last executing test programs: 12.789627495s ago: executing program 0 (id=1009): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 11.34547127s ago: executing program 2 (id=1013): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) unshare(0x66000080) r1 = socket$netlink(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', 0x0}) socket$packet(0x11, 0x3, 0x300) r3 = gettid() setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000280)=0x8, 0x4) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/18, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r3], 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005540)=""/99, 0x63}, 0x38}], 0x4, 0x40000120, 0x0) 11.083557742s ago: executing program 0 (id=1014): r0 = io_uring_setup(0x3efa, 0x0) syz_emit_ethernet(0x2a1, &(0x7f0000000340)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @tipc_packet={0x5, 0x6, "c16f77", 0x26b, 0x6, 0xff, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[@routing={0x11, 0xe, 0x2, 0xd, 0x0, [@mcast1, @loopback, @mcast2, @ipv4={'\x00', '\xff\xff', @multicast1}, @remote, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast1]}, @fragment={0x3b, 0x0, 0xd2, 0x1, 0x0, 0x13, 0x65}, @srh={0x0, 0xc, 0x4, 0x6, 0x0, 0x10, 0x400, [@mcast2, @loopback, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @multicast2}, @private1, @mcast1]}, @routing={0x67, 0x4, 0x1, 0x6, 0x0, [@ipv4={'\x00', '\xff\xff', @local}, @loopback]}, @hopopts={0x2c, 0x22, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @generic={0x7, 0x2d, "d0240107625e41ea9baa16088233022e5e533daa756bb19367b0b70383d4544aee22c64a703df87d034224ea06"}, @calipso={0x7, 0x38, {0x0, 0xc, 0xb5, 0xad2, [0x8, 0xfffffffffffff000, 0x5, 0x8217, 0x6, 0x2]}}, @calipso={0x7, 0x10, {0x1, 0x2, 0x4, 0x1, [0xffffffff80000001]}}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @calipso={0x7, 0x18, {0x2, 0x4, 0x7, 0x6, [0x74, 0x9]}}, @calipso={0x7, 0x58, {0x4acfd6c123917dfb, 0x14, 0x7, 0x9, [0xf, 0x5, 0x100000000000400, 0x9, 0x2, 0x9, 0xffffffffffffff33, 0x8, 0x7, 0x7]}}, @calipso={0x7, 0x8, {0x3, 0x0, 0x6, 0x7ff}}]}, @srh={0x3c, 0x2, 0x4, 0x1, 0x7, 0x20, 0x800, [@dev={0xfe, 0x80, '\x00', 0x20}]}, @hopopts={0x3b}], @payload_direct={{{{0x23, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x2, 0x8, 0x0, 0x0, 0x3, 0x1, 0x3, 0x6, 0x6, 0x44, 0x4e22, 0x4e24}, 0x4, 0x1}}, [0x0, 0x0, 0x0]}}}}}}, 0x0) io_uring_register$IORING_REGISTER_CLOCK(r0, 0x1d, &(0x7f0000000280)={0x3}, 0x0) r1 = socket$inet_icmp(0x2, 0x2, 0x1) sendmmsg$inet(r1, &(0x7f0000000340)=[{{&(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}, {{&(0x7f0000000480)={0x11, 0x4e21, @multicast2}, 0x8, &(0x7f00000001c0)=[{&(0x7f0000000440)="08000000001f009e", 0x8}, {0x0}], 0x2}}], 0x2, 0x4044800) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_GET_MR(r3, 0x114, 0x2, &(0x7f00000007c0)={{&(0x7f0000000a00)=""/109, 0x6d}, &(0x7f00000002c0)}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='io_uring_poll_arm\x00', r4}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000800)={r4, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffb}, 0x50) r5 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$inet6_int(r5, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4) recvmmsg(r5, &(0x7f0000000800), 0x62, 0x12141, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000180001000000005955ee0e662d576c00080000000400000008"], 0x24}}, 0x0) unshare(0x2040400) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000300)={@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, 0x0, 0x9, [@multicast1, @private=0xa010102, @remote, @remote, @loopback, @remote, @local, @local, @multicast1]}, 0x34) openat$cgroup_ro(r6, &(0x7f0000000780)='blkio.bfq.sectors\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x3d) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) close_range(0xffffffffffffffff, r8, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4) 10.078457868s ago: executing program 0 (id=1018): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) unshare(0x66000080) r1 = socket$netlink(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', 0x0}) socket$packet(0x11, 0x3, 0x300) r3 = gettid() setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000280)=0x8, 0x4) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r3], 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005540)=""/99, 0x63}, 0x38}], 0x3, 0x40000120, 0x0) 8.567606158s ago: executing program 3 (id=1022): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) unshare(0x66000080) r1 = socket$netlink(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', 0x0}) socket$packet(0x11, 0x3, 0x300) r3 = gettid() setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000280)=0x8, 0x4) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r3], 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0}, 0x38}], 0x4, 0x40000120, 0x0) 8.394764023s ago: executing program 4 (id=1024): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.851620502s ago: executing program 1 (id=1026): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc7901f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f9", 0x6e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)='Q', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000001280)="ae2fea8fb3938a040c1af08cd22f90b03f8a4bbd15396c2da555d27ad9406afb51b60f39417d4b8a4ac6ba1565e330840da4b642961d8b9990f8d43ac2eb741a4ed5abbe1d180a02b74fffefe2f6677e3d79124216ed5d038e082556f3afad9f05d65a19850228e5e337f27e8d3784a72ea691132251002e049c55cc96b01d02621d8b7c57dd504b666c05087a601cc705315d0af1a8a44e0988d519c3a439a5b0bb241f2f5282534b6b822db676cc73000b91a8f836d368ce32ae369e5a4fa6cf69ab4808880b6d7d0156cea4b3051ff2b8f6a03cc4eab86ba6c1ff5befadf045654477fb45b8cee5e0b5b51097da7c299c79f77a84c35bea7494c627da27e6a1720a520cd2ace36dd7cfac67ab80803909cb7e7c0aecca8999f433243447965d8926ac8dfab24a0208db1f2bba61f90e70925881994f15dc3798da673ccf699051ab972ec92c7d181bee02e5753bb0ba873800379e15da095a3a21d958a9af0020cdace68972c6a06726c15e67da08f84dbb543f0e1890a66635ed251910fa741998422a8cb23a5616df595bcaf828d145228f2f8b7e21b23ef162de38dd872fd0cd390abbd8512bd5e583b6722ad585dbce47a13ae6f3a91e45f6190c6e7d3824ff8038b745e919f2a152ac285cffa9246cc4ed65904f6113ad17f538fa60d9235f32c59a3b8794859b3b8e38cb3e8c1d273201527a6bcc7086b27d5165944d715ca8294e5f564d0f85f26eeb8851703bd22203f7eab34794677e8eb8445c8d1adc044ef678b781d057c986bc840ccb2e20de21976b0997c69972fdc70e305cb5911f9c52fc75f9c1cfb34bd4c40e7ef868909b6e58d3caa54e0a6a9038eadfa517ec93c2a321f5fae60d506a08e83a4cdee2e552b6171c73e20002c9632bbf0786fcd18b996256617b9bd1559e1d9f2a5b2e5fb62542332b50a244cfe546fe7d0440a8398e3671b12ed35846b71b014213e42667be675a502cd83264112face0f4534aca20c92a9b9dd32e9eb49c23c93721d138e649866fbf3802c92abe1c35a1c4a13eb0f6bc661b287711000092372e50da69e9450f699e5edfc7de7bfab13d578583a6c5d74e9d3d2849c5659fdf1a54defcb72d89fb46234cbe9257bb1c84dbaa0f6567b59d630b3293d7361584ba18c839afe35d43d0b2b833acca710fa61c24da6650ea4c7baa09d74437ccd6ad0ca360aee6ea8d87f78d72bb6681884a75624752c6aa9951b6b5eb1172f3ab2494f6808d2dbbea2d0b419800667260f96cdd989db91ff8930eba64c3729c525f089620a0759aef3ce2d8a1be2e6e4bc189f88b343e5e222d36177f7f9fce377d3cdebd149890acd3072b02f5b73bceeef96d992e5fce80128a400d6d0a7c67343462625ac72f5f89c2ec3e9828b6bc0b62ad84733c6066c81a03faf2fc043fc4d04f20606335adc9fa6154982fd05f70380cb2bb141af4ec55d1099d6356c8f8de926b764fe41c45b74a96c7fe899e5f520c23e6d0202b4ef34ca8be3c7c27e072403a5fc67a63b558442df4b05a74b67fb304c04369f97e5eeb837238e79941a76f9f4632c071fff9fb6f6c92a9287ed65a02b6fbf66f80f6e316c42ba154aa4e6c4cfb995b1218df6ffa479f8ccfaf728a6f370ffe12b3b3c7c6a4cb95923f1a0449a1347fb96a90d6c89420282e72fc5b929699366aa287b79caf3d27d7db5cf8515ffee3ad2c98c6506a5f45e52310ff82df099276b9247234eb30041ab1d44c24b04ad2b1811554a4392d11036305bffbc5b128abfb5a178a5c385312ea6b18d3c7a667b1080de9e840f07909806c09de56d11563802240186f9a71e443979fca19156547cd1ebae3394a434b1c43a8b235a0ea82ef7355fe33eac7c1c0318bf26d6d40df6350bc7767db711dec81b1f1311b2c968c2c6a442d86e888c591e99c49d0ac08575d26caff6cea24f0c72b15651d815eae2843c1d50b71c37d5cd3113040f73d93ccb5766e7f47262f555dd2b3b037bf1d4b7346315d2346e878ac39529552cec56be6739016db3cae64f56a998c81fb6374681a0060f6d53a155c09798027be6130fa720330c5714c3da44b1809983464e183d7c25d0b69791a918daf9bf3bf82fabc729b5d91fd868f6ceaded04366bf3b791817d580700cf9265f715fa0658ed4fcd6b9cb83159ce3f74c1125c895e7208d69880f28f7465e2a1d76e67de86bac2436d0ab6960ddb130ce29e89678d20e2c28edb6b1787f7ea6037a65007344dcb2ee27eaa6d3246eb5fe2fcdd309f9674baf736c1a36ee3ba1115466c8f690ed810373fee559c1d143a4b164c5985e2866c42e5535e3038232a2644a3ac615f9bf0ac05eaad1168980bae2506b4530df7573b2eba728987090bc982e13ec18617867f78bd1d9c69b7d6c7cbb8fd02db1ef59ac77af1de41d033b9d5afd81f45fe4d4aca98975ac9418130570efa7b44547be9ea58470bfb98a9fe4731bb114d3dccb774f2dbadc0489c99cadaea67249c1603e30f0d0188ad80e1f5e89aef696040d383f04f26c678cbdf9a8c942ec4570ab13e0a25e729434564bf4d3f42dad70f7c9cef54b0846e10a27085d370cdde11067d4c51b352ad6e118fc9a178d26b36555feb9157e3e796bb5a310fcce5c660e267afc913e3c417da5977fdc16e34f8ca0ed759aa3f719f7e3", 0x767}], 0x1}}], 0x3, 0xc0) 7.798373656s ago: executing program 4 (id=1027): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18) 7.519501242s ago: executing program 4 (id=1028): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) listen(r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b0009008000", 0x2c}], 0x1) 7.328669403s ago: executing program 2 (id=1029): bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYBLOB, @ANYBLOB], 0x50) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 7.298814504s ago: executing program 1 (id=1030): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) socket$inet6_sctp(0xa, 0x4, 0x84) io_uring_setup(0x3324, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x890b, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10681}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r5 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x781}]}, 0x34}}, 0x0) 7.069861532s ago: executing program 4 (id=1031): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000c40)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x14, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x800) 6.037063569s ago: executing program 1 (id=1032): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0) read$ptp(r2, 0x0, 0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) 5.498022579s ago: executing program 0 (id=1033): open(&(0x7f00000000c0)='./file0\x00', 0x88140, 