2): Enslaving as an active interface with an up link [ 265.937179][ T8175] netlink: 'syz.4.1137': attribute type 1 has an invalid length. [ 266.021037][ T8175] 8021q: adding VLAN 0 to HW filter on device bond5 [ 266.114263][ T8177] bond5: (slave geneve2): making interface the new active one [ 266.137215][ T8177] bond5: (slave geneve2): Enslaving as an active interface with an up link [ 266.202693][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready [ 266.221806][ T8177] syz.4.1137 (8177) used greatest stack depth: 19216 bytes left [ 267.902147][ T8215] netlink: 'syz.1.1148': attribute type 12 has an invalid length. [ 269.433145][ T8229] loop6: detected capacity change from 0 to 128 [ 269.507768][ T8229] /dev/loop6: Can't open blockdev [ 269.997609][ T4851] Process accounting resumed [ 270.063029][ T8257] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1161'. [ 270.708213][ T8273] netlink: 'syz.6.1167': attribute type 1 has an invalid length. [ 270.765509][ T8273] 8021q: adding VLAN 0 to HW filter on device bond2 [ 270.791827][ T8279] bond2: (slave geneve2): making interface the new active one [ 270.801678][ T8279] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 270.859949][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 271.780018][ T8293] Malformed UNC in devname [ 271.780018][ T8293] [ 271.790333][ T8293] CIFS: VFS: Malformed UNC in devname [ 272.345321][ T4853] libceph: connect (1)[c::]:6789 error -101 [ 272.352041][ T4853] libceph: mon0 (1)[c::]:6789 connect error [ 272.382248][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 272.385253][ T4853] libceph: connect (1)[c::]:6789 error -101 [ 272.396078][ T8294] ceph: No mds server is up or the cluster is laggy [ 272.406940][ T4853] libceph: mon0 (1)[c::]:6789 connect error [ 272.422432][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 272.513026][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 272.646906][ T8303] bond0: (slave wlan1): Releasing backup interface [ 272.668725][ T8303] bond0: (slave wlan1): the permanent HWaddr of slave - 08:02:11:00:00:01 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 272.737719][ T8303] bond2: (slave vcan1): Releasing backup interface [ 272.752189][ T8303] bond2: (slave vcan2): making interface the new active one [ 272.799982][ T8303] bond2: (slave vcan2): Releasing backup interface [ 272.839683][ T8303] bond0: (slave macvlan2): Releasing backup interface [ 272.851226][ T8303] device team0 left promiscuous mode [ 272.866219][ T8303] bond3: (slave ip6gretap2): Releasing active interface [ 272.921760][ T8307] team0: Failed to send options change via netlink (err -105) [ 272.944448][ T8307] team0: Mode changed to "loadbalance" [ 272.950324][ T8312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1178'. [ 273.084028][ T8317] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1180'. [ 273.271183][ T8325] netlink: 'syz.1.1182': attribute type 1 has an invalid length. [ 273.310328][ T8325] 8021q: adding VLAN 0 to HW filter on device bond3 [ 274.163490][ T8331] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.187765][ T8331] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.228922][ T8331] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.282573][ T8331] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.300254][ T8331] bond3: (slave geneve2): making interface the new active one [ 274.310946][ T8331] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 274.331414][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready [ 274.664334][ T48] Bluetooth: hci3: command 0x0406 tx timeout [ 275.077039][ T8342] 8021q: adding VLAN 0 to HW filter on device bond7 [ 275.087920][ T8342] bond6: (slave bond7): Enslaving as an active interface with an up link [ 275.096966][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1186'. [ 275.153152][ T8345] bond6 (unregistering): (slave bond7): Releasing backup interface [ 275.211966][ T8345] bond6 (unregistering): Released all slaves [ 275.313688][ T8353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1190'. [ 275.468566][ T8365] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 275.485199][ T8365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 275.500469][ T8365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 275.630881][ T8365] bond0: (slave wlan1): Releasing backup interface [ 275.674085][ T8365] bond2: (slave ip6gretap1): Releasing backup interface [ 275.717896][ T8365] bond5: (slave geneve2): Releasing active interface [ 275.785239][ T8367] team0: Failed to send options change via netlink (err -105) [ 275.862760][ T8367] team0: Mode changed to "loadbalance" [ 278.440029][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'. [ 278.469704][ T8409] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.479097][ T8409] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.487894][ T8409] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.496653][ T8409] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.510395][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'. [ 278.899322][ T8425] netlink: 1319 bytes leftover after parsing attributes in process `syz.1.1211'. [ 278.985253][ T8429] netlink: 'syz.0.1210': attribute type 12 has an invalid length. [ 279.576901][ T8442] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1215'. [ 279.760391][ T8445] overlayfs: failed to clone upperpath [ 282.449851][ T8483] loop6: detected capacity change from 0 to 128 [ 282.533809][ T4259] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 282.723092][ T8489] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1233'. [ 283.557275][ T8503] netlink: 'syz.1.1238': attribute type 1 has an invalid length. [ 285.875796][ T8503] bond5: (slave veth3): Enslaving as an active interface with a down link [ 285.972435][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1238'. [ 286.198654][ T8503] bond5 (unregistering): (slave veth3): Releasing active interface [ 286.331787][ T8503] bond5 (unregistering): Released all slaves [ 