0x111) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) fdatasync(0xffffffffffffffff) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18) write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) 5.387256949s ago: executing program 4 (id=1034): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2c, 0x18, 0x209, 0x0, 0x0, {0x2}, [@typed={0x4, 0x800}, @typed={0x14, 0xf2, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x2c}}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) socket$key(0xf, 0x3, 0x2) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev2(r5, 0x0, 0x0, 0xe7b, 0x0, 0x2) sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c0100001000130700000000fcdbdf252001000000000000000000000000000020010000000000000000000000000001000000004e210002000000006c000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000000fe32000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000080000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a1c0004000200"], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x2000) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x20) getdents64(r6, 0x0, 0x0) 4.192909626s ago: executing program 2 (id=1035): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0/file0\x00', 0x2008804, &(0x7f00000003c0)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c666c7573682c646f74732c6e6f646f74732c71756965742c00b3d27234e95eb4b44190021bbbe89ab824d38c571641668d362b4dff6e47bdf1638c7462a3bd66a53b404ae08c32af6843a2469c7210381b9d48047c77540b6447a8e50c44cb44f91e4264a37e0209c3a234f4803ba56b7a24536ee396f4838f4143b92ad909efb23eb22dce6477c2bb5b8f793b9e07c2120d566cf1f6ba51e4d01e8ef223a2ba72cfb3127844c045765149fb1219f433feb977426596e07082254e9930296256df143ff96377d8c28c533724fbd9fdad2215ea260e7d875d0f17374141abc60c8e3c07e4a7bc381791172c217f00964aaf6e213a252b9689ae38342862d27437921e13229d407e1a6037e3f16a2cdab8f9c76a66a72ccc67015c9435e200f9fbb9d78ce426b37310b9f127e7b1207c74eff7b853de7043c101de85931463c7fc7c78be9eb9b5008c0067aabb3a5d1f94bcc90537c1c1ce509450160c"], 0x5, 0x175, &(0x7f0000000240)="$eJzs27GKE0EYB/BvTS5Gba62WrCxCmplqcgJ4oKipNBOOG08CJhmtQo+ia2P4sMIkiqgMKIbEo0bxMhmc8nv1+SDP0O+mSQzTGC/ppROR+NXo8fT6GdZdO9EHrMsjuNCdKIyCQBgn8xSii8ppXRxEpc+REqp7Y4AgKY5/wHg8Pz1/L/dUmMAQGPc/wHg8Dx99vzh3aI4eZLn/YjPk3JYDqvXKr//oDi5kf90vBw1LcthZ5HfrPL89/woLs/zW7V5L65fq/If2b1HxUp+JU7/6PaoiSUAAACAvTfIF2rv94PBuryqfvl/YOX+3o2r3a1NAwD4B+O3716/ODt7+ea8FL2I2IE2Nig+7UYbDRe9+Rdri2/6LaW0wfD3H6tO216xRorsvz+C2u2iv72dCWja8kffdicAAAAAAAAAAAAAAMA6zT6N1Gl7egAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDrewAAAP//6LlMIA==") ioctl$TCFLSH(r0, 0x400455c8, 0x0) syz_usb_connect(0x5, 0x16e, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000272504a102104280104900102030109025c0101010700040904f30b000202ffa8052406000105240000800d240f01090000000200ff0f0506241a0004061524120200a317a88b045e4f01a607c0ffcb7e392a032413576da8a12fa1d07657ec423121c90982ace03ea109bd9a2600e8d1b12b3cd9de38fe31b328c35cb037b5e80e1f89abf1597024cd799113256223cd1738798d196e8b86baf40dad27495c81152c1a08628be2f6a9a7d1ddf5c3eb31e0c0b1ef2c0842cd07f3c51ba05279291340ce5311d95a23f0b5f2bd95aa1fde2db976115a0f0000f59202c6437deab58e42ffa5367ba594a348ef975f337cf785046e87410ab8e87d5b5b5c6081f6a2c6b4ed8939a940f7775e317297927d0cd2b18794387337704a0cd5b39ab47c78e33cfbb93a22fa9d0e21ea4c050ade54688a58ee13fcbc408c12a4bac8cff7880af901bf31474d95ea6c01f60a0be2633b01198f13639fc6fcf91524120100"], 0x0) 3.951072393s ago: executing program 3 (id=1036): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8916, &(0x7f0000000240)) writev(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000300010000004500000025000000190011000600ad000200000000000006040000000000000000", 0x39}], 0x1) 3.888575109s ago: executing program 0 (id=1037): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$tipc(0x1e, 0x5, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x80000, 0x0) openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$rxrpc(0x21, 0x2, 0xa) sendto$rxrpc(r3, 0x0, 0x0, 0x20000000, 0x0, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r3, 0x110, 0x3) r4 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r4, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, &(0x7f0000000140)=[{0x0}], 0x1, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0xff00) 3.793968532s ago: executing program 1 (id=1038): r0 = socket(0x2b, 0x80801, 0x1) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) socket$inet6_tcp(0xa, 0x1, 0x0) ppoll(0x0, 0x0, &(0x7f00000005c0)={0x77359400}, &(0x7f0000000600)={[0x3]}, 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4, 0x3fc, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) syz_init_net_socket$ax25(0x3, 0x3, 0xcf) r3 = socket$inet6(0xa, 0x80002, 0x0) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r4, 0x0, 0x0) setsockopt$inet6_mreq(r3, 0x29, 0x1b, 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000140), 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r6, 0x400448ca, 0x0) 3.177919037s ago: executing program 3 (id=1039): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r1, 0xc038943b, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) 2.171157974s ago: executing program 2 (id=1040): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendmmsg$inet(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc7901f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f9", 0x6e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)='Q', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000001280)="ae2fea8fb3938a040c1af08cd22f90b03f8a4bbd15396c2da555d27ad9406afb51b60f39417d4b8a4ac6ba1565e330840da4b642961d8b9990f8d43ac2eb741a4ed5abbe1d180a02b74fffefe2f6677e3d79124216ed5d038e082556f3afad9f05d65a19850228e5e337f27e8d3784a72ea691132251002e049c55cc96b01d02621d8b7c57dd504b666c05087a601cc705315d0af1a8a44e0988d519c3a439a5b0bb241f2f5282534b6b822db676cc73000b91a8f836d368ce32ae369e5a4fa6cf69ab4808880b6d7d0156cea4b3051ff2b8f6a03cc4eab86ba6c1ff5befadf045654477fb45b8cee5e0b5b51097da7c299c79f77a84c35bea7494c627da27e6a1720a520cd2ace36dd7cfac67ab80803909cb7e7c0aecca8999f433243447965d8926ac8dfab24a0208db1f2bba61f90e70925881994f15dc3798da673ccf699051ab972ec92c7d181bee02e5753bb0ba873800379e15da095a3a21d958a9af0020cdace68972c6a06726c15e67da08f84dbb543f0e1890a66635ed251910fa741998422a8cb23a5616df595bcaf828d145228f2f8b7e21b23ef162de38dd872fd0cd390abbd8512bd5e583b6722ad585dbce47a13ae6f3a91e45f6190c6e7d3824ff8038b745e919f2a152ac285cffa9246cc4ed65904f6113ad17f538fa60d9235f32c59a3b8794859b3b8e38cb3e8c1d273201527a6bcc7086b27d5165944d715ca8294e5f564d0f85f26eeb8851703bd22203f7eab34794677e8eb8445c8d1adc044ef678b781d057c986bc840ccb2e20de21976b0997c69972fdc70e305cb5911f9c52fc75f9c1cfb34bd4c40e7ef868909b6e58d3caa54e0a6a9038eadfa517ec93c2a321f5fae60d506a08e83a4cdee2e552b6171c73e20002c9632bbf0786fcd18b996256617b9bd1559e1d9f2a5b2e5fb62542332b50a244cfe546fe7d0440a8398e3671b12ed35846b71b014213e42667be675a502cd83264112face0f4534aca20c92a9b9dd32e9eb49c23c93721d138e649866fbf3802c92abe1c35a1c4a13eb0f6bc661b287711000092372e50da69e9450f699e5edfc7de7bfab13d578583a6c5d74e9d3d2849c5659fdf1a54defcb72d89fb46234cbe9257bb1c84dbaa0f6567b59d630b3293d7361584ba18c839afe35d43d0b2b833acca710fa61c24da6650ea4c7baa09d74437ccd6ad0ca360aee6ea8d87f78d72bb6681884a75624752c6aa9951b6b5eb1172f3ab2494f6808d2dbbea2d0b419800667260f96cdd989db91ff8930eba64c3729c525f089620a0759aef3ce2d8a1be2e6e4bc189f88b343e5e222d36177f7f9fce377d3cdebd149890acd3072b02f5b73bceeef96d992e5fce80128a400d6d0a7c67343462625ac72f5f89c2ec3e9828b6bc0b62ad84733c6066c81a03faf2fc043fc4d04f20606335adc9fa6154982fd05f70380cb2bb141af4ec55d1099d6356c8f8de926b764fe41c45b74a96c7fe899e5f520c23e6d0202b4ef34ca8be3c7c27e072403a5fc67a63b558442df4b05a74b67fb304c04369f97e5eeb837238e79941a76f9f4632c071fff9fb6f6c92a9287ed65a02b6fbf66f80f6e316c42ba154aa4e6c4cfb995b1218df6ffa479f8ccfaf728a6f370ffe12b3b3c7c6a4cb95923f1a0449a1347fb96a90d6c89420282e72fc5b929699366aa287b79caf3d27d7db5cf8515ffee3ad2c98c6506a5f45e52310ff82df099276b9247234eb30041ab1d44c24b04ad2b1811554a4392d11036305bffbc5b128abfb5a178a5c385312ea6b18d3c7a667b1080de9e840f07909806c09de56d11563802240186f9a71e443979fca19156547cd1ebae3394a434b1c43a8b235a0ea82ef7355fe33eac7c1c0318bf26d6d40df6350bc7767db711dec81b1f1311b2c968c2c6a442d86e888c591e99c49d0ac08575d26caff6cea24f0c72b15651d815eae2843c1d50b71c37d5cd3113040f73d93ccb5766e7f47262f555dd2b3b037bf1d4b7346315d2346e878ac39529552cec56be6739016db3cae64f56a998c81fb6374681a0060f6d53a155c09798027be6130fa720330c5714c3da44b1809983464e183d7c25d0b69791a918daf9bf3bf82fabc729b5d91fd868f6ceaded04366bf3b791817d580700cf9265f715fa0658ed4fcd6b9cb83159ce3f74c1125c895e7208d69880f28f7465e2a1d76e67de86bac2436d0ab6960ddb130ce29e89678d20e2c28edb6b1787f7ea6037a65007344dcb2ee27eaa6d3246eb5fe2fcdd309f9674baf736c1a36ee3ba1115466c8f690ed810373fee559c1d143a4b164c5985e2866c42e5535e3038232a2644a3ac615f9bf0ac05eaad1168980bae2506b4530df7573b2eba728987090bc982e13ec18617867f78bd1d9c69b7d6c7cbb8fd02db1ef59ac77af1de41d033b9d5afd81f45fe4d4aca98975ac9418130570efa7b44547be9ea58470bfb98a9fe4731bb114d3dccb774f2dbadc0489c99cadaea67249c1603e30f0d0188ad80e1f5e89aef696040d383f04f26c678cbdf9a8c942ec4570ab13e0a25e729434564bf4d3f42dad70f7c9cef54b0846e10a27085d370cdde11067d4c51b352ad6e118fc9a178d26b36555feb9157e3e796bb5a310fcce5c660e267afc913e3c417da5977fdc16e34f8ca0ed759aa3f719f7e3", 0x767}], 0x1}}], 0x3, 0xc0) 2.031226453s ago: executing program 3 (id=1041): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x30, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}], @NL80211_ATTR_KEYS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008010}, 0x4800) 2.003876531s ago: executing program 1 (id=1042): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) socket$inet6_sctp(0xa, 0x4, 0x84) io_uring_setup(0x3324, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x890b, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10681}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) r5 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x781}]}, 0x34}}, 0x0) 1.870601464s ago: executing program 4 (id=1043): socketpair$unix(0x1, 0x3, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8916, &(0x7f0000000240)) writev(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000300010000004500000025000000190011000600ad000200000000000006040000000000000000", 0x39}], 0x1) 1.287344719s ago: executing program 2 (id=1044): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000c40)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x14, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x800) 1.21206571s ago: executing program 3 (id=1045): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x5) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) connect$inet6(r0, 