286.493564][ T8520] sock: sock_set_timeout: `syz.0.1243' (pid 8520) tries to set negative timeout [ 287.394409][ T8533] netlink: 'syz.1.1247': attribute type 27 has an invalid length. [ 287.402420][ T8533] netlink: 'syz.1.1247': attribute type 4 has an invalid length. [ 287.410589][ T8533] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1247'. [ 288.211614][ T8541] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1248'. [ 288.271272][ T8545] loop6: detected capacity change from 0 to 512 [ 288.291853][ T8545] EXT4-fs (loop6): Test dummy encryption mode enabled [ 288.329846][ T8545] EXT4-fs (loop6): write access unavailable, skipping orphan cleanup [ 288.359788][ T8545] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 288.415993][ T5482] EXT4-fs (loop6): unmounting filesystem. [ 289.365375][ T8555] binder_alloc: 8552: binder_alloc_buf, no vma [ 289.710605][ T8567] device batadv_slave_0 entered promiscuous mode [ 290.761402][ T8602] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1270'. [ 291.721598][ T8616] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1274'. [ 301.613728][ T8718] device syzkaller0 entered promiscuous mode [ 306.947854][ T8768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1317'. [ 307.252990][ T8778] netlink: 'syz.1.1319': attribute type 1 has an invalid length. [ 308.566735][ T26] audit: type=1326 audit(1768924621.834:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.660416][ T26] audit: type=1326 audit(1768924621.834:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.714702][ T8798] overlayfs: missing 'lowerdir' [ 308.736262][ T26] audit: type=1326 audit(1768924621.834:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.782418][ T26] audit: type=1326 audit(1768924621.834:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.828321][ T26] audit: type=1326 audit(1768924621.834:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.920503][ T26] audit: type=1326 audit(1768924621.834:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 308.970671][ T26] audit: type=1326 audit(1768924621.834:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 309.773260][ T26] audit: type=1326 audit(1768924621.834:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 309.841021][ T26] audit: type=1326 audit(1768924621.834:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 309.941017][ T26] audit: type=1326 audit(1768924621.834:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f235e79acb9 code=0x7ffc0000 [ 310.912255][ T8821] netlink: 'syz.1.1334': attribute type 1 has an invalid length. [ 310.966401][ T8821] 8021q: adding VLAN 0 to HW filter on device bond5 [ 311.003255][ T8821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1334'. [ 314.190917][ T8859] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1345'. [ 314.398022][ T8859] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1345'. [ 315.648745][ T8877] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1358'. [ 317.523486][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.529871][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.127526][ T8906] MTD: Couldn't look up '/dev/nullb0': -2 [ 322.811946][ T8955] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1372'. [ 328.497235][ T4515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 328.608422][ T4515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.311107][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 330.482801][ T9032] device macvtap1 entered promiscuous mode [ 330.489198][ T9032] device bond0 entered promiscuous mode [ 330.495607][ T9032] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 330.566505][ T9032] team0: Device macvtap1 failed to register rx_handler [ 331.074506][ T9032] device bond0 left promiscuous mode [ 332.364783][ T9045] netlink: 'syz.1.1397': attribute type 10 has an invalid length. [ 332.524840][ T9045] bond0 speed is unknown, defaulting to 1000 [ 332.531429][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.511903][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.627282][ T9045] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 333.669139][ T9045] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 333.686780][ T9056] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1398'. [ 333.700768][ T9056] tc_dump_action: action bad kind [ 333.777542][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.803252][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.810551][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.818904][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.828207][ T9045] bond0 speed is unknown, defaulting to 1000 [ 333.836725][ T9045] bond0 speed is unknown, defaulting to 1000 [ 336.259496][ T9083] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1402'. [ 337.278016][ T9092] netlink: 'syz.0.1406': attribute type 10 has an invalid length. [ 337.328748][ T9092] bond0: (slave wlan1): refused to change device type [ 337.379150][ T9094] netlink: 'syz.0.1406': attribute type 10 has an invalid length. [ 337.422770][ T9094] bond0: (slave wlan1): refused to change device type [ 343.044435][ T9190] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1433'. [ 343.122801][ T9183] fuse: root generation should be zero [ 343.273876][ T9190] 8021q: adding VLAN 0 to HW filter on device bond6 [ 343.317807][ T9193] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1433'. [ 343.340186][ T9196] overlayfs: failed to clone upperpath [ 343.393335][ T9193] device bond6 entered promiscuous mode [ 343.529802][ T9194] device dummy0 entered promiscuous mode [ 343.564088][ T9194] bond6: (slave dummy0): Enslaving as an active interface with an up link [ 343.585321][ T9199] loop0: detected capacity change from 0 to 128 [ 343.629206][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): bond6: link becomes ready [ 344.525807][ T9214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1440'. [ 344.922132][ T9216] MTD: Couldn't look up '/dev/nullb0': -2 [ 346.735346][ T9232] xt_CT: You must