0x0, 0x0) 263.954232ms ago: executing program 2 (id=1046): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="8091", 0x2) 253.007738ms ago: executing program 3 (id=1047): open(&(0x7f00000000c0)='./file0\x00', 0x88140, 0x111) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) fdatasync(0xffffffffffffffff) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18) write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) 249.351092ms ago: executing program 1 (id=1048): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000004c0)=0x1, 0x4) writev(r0, &(0x7f0000001780)=[{&(0x7f00000006c0)="ba", 0x1}], 0x1) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0xf3a, 0x6) 0s ago: executing program 0 (id=1049): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) r2 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000040), 0x42, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x9) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.223' (ED25519) to the list of known hosts. [ 175.082642][ T5761] cgroup: Unknown subsys name 'net' [ 175.242814][ T5761] cgroup: Unknown subsys name 'cpuset' [ 175.277260][ T5761] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 181.257675][ T5761] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 186.473708][ T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 186.483005][ T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 186.493782][ T5778] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 186.522006][ T5783] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 186.530952][ T5783] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 186.541780][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 186.554186][ T5783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 186.563826][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 186.576026][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 186.584451][ T5783] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 186.595983][ T5783] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 186.606130][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 186.651315][ T5778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 186.674396][ T5784] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 186.685068][ T5784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 186.696652][ T5784] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 186.697433][ T5778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 186.716683][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 186.725239][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 186.735935][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 186.781009][ T5082] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 186.794367][ T5082] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 186.805038][ T5082] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 186.933623][ T5082] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 187.032226][ T5082] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 188.229075][ T5781] chnl_net:caif_netlink_parms(): no params data found [ 188.429030][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 188.681909][ T5784] Bluetooth: hci2: command tx timeout [ 188.687992][ T5784] Bluetooth: hci0: command tx timeout [ 188.720172][ T5777] chnl_net:caif_netlink_parms(): no params data found [ 188.841879][ T5082] Bluetooth: hci3: command tx timeout [ 188.852043][ T5082] Bluetooth: hci1: command tx timeout [ 189.044277][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 189.162496][ T5784] Bluetooth: hci4: command tx timeout [ 189.404389][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 189.528836][ T5781] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.539784][ T5781] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.547797][ T5781] bridge_slave_0: entered allmulticast mode [ 189.557943][ T5781] bridge_slave_0: entered promiscuous mode [ 189.605083][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.618103][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.633195][ T5782] bridge_slave_0: entered allmulticast mode [ 189.642984][ T5782] bridge_slave_0: entered promiscuous mode [ 189.707473][ T5781] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.719239][ T5781] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.727093][ T5781] bridge_slave_1: entered allmulticast mode [ 189.738478][ T5781] bridge_slave_1: entered promiscuous mode [ 189.831329][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.838984][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.846823][ T5782] bridge_slave_1: entered allmulticast mode [ 189.856408][ T5782] bridge_slave_1: entered promiscuous mode [ 189.964516][ T5781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.131561][ T5781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.152045][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.166393][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.174177][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.182156][ T5777] bridge_slave_0: entered allmulticast mode [ 190.191589][ T5777] bridge_slave_0: entered promiscuous mode [ 190.210163][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.220472][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.228343][ T5777] bridge_slave_1: entered allmulticast mode [ 190.237923][ T5777] bridge_slave_1: entered promiscuous mode [ 190.339177][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.614002][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.621799][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.630132][ T5789] bridge_slave_0: entered allmulticast mode [ 190.639844][ T5789] bridge_slave_0: entered promiscuous mode [ 190.754753][ T5781] team0: Port device team_slave_0 added [ 190.770530][ T5784] Bluetooth: hci0: command tx timeout [ 190.777350][ T5784] Bluetooth: hci2: command tx timeout [ 190.789217][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.809160][ T5781] team0: Port device team_slave_1 added [ 190.854536][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.862922][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.870688][ T5789] bridge_slave_1: entered allmulticast mode [ 190.880425][ T5789] bridge_slave_1: entered promiscuous mode [ 190.897231][ T5782] team0: Port device team_slave_0 added [ 190.939594][ T5082] Bluetooth: hci1: command tx timeout [ 190.939648][ T5784] Bluetooth: hci3: command tx timeout [ 190.994995][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.005521][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.013619][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.021482][ T5792] bridge_slave_0: entered allmulticast mode [ 191.033047][ T5792] bridge_slave_0: entered promiscuous mode [ 191.061130][ T5782] team0: Port device team_slave_1 added [ 191.163924][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.171491][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.179443][ T5792] bridge_slave_1: entered allmulticast mode [ 191.189370][ T5792] bridge_slave_1: entered promiscuous mode [ 191.231923][ T5082] Bluetooth: hci4: command tx timeout [ 191.247570][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.259737][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.267007][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 191.293812][ T5781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.317852][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.499528][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.508120][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 191.537593][ T5781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.558781][ T5777] team0: Port device team_slave_0 added [ 191.594101][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.606228][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.613556][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 191.640057][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.696003][ T5777] team0: Port device team_slave_1 added [ 191.713060][ T5789] team0: Port device team_slave_0 added [ 191.734982][ T5789] team0: Port device team_slave_1 added [ 191.753893][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.802007][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.809226][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 191.843638][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.986595][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.994274][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.020731][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.145289][ T5792] team0: Port device team_slave_0 added [ 192.155050][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.162332][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.188910][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.239153][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.246774][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.273754][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.306368][ T5792] team0: Port device team_slave_1 added [ 192.450403][ T5781] hsr_slave_0: entered promiscuous mode [ 192.463007][ T5781] hsr_slave_1: entered promiscuous mode [ 192.475597][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.484526][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.513122][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.562826][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.570472][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.598117][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.624902][ T5782] hsr_slave_0: entered promiscuous mode [ 192.634897][ T5782] hsr_slave_1: entered promiscuous mode [ 192.644195][ T5782] debugfs: 'hsr0' already exists in 'hsr' [ 192.650469][ T5782] Cannot create hsr debugfs directory [ 192.689509][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.697016][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.723725][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.837384][ T5082] Bluetooth: hci2: command tx timeout [ 192.839942][ T5784] Bluetooth: hci0: command tx timeout [ 192.991974][ T5784] Bluetooth: hci1: command tx timeout [ 192.996760][ T5082] Bluetooth: hci3: command tx timeout [ 193.012827][ T5789] hsr_slave_0: entered promiscuous mode [ 193.026647][ T5789] hsr_slave_1: entered promiscuous mode [ 193.036172][ T5789] debugfs: 'hsr0' already exists in 'hsr' [ 193.042439][ T5789] Cannot create hsr debugfs directory [ 193.218634][ T5777] hsr_slave_0: entered promiscuous mode [ 193.228680][ T5777] hsr_slave_1: entered promiscuous mode [ 193.237526][ T5777] debugfs: 'hsr0' already exists in 'hsr' [ 193.244084][ T5777] Cannot create hsr debugfs directory [ 193.319002][ T5792] hsr_slave_0: entered promiscuous mode [ 193.329699][ T5792] hsr_slave_1: entered promiscuous mode [ 193.338837][ T5792] debugfs: 'hsr0' already exists in 'hsr' [ 193.342189][ T5784] Bluetooth: hci4: command tx timeout [ 193.345184][ T5792] Cannot create hsr debugfs directory [ 194.607095][ T5781] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 194.659032][ T5781] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 194.695500][ T5781] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 194.716564][ T5781] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 194.871451][ T5782] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 194.893574][ T5782] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 194.912996][ T5784] Bluetooth: hci0: command tx timeout [ 194.919510][ T5082] Bluetooth: hci2: command tx timeout [ 194.944932][ T5782] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 194.979054][ T5782] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 195.072201][ T5784] Bluetooth: hci1: command tx timeout [ 195.077819][ T5784] Bluetooth: hci3: command tx timeout [ 195.137501][ T5777] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 195.166652][ T5777] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 195.232668][ T5777] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 195.279137][ T5777] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 195.392785][ T5784] Bluetooth: hci4: command tx timeout [ 195.485058][ T5792] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 195.509951][ T5792] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 195.534484][ T5792] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 195.564725][ T5792] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 195.614735][ T5789] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 195.683826][ T5789] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 195.719705][ T5789] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 195.804425][ T5789] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 196.114122][ T5781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.346912][ T5781] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.442374][ T4505] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.449887][ T4505] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.533201][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.555719][ T4505] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.563537][ T4505] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.761360][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.780756][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.801992][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.893838][ T5072] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.901462][ T5072] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.943575][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.034094][ T3741] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.042048][ T3741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.066256][ T3741] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.073959][ T3741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.142924][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.200683][ T3741] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.208127][ T3741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.233831][ T5777] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.293788][ T3741] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.301282][ T3741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.317274][ T3741] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.324881][ T3741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.396234][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.406901][ T5781] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 197.505731][ T3741] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.513318][ T3741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.637048][ T3741] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.644622][ T3741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.697714][ T5792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 198.049290][ T5777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 199.369506][ T5781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.532901][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.978662][ T5781] veth0_vlan: entered promiscuous mode [ 200.000470][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.040398][ T5792] veth0_vlan: entered promiscuous mode [ 200.120660][ T5781] veth1_vlan: entered promiscuous mode [ 200.139621][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.177413][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.251783][ T5792] veth1_vlan: entered promiscuous mode [ 200.510260][ T5781] veth0_macvtap: entered promiscuous mode [ 200.593024][ T5781] veth1_macvtap: entered promiscuous mode [ 200.688755][ T5782] veth0_vlan: entered promiscuous mode [ 200.811952][ T5792] veth0_macvtap: entered promiscuous mode [ 200.837675][ T5782] veth1_vlan: entered promiscuous mode [ 200.874882][ T5777] veth0_vlan: entered promiscuous mode [ 200.892189][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.944753][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.961338][ T5792] veth1_macvtap: entered promiscuous mode [ 201.054488][ T5777] veth1_vlan: entered promiscuous mode [ 201.095968][ T3640] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.178814][ T4505] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.189341][ T4505] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.245993][ T4505] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.261183][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.280538][ T5782] veth0_macvtap: entered promiscuous mode [ 201.382254][ T5782] veth1_macvtap: entered promiscuous mode [ 201.417738][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.459603][ T5777] veth0_macvtap: entered promiscuous mode [ 201.509714][ T4505] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.548838][ T5777] veth1_macvtap: entered promiscuous mode [ 201.593843][ T3519] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.653341][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.698081][ T3741] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.720377][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.766765][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.782269][ T3741] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.884441][ T3741] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.904468][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.923802][ T3741] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.010367][ T3741] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.093449][ T3741] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.125810][ T3741] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.163003][ T5072] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.201201][ T5072] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.266111][ T5072] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.658407][ T5789] veth0_vlan: entered promiscuous mode [ 202.756840][ T5789] veth1_vlan: entered promiscuous mode [ 203.019928][ T5789] veth0_macvtap: entered promiscuous mode [ 203.135626][ T5789] veth1_macvtap: entered promiscuous mode [ 203.339963][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.464393][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.624769][ T3640] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.666119][ T2895] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.692003][ T2895] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.701329][ T2895] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.327786][ T2895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.338401][ T2895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.554021][ T2895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.562377][ T2895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.656447][ T3741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.665057][ T3741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.993391][ T5072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.001409][ T5072] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.052106][ T2895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.064426][ T2895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.145331][ T5792] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 208.322875][ T3678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.330883][ T3678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.864014][ T3741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.879867][ T3741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.055045][ T5969] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET) [ 209.258503][ T5970] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1'. [ 209.267703][ T5970] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1'. [ 209.302015][ T3678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.310344][ T3678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.491952][ T5974] loop3: detected capacity change from 0 to 128 [ 209.595430][ T5974] Bluetooth: MGMT ver 1.23 [ 209.857125][ T5975] batadv0: entered promiscuous mode [ 209.939929][ T5981] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 209.977000][ T3741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.985538][ T3741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.033134][ T3519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.041437][ T3519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.265536][ T5973] batadv0: left promiscuous mode [ 210.768360][ T5989] 9pnet_fd: Insufficient options for proto=fd [ 211.062208][ T24] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 211.294644][ T5998] 9pnet_fd: Insufficient options for proto=fd [ 211.313217][ T24] usb 5-1: config 1 has an invalid interface descriptor of length 6, skipping [ 211.322576][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 211.339334][ T24] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 211.350705][ T24] usb 5-1: config 1 has no interface number 1 [ 211.392734][ T24] usb 5-1: string descriptor 0 read error: -22 [ 211.399688][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 211.409247][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.481206][ T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 211.625691][ T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 211.633251][ T24] usb 5-1: MIDIStreaming interface descriptor not found [ 211.734888][ T6000] capability: warning: `syz.3.12' uses 32-bit capabilities (legacy support in use) [ 212.008725][ T6010] netlink: 132 bytes leftover after parsing attributes in process `syz.2.14'. [ 212.617122][ T5988] loop4: detected capacity change from 0 to 40427 [ 212.646878][ T5988] F2FS-fs (loop4): invalid crc value [ 212.940646][ T5988] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 212.982667][ T5988] F2FS-fs (loop4): Start checkpoint disabled! [ 213.057368][ T5988] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 213.426170][ T1634] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 213.640841][ T5784] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 213.650448][ T5784] Bluetooth: hci4: Injecting HCI hardware error event [ 213.652772][ T1634] usb 2-1: device descriptor read/64, error -71 [ 213.659178][ T5082] Bluetooth: hci4: hardware error 0x00 [ 213.942260][ T1634] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 214.148421][ T1634] usb 2-1: device descriptor read/64, error -71 [ 214.281556][ T1634] usb usb2-port1: attempt power cycle [ 214.536853][ T5832] usb 5-1: USB disconnect, device number 2 [ 214.634880][ T3640] kworker/u8:13: attempt to access beyond end of device [ 214.634880][ T3640] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 214.649605][ T3640] CPU: 1 UID: 0 PID: 3640 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(none) [ 214.649742][ T3640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 214.649873][ T3640] Workqueue: writeback wb_workfn (flush-7:4) [ 214.650129][ T3640] Call Trace: [ 214.650185][ T3640] [ 214.650234][ T3640] __dump_stack+0x26/0x30 [ 214.650403][ T3640] dump_stack_lvl+0x1df/0x270 [ 214.650583][ T3640] dump_stack+0x1e/0x25 [ 214.650742][ T3640] f2fs_handle_critical_error+0xa6f/0xc20 [ 214.650945][ T3640] f2fs_stop_checkpoint+0x65/0x80 [ 214.651098][ T3640] f2fs_write_end_io+0x101c/0x1bc0 [ 214.651298][ T3640] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 214.651455][ T3640] bio_endio+0xeb1/0x1010 [ 214.651616][ T3640] submit_bio_noacct+0x2009/0x2930 [ 214.651828][ T3640] submit_bio+0x57c/0x630 [ 214.652003][ T3640] f2fs_submit_write_bio+0x92/0x250 [ 214.652209][ T3640] __submit_merged_bio+0x16f/0x6a0 [ 214.652409][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.652599][ T3640] __submit_merged_write_cond+0x458/0x9a0 [ 214.652824][ T3640] f2fs_write_data_pages+0x4bb2/0x5480 [ 214.653067][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.653277][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.653450][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.653642][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.653805][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.653984][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.654149][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.654322][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.654488][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.654665][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.654830][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.654999][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.655162][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.655335][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.655507][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.655681][ T3640] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 214.655842][ T3640] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 214.655987][ T3640] do_writepages+0x3ef/0x860 [ 214.656171][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 214.656348][ T3640] ? queue_io+0x751/0x790 [ 214.656483][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.656673][ T3640] __writeback_single_inode+0x101/0x1190 [ 214.656849][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.657031][ T3640] writeback_sb_inodes+0xac1/0x1cb0 [ 214.657273][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.657491][ T3640] wb_writeback+0x4ce/0xc00 [ 214.657657][ T3640] ? queue_io+0x451/0x790 [ 214.657807][ T3640] wb_workfn+0x397/0x1910 [ 214.658002][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 214.658195][ T3640] ? __pfx_wb_workfn+0x10/0x10 [ 214.658373][ T3640] process_scheduled_works+0xb8e/0x1d80 [ 214.658637][ T3640] worker_thread+0xedf/0x1590 [ 214.658817][ T3640] kthread+0xd59/0xf00 [ 214.658972][ T3640] ? __pfx_worker_thread+0x10/0x10 [ 214.659141][ T3640] ? __pfx_kthread+0x10/0x10 [ 214.659297][ T3640] ret_from_fork+0x233/0x380 [ 214.659438][ T3640] ? __pfx_kthread+0x10/0x10 [ 214.659597][ T3640] ret_from_fork_asm+0x1a/0x30 [ 214.659809][ T3640] [ 214.721937][ T1634] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 214.735521][ T3640] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 214.739001][ T6049] fuse: Unknown parameter '0x0000000000000003' [ 215.047698][ T1634] usb 2-1: device descriptor read/8, error -71 [ 215.360535][ T1634] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 215.457772][ T1634] usb 2-1: device descriptor read/8, error -71 [ 215.591351][ T1634] usb usb2-port1: unable to enumerate USB device [ 215.722135][ T5082] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 215.816806][ T6057] fuse: Unknown parameter 'use00000000000000000000' [ 216.539406][ T6068] netlink: 132 bytes leftover after parsing attributes in process `syz.0.27'. [ 216.969590][ T6075] 9pnet_fd: Insufficient options for proto=fd [ 217.443085][ T1634] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 217.672371][ T6084] Zero length message leads to an empty skb [ 217.705693][ T1634] usb 3-1: config 1 has an invalid interface descriptor of length 6, skipping [ 217.715371][ T1634] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 217.725911][ T1634] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 217.735285][ T1634] usb 3-1: config 1 has no interface number 1 [ 217.866348][ T1634] usb 3-1: string descriptor 0 read error: -22 [ 217.873522][ T1634] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 217.884928][ T1634] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.984748][ T1634] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 218.009245][ T1634] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 218.017337][ T1634] usb 3-1: MIDIStreaming interface descriptor not found [ 218.689501][ T6093] loop3: detected capacity change from 0 to 128 [ 218.955468][ T6093] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 219.092774][ T6093] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 219.128338][ T6079] loop2: detected capacity change from 0 to 40427 [ 219.174600][ T6079] F2FS-fs (loop2): invalid crc value [ 219.507544][ T6079] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 219.518170][ T6079] F2FS-fs (loop2): Start checkpoint disabled! [ 219.552360][ T6079] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 219.993696][ T1634] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 220.152776][ T6107] loop4: detected capacity change from 0 to 128 [ 220.189561][ T5792] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 220.237068][ T6107] ======================================================= [ 220.237068][ T6107] WARNING: The mand mount option has been deprecated and [ 220.237068][ T6107] and is ignored by this kernel. Remove the mand [ 220.237068][ T6107] option from the mount to silence this warning. [ 220.237068][ T6107] ======================================================= [ 220.306187][ T1634] usb 1-1: Using ep0 maxpacket: 32 [ 220.356410][ T1634] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.366999][ T1634] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 220.376570][ T1634] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 220.386372][ T1634] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.478766][ T1634] usb 1-1: config 0 descriptor?? [ 221.252993][ T5832] usb 3-1: USB disconnect, device number 2 [ 221.810841][ T6117] loop1: detected capacity change from 0 to 1024 [ 222.228786][ T3741] hfsplus: b-tree write err: -5, ino 4 [ 222.904910][ T5832] usb 1-1: USB disconnect, device number 2 [ 223.425065][ T6139] loop1: detected capacity change from 0 to 128 [ 224.536878][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.544989][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.866600][ T6154] loop1: detected capacity change from 0 to 1024 [ 225.299760][ T2895] hfsplus: b-tree write err: -5, ino 4 [ 225.309480][ T6160] netlink: 132 bytes leftover after parsing attributes in process `syz.4.60'. [ 225.549250][ T6164] loop3: detected capacity change from 0 to 128 [ 225.962750][ T5835] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 226.195355][ T5835] usb 3-1: Using ep0 maxpacket: 32 [ 226.208014][ T5835] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.218844][ T5835] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 226.228329][ T5835] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 226.237777][ T5835] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.274168][ T5835] usb 3-1: config 0 descriptor?? [ 226.715865][ T6177] netlink: 324 bytes leftover after parsing attributes in process `syz.0.67'. [ 227.668264][ T6191] loop4: detected capacity change from 0 to 1024 [ 227.878862][ T3741] hfsplus: b-tree write err: -5, ino 4 [ 228.714485][ T6206] loop4: detected capacity change from 0 to 64 [ 229.042715][ T5832] usb 3-1: USB disconnect, device number 3 [ 229.367071][ T6213] netlink: 324 bytes leftover after parsing attributes in process `syz.2.80'. [ 230.294504][ T6225] fuse: Invalid rootmode [ 230.488942][ T6224] loop0: detected capacity change from 0 to 1024 [ 231.055433][ T3678] hfsplus: b-tree write err: -5, ino 4 [ 231.740520][ T6252] loop1: detected capacity change from 0 to 64 [ 232.055586][ T6248] kvm: pic: non byte write [ 232.181541][ T6258] netlink: 324 bytes leftover after parsing attributes in process `syz.2.93'. [ 233.005957][ T6266] loop2: detected capacity change from 0 to 7 [ 233.075543][ T6266] Dev loop2: unable to read RDB block 7 [ 233.081545][ T6266] loop2: AHDI p1 p2 p3 [ 233.086376][ T6266] loop2: partition table partially beyond EOD, truncated [ 233.095363][ T6266] loop2: p1 start 1818582900 is beyond