specify a L4 protocol and not use inversions on it [ 349.139939][ T9246] bond0 speed is unknown, defaulting to 1000 [ 349.485311][ T9265] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1457'. [ 349.703948][ T9271] cgroup: Invalid name [ 351.308289][ T9287] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1463'. [ 351.337489][ T9287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1463'. [ 351.372120][ T9279] loop0: detected capacity change from 0 to 4096 [ 353.387252][ T9309] loop0: detected capacity change from 0 to 256 [ 353.408632][ T9309] exfat: Deprecated parameter 'utf8' [ 353.414351][ T9309] exfat: Deprecated parameter 'namecase' [ 353.420025][ T9309] exfat: Deprecated parameter 'utf8' [ 353.431823][ T9309] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 353.739863][ T9313] overlayfs: failed to clone upperpath [ 353.910668][ T9322] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1472'. [ 354.363262][ T9337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 358.060654][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 358.060669][ T26] audit: type=1326 audit(1768924671.324:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 358.150593][ T26] audit: type=1326 audit(1768924671.364:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 358.274117][ T26] audit: type=1326 audit(1768924671.364:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 358.446936][ T26] audit: type=1326 audit(1768924671.544:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 358.625203][ T26] audit: type=1326 audit(1768924671.584:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.382620][ T26] audit: type=1326 audit(1768924671.584:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.479878][ T26] audit: type=1326 audit(1768924671.584:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.502641][ T26] audit: type=1326 audit(1768924671.584:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.688380][ T26] audit: type=1326 audit(1768924671.584:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.713879][ T26] audit: type=1326 audit(1768924671.584:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.6.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7b39acb9 code=0x7ffc0000 [ 359.777955][ T9408] netlink: 'syz.6.1497': attribute type 10 has an invalid length. [ 359.829790][ T9408] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 361.504694][ T9436] xt_nat: multiple ranges no longer supported [ 363.215635][ T9450] netlink: 'syz.6.1510': attribute type 1 has an invalid length. [ 363.455767][ T9450] 8021q: adding VLAN 0 to HW filter on device bond3 [ 363.514257][ T9453] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1510'. [ 363.570266][ T9453] device bond3 entered promiscuous mode [ 363.747100][ T9462] fuse: Bad value for 'fd' [ 364.870097][ T48] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 364.879281][ T48] Bluetooth: hci4: Injecting HCI hardware error event [ 364.889779][ T4283] Bluetooth: hci4: hardware error 0x00 [ 365.315203][ T9493] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1521'. [ 365.339693][ T9493] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1521'. [ 366.474643][ T9503] overlayfs: failed to clone upperpath [ 367.042630][ T4283] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 368.478660][ T9529] netlink: 'syz.1.1534': attribute type 10 has an invalid length. [ 373.165869][ T9568] xt_connbytes: Forcing CT accounting to be enabled [ 373.174067][ T9568] set match dimension is over the limit! [ 378.860464][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.870292][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.812104][ T9629] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 379.838762][ T9629] CIFS mount error: No usable UNC path provided in device string! [ 379.838762][ T9629] [ 379.849389][ T9629] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 384.932569][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 384.932586][ T26] audit: type=1326 audit(1768924697.584:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9701 comm="syz.4.1575" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1919b9acb9 code=0x0 [ 387.840198][ T9674] batman_adv: batadv0: Interface deactivated: dummy0 [ 388.465792][ T9738] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 388.596357][ T9738] SET target dimension over the limit! [ 388.937980][ T9750] xt_l2tp: invalid flags combination: 8 [ 390.360132][ T9674] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.377037][ T9674] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.388847][ T9674] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.405617][ T9674] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.382074][ T9794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1594'. [ 391.483167][ T9800] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1595'. [ 391.588591][ T9803] overlayfs: failed to clone upperpath [ 391.680707][ T26] audit: type=1326 audit(1768924704.944:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 391.767202][ T26] audit: type=1326 audit(1768924704.944:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 391.826325][ T9808] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.847479][ T26] audit: type=1326 audit(1768924704.974:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 391.899117][ T26] audit: type=1326 audit(1768924704.974:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 391.959236][ T9808] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.979713][ T9812] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1600'. [ 391.989841][ T26] audit: type=1326 audit(1768924704.974:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.021174][ T26] audit: type=1326 audit(1768924704.974:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.050175][ T26] audit: type=1326 audit(1768924704.974:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.111717][ T9808] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.184804][ T26] audit: type=1326 audit(1768924704.974:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.250193][ T9808] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.342109][ T9808] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.354275][ T9808] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.368141][ T9808] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.381173][ T9808] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.399966][ T26] audit: type=1326 audit(1768924704.974:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.433002][ T26] audit: type=1326 audit(1768924704.974:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.5.