EOD, truncated [ 233.102667][ T6266] loop2: p3 start 335544320 is beyond EOD, truncated [ 233.212110][ T5835] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 233.285776][ T6269] netlink: 40 bytes leftover after parsing attributes in process `syz.2.98'. [ 233.296721][ T6269] netlink: 40 bytes leftover after parsing attributes in process `syz.2.98'. [ 233.397734][ T5835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.409042][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 233.422176][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64 [ 233.434330][ T5835] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 233.579229][ T5835] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 233.589375][ T5835] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 233.598084][ T5835] usb 4-1: Manufacturer: syz [ 233.638059][ T5835] usb 4-1: config 0 descriptor?? [ 233.749233][ T6273] loop4: detected capacity change from 0 to 1024 [ 234.244896][ T2895] hfsplus: b-tree write err: -5, ino 4 [ 234.282210][ T5835] rc_core: IR keymap rc-hauppauge not found [ 234.288582][ T5835] Registered IR keymap rc-empty [ 234.321904][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.356578][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.389134][ T5835] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 234.405991][ T5835] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input6 [ 234.568629][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.665478][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.727436][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.765258][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.800716][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.824173][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.862573][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.916340][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.957136][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 234.999985][ T5835] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 235.031412][ T5835] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 235.040901][ T5835] mceusb 4-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active) [ 235.059918][ T6292] netlink: 324 bytes leftover after parsing attributes in process `syz.1.105'. [ 235.130364][ T5835] usb 4-1: USB disconnect, device number 2 [ 235.782173][ T6295] loop1: detected capacity change from 0 to 64 [ 236.654171][ T6309] loop2: detected capacity change from 0 to 7 [ 236.693608][ T6309] Dev loop2: unable to read RDB block 7 [ 236.699722][ T6309] loop2: AHDI p1 p2 p3 [ 236.704649][ T6309] loop2: partition table partially beyond EOD, truncated [ 236.720474][ T6309] loop2: p1 start 1818582900 is beyond EOD, truncated [ 236.734602][ T6309] loop2: p3 start 335544320 is beyond EOD, truncated [ 237.145204][ T6314] netlink: 40 bytes leftover after parsing attributes in process `syz.1.112'. [ 237.155179][ T6314] netlink: 40 bytes leftover after parsing attributes in process `syz.1.112'. [ 237.763209][ T6317] loop3: detected capacity change from 0 to 1024 [ 238.221484][ T3813] hfsplus: b-tree write err: -5, ino 4 [ 238.721930][ T5835] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 238.948860][ T5835] usb 5-1: config 6 has an invalid interface number: 2 but max is 0 [ 238.957769][ T5835] usb 5-1: config 6 has no interface number 0 [ 238.966027][ T5835] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 238.976117][ T5835] usb 5-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 238.994602][ T5835] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 239.008112][ T5835] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 239.090420][ T5835] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 239.100418][ T5835] usb 5-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 239.108962][ T5835] usb 5-1: Product: syz [ 239.113525][ T5835] usb 5-1: Manufacturer: syz [ 239.118369][ T5835] usb 5-1: SerialNumber: syz [ 239.192791][ T5835] hso 5-1:6.2: Failed to find BULK IN ep [ 239.682327][ T6355] loop2: detected capacity change from 0 to 7 [ 239.713387][ T6355] Dev loop2: unable to read RDB block 7 [ 239.719565][ T6355] loop2: AHDI p1 p2 p3 [ 239.725162][ T6355] loop2: partition table partially beyond EOD, truncated [ 239.734230][ T6355] loop2: p1 start 1818582900 is beyond EOD, truncated [ 239.741318][ T6355] loop2: p3 start 335544320 is beyond EOD, truncated [ 239.812397][ T5142] Dev loop2: unable to read RDB block 7 [ 239.818226][ T5142] loop2: AHDI p1 p2 p3 [ 239.822912][ T5142] loop2: partition table partially beyond EOD, truncated [ 239.830943][ T5142] loop2: p1 start 1818582900 is beyond EOD, truncated [ 239.838056][ T5142] loop2: p3 start 335544320 is beyond EOD, truncated [ 240.520854][ T6368] fuse: Bad value for 'fd' [ 240.827527][ T6374] loop2: detected capacity change from 0 to 1024 [ 241.340910][ T3640] hfsplus: b-tree write err: -5, ino 4 [ 241.892030][ T6390] netlink: 'syz.2.134': attribute type 1 has an invalid length. [ 242.565896][ T6390] bridge1: port 1(gretap1) entered blocking state [ 242.573176][ T6390] bridge1: port 1(gretap1) entered disabled state [ 242.580292][ T6390] gretap1: entered allmulticast mode [ 242.589444][ T6390] gretap1: entered promiscuous mode [ 242.896856][ T6390] macvlan2: entered promiscuous mode [ 242.902791][ T6390] macvlan2: entered allmulticast mode [ 242.909555][ T6390] bridge1: port 2(macvlan2) entered blocking state [ 242.916916][ T6390] bridge1: port 2(macvlan2) entered disabled state [ 243.328700][ T6397] 9pnet_fd: Insufficient options for proto=fd [ 244.635171][ T6408] kvm: pic: non byte write [ 244.916139][ T6412] loop0: detected capacity change from 0 to 4096 [ 245.104141][ T6412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 245.923827][ T6424] loop3: detected capacity change from 0 to 1024 [ 246.772425][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.149909][ T3678] hfsplus: b-tree write err: -5, ino 4 [ 250.094008][ T6467] syz_tun: entered allmulticast mode [ 250.154551][ T6467] syz_tun: left allmulticast mode [ 251.382398][ T6487] fuse: Unknown parameter 'use00000000000000000000' [ 252.222995][ T6501] loop0: detected capacity change from 0 to 128 [ 252.729970][ T6506] loop2: detected capacity change from 0 to 512 [ 252.743488][ T6506] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 252.757368][ T6506] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 252.862968][ T6506] EXT4-fs (loop2): 1 truncate cleaned up [ 252.871019][ T6506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.146714][ T6510] netlink: 40 bytes leftover after parsing attributes in process `syz.3.171'. [ 253.156130][ T6510] netlink: 40 bytes leftover after parsing attributes in process `syz.3.171'. [ 253.220517][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.435354][ T6528] fuse: Unknown parameter 'use00000000000000000000' [ 255.297901][ T1634] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 255.356936][ T6544] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 255.507878][ T1634] usb 4-1: config 6 has an invalid interface number: 2 but max is 0 [ 255.518849][ T1634] usb 4-1: config 6 has no interface number 0 [ 255.525357][ T1634] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 255.535416][ T1634] usb 4-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 255.547333][ T1634] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 255.558766][ T1634] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 255.564797][ T6544] bridge2: entered allmulticast mode [ 255.707437][ T1634] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 255.718023][ T1634] usb 4-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 255.726620][ T1634] usb 4-1: Product: syz [ 255.730978][ T1634] usb 4-1: Manufacturer: syz [ 255.735865][ T1634] usb 4-1: SerialNumber: syz [ 255.787828][ T1634] hso 4-1:6.2: Failed to find BULK IN ep [ 256.361877][ T5082] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 256.370425][ T5082] Bluetooth: hci0: Injecting HCI hardware error event [ 256.378426][ T5082] Bluetooth: hci0: hardware error 0x00 [ 258.752311][ T5082] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 260.399830][ T6600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 260.409926][ T6600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 262.963199][ T6632] fuse: Unknown parameter 'user_i00000000000000000000' [ 263.751892][ T5835] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 263.980153][ T5835] usb 1-1: config 6 has an invalid interface number: 2 but max is 0 [ 263.988837][ T5835] usb 1-1: config 6 has no interface number 0 [ 263.995883][ T5835] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 264.005986][ T5835] usb 1-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 264.017926][ T5835] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 264.029335][ T5835] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 264.101086][ T5835] usb 1-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 264.110859][ T5835] usb 1-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 264.122474][ T5835] usb 1-1: Product: syz [ 264.127804][ T5835] usb 1-1: Manufacturer: syz [ 264.132743][ T5835] usb 1-1: SerialNumber: syz [ 264.240471][ T5835] hso 1-1:6.2: Failed to find BULK IN ep [ 265.262237][ T6665] loop4: detected capacity change from 0 to 64 [ 265.356522][ T6667] loop3: detected capacity change from 0 to 128 [ 265.847227][ T6672] loop0: detected capacity change from 0 to 512 [ 265.914335][ T6672] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 265.996072][ T6672] EXT4-fs (loop0): 1 truncate cleaned up [ 266.004237][ T6672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.666493][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.719464][ T6697] fuse: Unknown parameter 'group_i00000000000000000000' [ 268.192599][ T6711] loop1: detected capacity change from 0 to 64 [ 269.666423][ T6734] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.250'. [ 270.480949][ T6745] fuse: Unknown parameter 'group_i00000000000000000000' [ 270.601315][ T6747] loop2: detected capacity change from 0 to 512 [ 270.681425][ T6747] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 271.405924][ T6760] loop3: detected capacity change from 0 to 512 [ 271.409013][ T6755] kvm: pic: non byte write [ 271.466696][ T6764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 271.477117][ T6764] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 271.523350][ T6760] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 271.594868][ T6760] EXT4-fs (loop3): 1 truncate cleaned up [ 271.604099][ T6760] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.793785][ T6764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.261'. [ 272.033861][ T6764] hsr_slave_1 (unregistering): left promiscuous mode [ 272.141913][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.405554][ T6781] fuse: Unknown parameter 'use00000000000000000000' [ 272.863657][ T6786] fuse: Unknown parameter 'group_id00000000000000000000' [ 273.191433][ T6791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 273.205021][ T6791] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.024033][ T6804] loop2: detected capacity change from 0 to 512 [ 274.132464][ T6804] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 274.263741][ T6804] EXT4-fs (loop2): 1 truncate cleaned up [ 274.272473][ T6804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.608851][ T6813] fuse: Unknown parameter 'use00000000000000000000' [ 274.890173][ T6810] kvm: pic: non byte write [ 275.184450][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.193907][ T6828] fuse: Unknown parameter 'group_i00000000000000000000' [ 278.244904][ T6851] loop0: detected capacity change from 0 to 512 [ 278.336263][ T6851] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 278.399910][ T6853] fuse: Unknown parameter 'user_i00000000000000000000' [ 278.566997][ T6851] EXT4-fs (loop0): 1 truncate cleaned up [ 278.579077][ T6851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.880773][ T6863] fuse: Unknown parameter 'group_id00000000000000000000' [ 280.003106][ T6861] overlayfs: missing 'lowerdir' [ 280.060938][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.104651][ T6867] fuse: Unknown parameter 'group_id00000000000000000000' [ 281.317281][ T6886] syz_tun: entered allmulticast mode [ 281.393138][ T6885] syz_tun: left allmulticast mode [ 281.419111][ T6889] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 281.697849][ T6892] fuse: Bad value for 'user_id' [ 281.703129][ T6892] fuse: Bad value for 'user_id' [ 281.943446][ T6894] loop0: detected capacity change from 0 to 512 [ 282.020231][ T6894] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 282.457143][ T6894] EXT4-fs (loop0): 1 truncate cleaned up [ 282.466007][ T6894] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.636190][ T6902] tipc: Started in network mode [ 282.642581][ T6902] tipc: Node identity 0e05970ffed1, cluster identity 4711 [ 282.652820][ T6902] tipc: Enabled bearer , priority 0 [ 282.746030][ T6896] syzkaller0: entered promiscuous mode [ 282.755745][ T6896] syzkaller0: entered allmulticast mode [ 283.006927][ T6895] tipc: Resetting bearer [ 283.119320][ T6895] tipc: Disabling bearer [ 283.302791][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.404351][ T6920] fuse: Unknown parameter 'grou00000000000000000000' [ 284.446741][ T6922] fuse: Bad value for 'user_id' [ 284.451960][ T6922] fuse: Bad value for 'user_id' [ 285.971119][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.978226][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.297351][ T6938] loop1: detected capacity change from 0 to 512 [ 286.362041][ T6938] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 286.480696][ T6938] EXT4-fs (loop1): 1 truncate cleaned up [ 286.537945][ T6938] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.959697][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.314386][ T6960] fuse: Bad value for 'user_id' [ 288.319645][ T6960] fuse: Bad value for 'user_id' [ 289.096462][ T6968] fuse: Unknown parameter 'grou00000000000000000000' [ 289.908274][ T6980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 289.982299][ T6980] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 290.195763][ T6966] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.500743][ T6989] loop2: detected capacity change from 0 to 128 [ 291.118053][ T6997] fuse: Bad value for 'fd' [ 292.894653][ T7023] loop2: detected capacity change from 0 to 7 [ 292.958697][ T7023] Dev loop2: unable to read RDB block 7 [ 292.964853][ T7023] loop2: unable to read partition table [ 293.002854][ T7023] loop2: partition table beyond EOD, truncated [ 293.009421][ T7023] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 293.190640][ T7025] fuse: Bad value for 'fd' [ 293.307497][ T7028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 293.318140][ T7028] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 294.491400][ T7049] loop1: detected capacity change from 0 to 512 [ 294.534712][ T7049] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 294.593035][ T7049] EXT4-fs (loop1): 1 truncate cleaned up [ 294.601028][ T7049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.857366][ T7055] fuse: Unknown parameter '0x0000000000000004' [ 295.151282][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.434903][ T7066] fuse: Bad value for 'fd' [ 296.596265][ T7088] loop4: detected capacity change from 0 to 512 [ 296.605455][ T5835] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 296.627252][ T7088] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 296.722829][ T7088] EXT4-fs (loop4): 1 truncate cleaned up [ 296.866490][ T5835] usb 3-1: config 6 has an invalid interface number: 2 but max is 0 [ 296.875022][ T5835] usb 3-1: config 6 has no interface number 0 [ 296.881532][ T5835] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 296.891917][ T5835] usb 3-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 296.904017][ T5835] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 296.915406][ T5835] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 296.933372][ T7088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 297.118706][ T5835] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 297.128148][ T5835] usb 3-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 297.136789][ T5835] usb 3-1: Product: syz [ 297.147932][ T5835] usb 3-1: Manufacturer: syz [ 297.155068][ T5835] usb 3-1: SerialNumber: syz [ 297.321460][ T5835] hso 3-1:6.2: Failed to find BULK IN ep [ 297.444444][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.520269][ T7098] loop3: detected capacity change from 0 to 512 [ 297.572396][ T7098] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 297.696577][ T7098] EXT4-fs (loop3): 1 truncate cleaned up [ 297.704614][ T7098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 297.842368][ T7104] fuse: Bad value for 'fd' [ 298.061090][ T7108] loop1: detected capacity change from 0 to 512 [ 298.127268][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.146440][ T7108] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 298.296724][ T7108] EXT4-fs (loop1): 1 truncate cleaned up [ 298.353485][ T7108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.747816][ T7116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 298.758232][ T7116] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 298.794262][ T7115] loop3: detected capacity change from 0 to 128 [ 298.861538][ T7115] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 298.952401][ T7115] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 299.003475][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.872138][ T5835] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 300.073445][ T5835] usb 2-1: config index 0 descriptor too short (expected 165, got 18) [ 300.082392][ T5835] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 300.093709][ T5835] usb 2-1: config 0 has no interfaces? [ 300.173878][ T5835] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 300.184630][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.193985][ T5835] usb 2-1: Product: syz [ 300.198356][ T5835] usb 2-1: Manufacturer: syz [ 300.204020][ T5835] usb 2-1: SerialNumber: syz [ 300.289719][ T5835] usb 2-1: config 0 descriptor?? [ 300.347271][ T7137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 300.358423][ T7137] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 300.680128][ T7124] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.726847][ T7139] fuse: Unknown parameter '0x0000000000000003' [ 300.986637][ T7143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 300.997101][ T7143] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 301.545641][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.595528][ T7154] loop2: detected capacity change from 0 to 7 [ 301.650469][ T7154] Dev loop2: unable to read RDB block 7 [ 301.656415][ T7154] loop2: unable to read partition table [ 301.694758][ T7154] loop2: partition table beyond EOD, truncated [ 301.701418][ T7154] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 302.597526][ T1634] usb 2-1: USB disconnect, device number 6 [ 304.159222][ T7181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 304.169577][ T7181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.232987][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 304.242513][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 304.342899][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 304.763408][ T5835] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 304.996578][ T5835] usb 2-1: config 6 has an invalid interface number: 2 but max is 0 [ 305.005019][ T5835] usb 2-1: config 6 has no interface number 0 [ 305.011364][ T5835] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 305.021363][ T5835] usb 2-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 305.037095][ T5835] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 305.049817][ T5835] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 305.077139][ T7188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 305.103602][ T7188] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 305.276134][ T7188] loop3: detected capacity change from 0 to 1024 [ 305.307397][ T5835] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 305.317385][ T5835] usb 2-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 305.325782][ T5835] usb 2-1: Product: syz [ 305.330054][ T5835] usb 2-1: Manufacturer: syz [ 305.338985][ T5835] usb 2-1: SerialNumber: syz [ 305.357234][ T7188] EXT4-fs: Ignoring removed orlov option [ 305.469399][ T7188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 305.482325][ T7188] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.495770][ T5835] hso 2-1:6.2: Failed to find BULK IN ep [ 305.849517][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 305.951460][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 306.207282][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 