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 392.618247][ T9828] netlink: 'syz.6.1608': attribute type 1 has an invalid length. [ 392.687986][ T9830] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1604'. [ 393.322140][ T9828] device bond4 entered promiscuous mode [ 393.467567][ T9828] 8021q: adding VLAN 0 to HW filter on device bond4 [ 393.491356][ T9833] bond4: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 393.505560][ T9833] bond4: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 393.525966][ T9833] bond4: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 393.623516][ T9843] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 394.393277][ T9834] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1607'. [ 395.403597][ T9857] capability: warning: `syz.5.1615' uses deprecated v2 capabilities in a way that may be insecure [ 396.570597][ T9887] xt_connbytes: Forcing CT accounting to be enabled [ 396.577398][ T9887] set match dimension is over the limit! [ 397.451077][ T9899] bond0 speed is unknown, defaulting to 1000 [ 399.430557][ T9931] set match dimension is over the limit! [ 401.790190][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 401.790204][ T26] audit: type=1326 audit(1768924715.054:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 401.894309][ T26] audit: type=1326 audit(1768924715.094:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.081071][ T26] audit: type=1326 audit(1768924715.094:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.279990][ T26] audit: type=1326 audit(1768924715.094:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.444781][ T26] audit: type=1326 audit(1768924715.094:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.546477][ T26] audit: type=1326 audit(1768924715.094:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.581070][ T26] audit: type=1326 audit(1768924715.094:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.648691][ T26] audit: type=1326 audit(1768924715.094:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.877644][ T26] audit: type=1326 audit(1768924715.254:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 402.962844][ T26] audit: type=1326 audit(1768924715.254:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9943 comm="syz.5.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037ad9acb9 code=0x7ffc0000 [ 403.767656][ T9982] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 405.281852][ T9989] xt_TCPMSS: Only works on TCP SYN packets [ 412.058714][T10070] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 414.280100][T10102] 8021q: adding VLAN 0 to HW filter on device bond6 [ 414.288771][ T4283] Bluetooth: hci1: unexpected subevent 0x03 length: 232 > 9 [ 414.418092][T10105] 8021q: adding VLAN 0 to HW filter on device bond6 [ 414.555337][T10105] bond6: (slave vxcan1): The slave device specified does not support setting the MAC address [ 414.574044][T10105] bond6: (slave vxcan1): Error -95 calling set_mac_address [ 414.921099][T10102] device macvlan3 entered promiscuous mode [ 414.985576][T10102] bond6: (slave macvlan3): Error -98 calling set_mac_address [ 415.393545][T10116] trusted_key: encrypted_key: insufficient parameters specified [ 415.666885][T10124] sctp: [Deprecated]: syz.4.1694 (pid 10124) Use of int in max_burst socket option. [ 415.666885][T10124] Use struct sctp_assoc_value instead [ 416.451595][T10128] xt_socket: unknown flags 0x40 [ 421.470594][T10124] kthread_run failed with err -4 [ 421.529107][T10144] syz.1.1699[10144] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 421.529179][T10144] syz.1.1699[10144] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 423.749279][T10184] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 424.500648][T10186] fuse: Bad value for 'fd' [ 426.544422][T10220] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1720'. [ 426.588979][T10220] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1720'. [ 427.432611][T10230] netlink: 'syz.6.1725': attribute type 10 has an invalid length. [ 427.514505][T10230] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1725'. [ 427.539829][T10230] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.592410][ T26] audit: type=1326 audit(1768924740.854:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10232 comm="syz.5.1726" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f037ad9acb9 code=0x0 [ 427.593347][T10230] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.802368][T10230] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.874955][T10230] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.910112][T10230] team0: Port device geneve0 added [ 427.935534][T10241] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1721'. [ 429.695083][T10255] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1731'. [ 429.774287][T10255] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1731'. [ 429.800192][T10255] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1731'. [ 429.943554][T10271] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1738'. [ 430.982404][T10288] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1744'. [ 431.619845][T10303] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1749'. [ 432.065053][T10316] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 434.201575][T10310] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.210151][T10310] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.218656][T10310] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.227264][T10310] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.401318][T10331] sch_tbf: burst 21990 is lower than device lo mtu (11337746) ! [ 438.684396][T10368] netlink: 'syz.5.1765': attribute type 10 has an invalid length. [ 438.744725][T10368] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 438.762295][T10368] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 438.817188][T10368] batman_adv: batadv0: Removing interface: dummy0 [ 439.492315][T10368] bond0: (slave batadv0): Releasing backup interface [ 439.521179][T10381] sch_tbf: burst 19872 is lower than device lo mtu (32783) ! [ 439.925947][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.934702][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.946669][T10392] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 444.546654][T10461] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 444.903060][T10463] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000009 [ 449.231936][T10493] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1801'. [ 449.316441][T10493] 8021q: adding VLAN 0 to HW filter on device bond5 [ 449.921967][T10505] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1803'. [ 450.480671][T10496] bond5: (slave veth5): Enslaving as a backup interface with a down link [ 450.629656][T10493] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1801'. [ 450.676783][T10500] bond0 speed is unknown, defaulting to 1000 [ 451.036495][T10522] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 458.323574][T10578] openvswitch: netlink: EtherType 0 is less than min 600 [ 459.102316][T10586] tipc: Enabling of bearer rejected, failed to enable media [ 460.336740][T10604] device bond1 left promiscuous mode [ 460.626043][T10608] netlink: 'syz.6.1828': attribute type 10 has an invalid length. [ 460.634129][T10608] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1828'. [ 460.708356][T10608] batman_adv: batadv0: Adding interface: virt_wifi0 [ 460.715349][T10608] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 460.741626][T10608] batman_adv: batadv0: Interface activated: virt_wifi0 [ 461.997910][T10626] tipc: Started in network mode [ 462.080413][T10626] tipc: Node identity 080211000001, cluster identity 4711 [ 462.279660][T10626] tipc: Enabled bearer , priority 0 [ 463.396614][ T4851] tipc: Node number set to 134418688 [ 463.425481][T10640] xt_CT: No such helper "pptp" [ 464.043772][T10648] Invalid ELF header type: 3 != 1 [ 465.215239][T10648] ptrace attach of "./syz-executor exec"[10650] was attempted by "./syz-executor exec"[10648] [ 468.450111][T10665] device wlan0 left promiscuous mode [ 468.669166][T10665] device team0 left promiscuous mode [ 468.682813][T10674] capability: warning: `syz.1.1846' uses 32-bit capabilities (legacy support in use) [ 471.331446][T10706] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1858'. [ 471.491513][T10708] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 471.659555][T10708] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 472.102984][T10708] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 472.755259][T10708] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 472.917479][T10708] bond8: (slave geneve3): Enslaving as an active interface with an up link [ 472.966883][T10713] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1858'. [ 473.071546][T10713] bond8 (unregistering): (slave geneve3): Releasing backup interface [ 473.110595][T10713] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 473.130052][T10713] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 473.185934][T10713] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 473.222635][T10713] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 473.341045][T10713] bond8 (unregistering): Released all slaves [ 473.397967][T10732] tipc: Enabling of bearer rejected, failed to enable media [ 474.371285][T10746] device vlan3 entered promiscuous mode [ 477.928486][T10764] MPTCP: kernel_bind error, err=-99 [ 479.235004][T10786] netlink: 'syz.5.1880': attribute type 1 has an invalid length. [ 480.059327][T10786] 8021q: adding VLAN 0 to HW filter on device bond3 [ 480.070580][T10800] device gretap2 entered promiscuous mode [ 480.133581][T10800] bond3: (slave gretap2): making interface the new active one [ 480.143447][T10800] bond3: (slave gretap2): Enslaving as an active interface with an up link [ 480.331698][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready [ 482.019496][T10814] tipc: Started in network mode [ 482.212962][T10814] tipc: Node identity 080211000001, cluster identity 4711 [ 482.220402][T10814] tipc: Enabled bearer , priority 0 [ 483.283426][ T22] tipc: Node number set to 134418688 [ 485.141532][T10868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1898'. [ 486.851966][T10876] netlink: 'syz.6.1903': attribute type 1 has an invalid length. [ 487.190722][T10889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1915'. [ 488.123701][T10880] bond6: (slave bridge1): making interface the new active one [ 488.163435][T10880] bond6: (slave bridge1): Enslaving as an active interface with an up link [ 488.199104][T10886] device macvlan2 entered promiscuous mode [ 488.221640][T10886] device bond6 entered promiscuous mode [ 488.249671][T10886] device bridge1 entered promiscuous mode [ 488.269586][T10886] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 488.300313][T10886] bond6: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 488.360333][T10886] device bond6 left promiscuous mode [ 488.365793][T10886] device bridge1 left promiscuous mode [ 491.217955][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1918'. [ 492.197360][T10940] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1922'. [ 497.493734][T10978] bond0 speed is unknown, defaulting to 1000 [ 497.961931][T11001] tipc: Enabling of bearer rejected, failed to enable media [ 500.331436][T11021] device bridge0 entered promiscuous mode [ 500.713124][T11028] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1948'. [ 501.366210][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.372693][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.456128][T11030] netlink: 'syz.5.1946': attribute type 4 has an invalid length. [ 501.626049][T11036] netlink: 'syz.5.1946': attribute type 4 has an invalid length. [ 501.791310][T11049] netlink: 'syz.1.1950': attribute type 10 has an invalid length. [ 501.845013][T11049] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 501.870487][ T4853] bond0 speed is unknown, defaulting to 1000 [ 502.907901][T11071] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1956'. [ 502.986820][T11073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1954'. [ 503.146084][T11071] bridge1: port 1(vlan3) entered blocking state [ 503.237747][T11071] bridge1: port 1(vlan3) entered disabled state [ 503.394215][T11071] device vlan3 entered promiscuous mode [ 503.474846][T11071] device bridge0 entered promiscuous mode [ 503.552814][T11074] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1958'. [ 503.967377][T11074] bridge0: port 1(vlan2) entered disabled state [ 504.204951][T11074] bond0 (unregistering): (slave macvlan2): Releasing backup interface [ 504.244317][ T4283] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 504.257225][ T4283] Bluetooth: hci2: Injecting HCI hardware error event [ 504.269837][ T48] Bluetooth: hci2: hardware error 0x00 [ 504.379472][T11074] bond0 (unregistering): Released all slaves [ 506.413794][ T48] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 508.572611][T11132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1972'. [ 510.256943][T11151] xt_TPROXY: Can be used only with -p tcp or -p udp [ 511.934565][T11166] netlink: 'syz.0.1984': attribute type 2 has an invalid length. [ 515.065874][T11203] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 520.125799][T11261] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2009'. [ 520.136340][T11261] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2009'. [ 521.519412][T11275] sctp: [Deprecated]: syz.6.2014 (pid 11275) Use of struct sctp_assoc_value in delayed_ack socket option. [ 521.519412][T11275] Use struct sctp_sack_info instead [ 523.883799][T11299] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2020'. [ 524.164912][T11306] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2020'. [ 524.187692][T11306] bridge1: port 1(vlan3) entered blocking state [ 524.194127][T11306] bridge1: port 1(vlan3) entered forwarding state [ 524.214073][T11306] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2020'. [ 524.486964][T11306] bridge1: port 1(vlan3) entered disabled state [ 524.835592][T11308] tipc: Enabling of bearer rejected, failed to enable media [ 525.405917][T11340] openvswitch: netlink: EtherType 0 is less than min 600 [ 531.061431][ T22] libceph: connect (1)[c::]:6789 error -101 [ 531.074967][ T22] libceph: mon0 (1)[c::]:6789 connect error [ 531.468152][T11400] ceph: No mds server is up or the cluster is laggy [ 531.526316][ T22] libceph: connect (1)[c::]:6789 error -101 [ 531.886121][ T22] libceph: mon0 (1)[c::]:6789 connect error [ 538.361492][T11485] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 538.722895][T11495] 8021q: adding VLAN 0 to HW filter on device bond0 [ 538.764850][T11495] team0: Failed to send options change via netlink (err -105) [ 538.810549][T11495] team0: Port device bond0 added [ 538.859128][ T4853] bond0 speed is unknown, defaulting to 1000 [ 538.859542][T11499] team0: Failed to send port change of device bond0 via netlink (err -105) [ 539.042430][T11498] netlink: 'syz.4.2076': attribute type 10 has an invalid length. [ 539.112381][T11504] MPTCP: kernel_bind error, err=-99 [ 539.688670][T11498] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2076'. [ 539.839566][T11498] team0: Port device geneve0 added [ 544.855453][T11559] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 544.856416][ T26] audit: type=1800 audit(1768924858.124:130): pid=11559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2094" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0 [ 544.864850][T11559] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 544.895676][T11559] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 547.032335][T11593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2104'. [ 548.707064][T11604] device bridge4 entered promiscuous mode [ 548.818291][T11606] device vlan4 entered promiscuous mode [ 548.909220][T11602] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2104'. [ 550.678271][T11593] netlink: 63 bytes leftover after parsing attributes in process `syz.0.2104'. [ 556.560636][T11707] ptrace attach of "./syz-executor exec"[5482] was attempted by " [ 556.660442][ C1] hrtimer: interrupt took 34096 ns [ 557.222060][T11701] bond0 speed is unknown, defaulting to 1000 [ 562.145475][T11741] sctp: [Deprecated]: syz.4.2145 (pid 11741) Use of struct sctp_assoc_value in delayed_ack socket option. [ 562.145475][T11741] Use struct sctp_sack_info instead [ 562.836124][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.842539][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.098583][T11754] tipc: Enabling of bearer rejected, failed to enable media [ 564.263029][T11768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 564.271081][T11768] team0: Failed to send options change via netlink (err -105) [ 564.296125][T11768] team0: Port device bond0 added [ 564.341365][T11773] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2155'. [ 564.392789][T11773] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2155'. [ 565.715457][T11770] team0: Failed to send port change of device geneve0 via netlink (err -105) [ 569.581931][T11809] team0: Port device bond0 removed [ 569.813237][T11809] bond0: (slave netdevsim0): Releasing backup interface [ 570.408918][T11809] bond3: (slave geneve2): Releasing active interface [ 570.567361][T11809] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.576456][T11809] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.589967][T11809] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.613010][T11809] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.696431][T11809] device vlan3 left promiscuous mode [ 570.701762][T11809] device bridge0 left promiscuous mode [ 570.743363][T11809] bridge1: port 1(vlan3) entered disabled state [ 570.770545][T11811] netlink: 'syz.5.2163': attribute type 39 has an invalid length. [ 570.792397][ T4310] bond0 speed is unknown, defaulting to 1000 [ 571.220052][ T4851] bond0 speed is unknown, defaulting to 1000 [ 571.768821][ T952] bond0 speed is unknown, defaulting to 1000 [ 574.938177][T11858] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2167'. [ 575.634114][T11868] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2179'. [ 575.643074][T11868] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2179'. [ 575.747575][T11874] 8021q: adding VLAN 0 to HW filter on device bond0 [ 575.755475][T11874] team0: Port device bond0 added [ 575.766104][T11874] team0: Failed to send port change of device bond0 via netlink (err -105) [ 575.918314][T11874] team0: Failed to send port change of device geneve0 via netlink (err -105) [ 579.723176][T11927] overlayfs: failed to clone upperpath [ 581.241275][T11944] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1 [ 581.251136][T11944] F2FS-fs (loop1): Unable to read 1th superblock [ 581.259114][T11944] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1 [ 581.268421][T11944] F2FS-fs (loop1): Unable to read 2th superblock [ 582.187777][T11951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2201'. [ 584.582706][T11953] syz.1.2202 (11953) used greatest stack depth: 17360 bytes left [ 587.358984][T12010] 8021q: adding VLAN 0 to HW filter on device bond0 [ 587.380267][T12010] team0: Device bond0 failed to register rx_handler [ 593.502186][T12072] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 594.481771][T12076] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2235'. [ 594.506311][T12076] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2235'. [ 595.303895][T12080] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 606.334918][T12172] bridge0: port 1(vxlan0) entered blocking state [ 606.480450][T12172] bridge0: port 1(vxlan0) entered disabled state [ 606.507555][T12172] device vxlan0 entered promiscuous mode [ 606.894156][T12175] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2258'. [ 606.979337][T12175] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 607.977284][T12190] MPTCP: kernel_bind error, err=-98 [ 611.499007][T12227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 615.021874][T12253] MPTCP: kernel_bind error, err=-99 [ 617.180366][T12279] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2277'. [ 617.748470][T12283] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2284'. [ 619.083959][T12300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 619.255430][T12300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 619.859583][T12313] netlink: 34 bytes leftover after parsing attributes in process `syz.1.2292'. [ 620.093578][T12312] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2294'. [ 620.144604][ C0] vcan0: j1939_tp_rxtimer: 0xffff888057d3f400: rx timeout, send abort [ 621.964973][T12318] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 621.994455][T12322] device vlan4 entered promiscuous mode [ 622.015744][T12322] device bond0 entered promiscuous mode [ 624.253367][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.259757][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.289582][T12347] netlink: 'syz.4.2305': attribute type 10 has an invalid length. [ 624.355821][T12347] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2305'. [ 638.187340][T12478] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 641.531257][T12514] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2344'. [ 642.581444][ T48] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 642.590532][ T48] Bluetooth: hci3: Injecting HCI hardware error event [ 642.599986][ T48] Bluetooth: hci3: hardware error 0x00 [ 642.907316][ T4546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 642.920274][ T4546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 642.987050][ T4521] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 645.254344][ T48] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 646.845698][T12578] tipc: Enabling of bearer rejected, failed to enable media [ 647.018109][T12583] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2359'. [ 653.258275][T12635] set match dimension is over the limit! [ 655.860634][T12661] overlayfs: failed to clone lowerpath [ 657.525867][T12686] netlink: 'syz.6.2391': attribute type 13 has an invalid length. [ 657.533932][T12686] netlink: 24859 bytes leftover after parsing attributes in process `syz.6.2391'. [ 658.514225][ T48] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 658.523462][ T48] Bluetooth: hci1: Injecting HCI hardware error event [ 658.533138][ T48] Bluetooth: hci1: hardware error 0x00 [ 660.024591][T12709] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2396'. [ 661.177011][T12726] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2384'. [ 661.614114][ T48] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 662.191458][T12742] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 665.102810][T12747] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2406'. [ 665.217920][T12747] bond5: (slave syz_tun): Enslaving as an active interface with an up link [ 665.762766][T12764] IPv6: sit1: Disabled Multicast RS [ 668.384139][T12793] netlink: 176 bytes leftover after parsing attributes in process `syz.6.2417'. [ 676.025949][T12872] CIFS mount error: No usable UNC path provided in device string! [ 676.025949][T12872] [ 676.035990][T12872] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 681.995839][T12928] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2458'. [ 682.006176][T12928] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2458'. [ 683.495547][T12943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2463'. [ 687.489333][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 687.495677][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.027101][T12972] overlayfs: failed to clone upperpath [ 692.923955][T13003] ip6t_srh: unknown srh invflags 4000 [ 693.332946][T13014] netlink: 165 bytes leftover after parsing attributes in process `syz.6.2481'. [ 696.757979][T13038] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2489'. [ 698.085160][T13047] tipc: Enabling of bearer rejected, failed to enable media [ 705.238500][T13148] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2504'. [ 705.810013][T13152] Invalid option length (1032005) for dns_resolver key [ 711.128305][T13190] bond0 speed is unknown, defaulting to 1000 [ 713.449533][T13195] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2525'. [ 714.261075][ T4517] ------------[ cut here ]------------ [ 714.267181][ T4517] WARNING: CPU: 1 PID: 4517 at io_uring/io_uring.c:2890 io_ring_exit_work+0x341/0x74e [ 714.276985][ T4517] Modules linked in: [ 714.280980][ T4517] CPU: 1 PID: 4517 Comm: kworker/u4:13 Not tainted syzkaller #0 [ 714.288616][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 714.298701][ T4517] Workqueue: events_unbound io_ring_exit_work [ 714.304817][ T4517] RIP: 0010:io_ring_exit_work+0x341/0x74e [ 714.310572][ T4517] Code: 60 f7 48 8b 7c 24 38 48 8b 74 24 18 e8 d0 29 11 00 48 85 c0 4c 8b 7c 24 10 75 3f e8 91 15 60 f7 e9 09 fe ff ff e8 87 15 60 f7 <0f> 0b b8 70 17 00 00 48 89 44 24 18 eb ca 48 8b 4c 24 08 80 e1 07 [ 714.330223][ T4517] RSP: 0018:ffffc90004e6fac0 EFLAGS: 00010293 [ 714.336334][ T4517] RAX: ffffffff8a223ce9 RBX: 000000010000a121 RCX: ffff88802ae50000 [ 714.344372][ T4517] RDX: 0000000000000000 RSI: fffffffffffffff9 RDI: 0000000000000000 [ 714.352400][ T4517] RBP: ffffc90004e6fc30 R08: ffffc90004e6fa47 R09: 1ffff920009cdf48 [ 714.360418][ T4517] R10: dffffc0000000000 R11: fffff520009cdf49 R12: dffffc0000000000 [ 714.368400][ T4517] R13: 1ffff1100b00204c R14: ffff888058010260 R15: 000000010000a128 [ 714.376434][ T4517] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 714.385400][ T4517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 714.392045][ T4517] CR2: 000055558bd3c4e8 CR3: 000000007961a000 CR4: 00000000003506e0 [ 714.400032][ T4517] Call Trace: [ 714.403372][ T4517] [ 714.406322][ T4517] ? io_ring_ctx_wait_and_kill+0x2e6/0x2e6 [ 714.412195][ T4517] ? _raw_spin_unlock+0x40/0x40 [ 714.417067][ T4517] ? _raw_spin_unlock_irq+0x1f/0x40 [ 714.422319][ T4517] ? process_one_work+0x7b0/0x1160 [ 714.427445][ T4517] process_one_work+0x8a2/0x1160 [ 714.432446][ T4517] ? worker_detach_from_pool+0x240/0x240 [ 714.438097][ T4517] ? _raw_spin_lock_irq+0xb7/0xf0 [ 714.443172][ T4517] ? _raw_spin_lock_irqsave+0x100/0x100 [ 714.448731][ T4517] ? kthread_data+0x4b/0xc0 [ 714.453307][ T4517] worker_thread+0xaa2/0x1270 [ 714.458031][ T4517] kthread+0x29d/0x330 [ 714.462171][ T4517] ? worker_clr_flags+0x1a0/0x1a0 [ 714.467210][ T4517] ? kthread_blkcg+0xd0/0xd0 [ 714.471862][ T4517] ret_from_fork+0x1f/0x30 [ 714.476315][ T4517] [ 714.479344][ T4517] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 714.486621][ T4517] CPU: 1 PID: 4517 Comm: kworker/u4:13 Not tainted syzkaller #0 [ 714.494257][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 714.504326][ T4517] Workqueue: events_unbound io_ring_exit_work [ 714.510443][ T4517] Call Trace: [ 714.513727][ T4517] [ 714.516663][ T4517] dump_stack_lvl+0x188/0x24e [ 714.521365][ T4517] ? memcpy+0x3c/0x60 [ 714.525363][ T4517] ? show_regs_print_info+0x12/0x12 [ 714.530577][ T4517] ? load_image+0x400/0x400 [ 714.535102][ T4517] panic+0x2e5/0x730 [ 714.539013][ T4517] ? bpf_jit_dump+0xd0/0xd0 [ 714.543532][ T4517] ? ret_from_fork+0x1f/0x30 [ 714.548144][ T4517] __warn+0x2f8/0x4f0 [ 714.552131][ T4517] ? io_ring_exit_work+0x341/0x74e [ 714.557258][ T4517] ? io_ring_exit_work+0x341/0x74e [ 714.562384][ T4517] report_bug+0x2ba/0x4f0 [ 714.566727][ T4517] ? io_ring_exit_work+0x341/0x74e [ 714.571856][ T4517] handle_bug+0x3a/0x70 [ 714.576018][ T4517] exc_invalid_op+0x16/0x40 [ 714.580529][ T4517] asm_exc_invalid_op+0x16/0x20 [ 714.585388][ T4517] RIP: 0010:io_ring_exit_work+0x341/0x74e [ 714.591122][ T4517] Code: 60 f7 48 8b 7c 24 38 48 8b 74 24 18 e8 d0 29 11 00 48 85 c0 4c 8b 7c 24 10 75 3f e8 91 15 60 f7 e9 09 fe ff ff e8 87 15 60 f7 <0f> 0b b8 70 17 00 00 48 89 44 24 18 eb ca 48 8b 4c 24 08 80 e1 07 [ 714.610733][ T4517] RSP: 0018:ffffc90004e6fac0 EFLAGS: 00010293 [ 714.616811][ T4517] RAX: ffffffff8a223ce9 RBX: 000000010000a121 RCX: ffff88802ae50000 [ 714.624789][ T4517] RDX: 0000000000000000 RSI: fffffffffffffff9 RDI: 0000000000000000 [ 714.632768][ T4517] RBP: ffffc90004e6fc30 R08: ffffc90004e6fa47 R09: 1ffff920009cdf48 [ 714.640746][ T4517] R10: dffffc0000000000 R11: fffff520009cdf49 R12: dffffc0000000000 [ 714.648728][ T4517] R13: 1ffff1100b00204c R14: ffff888058010260 R15: 000000010000a128 [ 714.656714][ T4517] ? io_ring_exit_work+0x341/0x74e [ 714.661856][ T4517] ? io_ring_ctx_wait_and_kill+0x2e6/0x2e6 [ 714.667683][ T4517] ? _raw_spin_unlock+0x40/0x40 [ 714.672547][ T4517] ? _raw_spin_unlock_irq+0x1f/0x40 [ 714.677759][ T4517] ? process_one_work+0x7b0/0x1160 [ 714.682883][ T4517] process_one_work+0x8a2/0x1160 [ 714.687844][ T4517] ? worker_detach_from_pool+0x240/0x240 [ 714.693493][ T4517] ? _raw_spin_lock_irq+0xb7/0xf0 [ 714.698524][ T4517] ? _raw_spin_lock_irqsave+0x100/0x100 [ 714.704080][ T4517] ? kthread_data+0x4b/0xc0 [ 714.708600][ T4517] worker_thread+0xaa2/0x1270 [ 714.713317][ T4517] kthread+0x29d/0x330 [ 714.717427][ T4517] ? worker_clr_flags+0x1a0/0x1a0 [ 714.722458][ T4517] ? kthread_blkcg+0xd0/0xd0 [ 714.727059][ T4517] ret_from_fork+0x1f/0x30 [ 714.731499][ T4517] [ 714.734842][ T4517] Kernel Offset: disabled [ 714.739221][ T4517] Rebooting in 86400 seconds..