306.223413][ T5835] usb 2-1: USB disconnect, device number 7 [ 306.467546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c0!!! [ 306.723824][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 308.512761][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 308.736840][ T7235] fuse: Unknown parameter '0x0000000000000003' [ 308.832710][ T7235] block device autoloading is deprecated and will be removed. [ 309.306394][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 309.558938][ T7244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.569232][ T7244] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 309.832925][ T7244] loop3: detected capacity change from 0 to 1024 [ 309.891267][ T7244] EXT4-fs: Ignoring removed orlov option [ 310.054261][ T5832] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 310.104064][ T7244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 310.117146][ T7244] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.246136][ T5832] usb 2-1: config 6 has an invalid interface number: 2 but max is 0 [ 310.256408][ T5832] usb 2-1: config 6 has no interface number 0 [ 310.265386][ T5832] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 310.276290][ T5832] usb 2-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 310.288264][ T5832] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 310.299795][ T5832] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 310.508065][ T5832] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 310.517683][ T5832] usb 2-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 310.526401][ T5832] usb 2-1: Product: syz [ 310.530840][ T5832] usb 2-1: Manufacturer: syz [ 310.535780][ T5832] usb 2-1: SerialNumber: syz [ 310.612056][ T5832] hso 2-1:6.2: Failed to find BULK IN ep [ 311.000105][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 311.406107][ T7267] fuse: Unknown parameter '0x0000000000000003' [ 311.675606][ T7271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.694451][ T7271] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.222876][ T7290] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 313.233116][ T7290] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.412144][ T7290] loop0: detected capacity change from 0 to 1024 [ 313.436685][ T7290] EXT4-fs: Ignoring removed orlov option [ 313.495397][ T7290] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 313.509427][ T7290] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 313.713751][ T5784] Bluetooth: hci2: command 0x0406 tx timeout [ 313.713990][ T49] Bluetooth: hci1: command 0x0406 tx timeout [ 313.720522][ T5082] Bluetooth: hci3: command 0x0406 tx timeout [ 313.734115][ T7297] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 314.268025][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 314.724037][ T7303] fuse: Unknown parameter '0x0000000000000003' [ 315.322224][ T7310] @: renamed from vlan0 (while UP) [ 315.490479][ T7314] loop1: detected capacity change from 0 to 512 [ 315.526160][ T7314] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 315.620643][ T7314] EXT4-fs (loop1): 1 truncate cleaned up [ 315.686037][ T7314] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.123626][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.523822][ T7325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 316.533896][ T7325] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 316.822853][ T7325] loop3: detected capacity change from 0 to 1024 [ 316.868017][ T7325] EXT4-fs: Ignoring removed orlov option [ 317.055420][ T7325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 317.068270][ T7325] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.310525][ T7337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 317.328261][ T7337] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 317.582169][ T7340] fuse: Unknown parameter '0x0000000000000004' [ 317.859289][ T7345] netlink: 24 bytes leftover after parsing attributes in process `syz.1.471'. [ 317.923663][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 318.982012][ T7357] loop2: detected capacity change from 0 to 1024 [ 320.408424][ T7381] kvm: pic: non byte write [ 324.557600][ T7401] netlink: 64 bytes leftover after parsing attributes in process `syz.1.490'. [ 324.839137][ T7403] loop0: detected capacity change from 0 to 1024 [ 325.312337][ T7406] loop2: detected capacity change from 0 to 7 [ 325.372499][ T7406] Dev loop2: unable to read RDB block 7 [ 325.378490][ T7406] loop2: unable to read partition table [ 325.478438][ T7406] loop2: partition table beyond EOD, truncated [ 325.485352][ T7406] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 326.309256][ T7414] loop1: detected capacity change from 0 to 512 [ 326.532860][ T7414] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 326.609885][ T7414] EXT4-fs (loop1): 1 truncate cleaned up [ 326.620820][ T7414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.077469][ T7423] kvm: pic: non byte write [ 327.263833][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.247696][ T7436] netlink: 64 bytes leftover after parsing attributes in process `syz.0.503'. [ 329.218518][ T7448] loop1: detected capacity change from 0 to 512 [ 329.299291][ T7448] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 329.380385][ T7448] EXT4-fs (loop1): 1 truncate cleaned up [ 329.389330][ T7448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 329.616049][ T7452] loop2: detected capacity change from 0 to 7 [ 329.661927][ T7452] Dev loop2: unable to read RDB block 7 [ 329.667812][ T7452] loop2: unable to read partition table [ 329.727564][ T7452] loop2: partition table beyond EOD, truncated [ 329.737131][ T7452] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 329.954252][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.482984][ T7458] overlayfs: statfs failed on './file0' [ 331.623208][ T7470] kvm: pic: non byte write [ 331.652172][ T7472] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3722248192 (7444496384 ns) > initial count (24 ns). Using initial count to start timer. [ 332.590699][ T7486] loop2: detected capacity change from 0 to 7 [ 332.626933][ T7486] Dev loop2: unable to read RDB block 7 [ 332.632939][ T7486] loop2: unable to read partition table [ 332.693286][ T7486] loop2: partition table beyond EOD, truncated [ 332.699688][ T7486] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 333.582518][ T7500] loop3: detected capacity change from 0 to 1024 [ 333.664480][ T7500] netlink: 52 bytes leftover after parsing attributes in process `syz.3.525'. [ 336.949038][ T7526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 336.965204][ T7526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 337.550034][ T7535] kvm: pic: non byte write [ 338.537896][ T7558] overlayfs: missing 'lowerdir' [ 341.237213][ T7570] tipc: Started in network mode [ 341.242476][ T7570] tipc: Node identity da6eafa8f438, cluster identity 4711 [ 341.250563][ T7570] tipc: Enabled bearer , priority 0 [ 341.339036][ T7574] syzkaller0: entered promiscuous mode [ 341.346374][ T7574] syzkaller0: entered allmulticast mode [ 341.518529][ T7570] tipc: Resetting bearer [ 341.617313][ T7577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 341.627407][ T7577] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 341.654390][ T7568] tipc: Resetting bearer [ 341.710020][ T7581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 341.720511][ T7581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 341.724895][ T7568] tipc: Disabling bearer [ 341.807081][ T7579] 9pnet_fd: p9_fd_create_unix (7579): problem connecting socket: ./file0: -111 [ 342.176344][ T7585] loop4: detected capacity change from 0 to 136 [ 342.232578][ T7585] iso9660: Bad value for 'check' [ 342.392134][ T7587] loop2: detected capacity change from 0 to 1024 [ 342.885244][ T7591] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 342.940623][ T3844] hfsplus: b-tree write err: -5, ino 4 [ 343.088209][ T7596] loop1: detected capacity change from 0 to 512 [ 343.106603][ T7596] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 343.213946][ T7596] EXT4-fs (loop1): 1 truncate cleaned up [ 343.229604][ T7596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.773602][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.177350][ T7613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.187444][ T7613] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 344.320503][ T7616] syz_tun: entered allmulticast mode [ 344.503065][ T7619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.513802][ T7619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 344.816786][ T7623] loop2: detected capacity change from 0 to 1024 [ 344.916023][ T7623] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 346.068803][ T7643] fuse: Unknown parameter 'user_i00000000000000000000' [ 346.100026][ T7644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.110187][ T7644] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 346.289542][ T7644] loop1: detected capacity change from 0 to 512 [ 346.355105][ T7644] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 346.712762][ T7655] loop4: detected capacity change from 0 to 1024 [ 346.833638][ T7655] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 347.414473][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.422804][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.646530][ T7669] tipc: Started in network mode [ 347.651941][ T7669] tipc: Node identity 42c6d506b0f5, cluster identity 4711 [ 347.660199][ T7669] tipc: Enabled bearer , priority 0 [ 347.719156][ T7672] syzkaller0: entered promiscuous mode [ 347.725246][ T7672] syzkaller0: entered allmulticast mode [ 347.880281][ T7669] tipc: Resetting bearer [ 347.950469][ T7665] tipc: Resetting bearer [ 347.970122][ T7665] tipc: Disabling bearer [ 348.260143][ T7679] fuse: Unknown parameter 'user_i00000000000000000000' [ 348.513484][ T7684] loop3: detected capacity change from 0 to 128 [ 348.543918][ T7682] loop0: detected capacity change from 0 to 1024 [ 348.866532][ T7686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.591'. [ 348.919099][ T3640] hfsplus: b-tree write err: -5, ino 4 [ 349.278862][ T7692] loop0: detected capacity change from 0 to 1024 [ 349.330950][ T7692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.592'. [ 349.465411][ T7696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 349.484778][ T7696] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 349.758822][ T7696] loop3: detected capacity change from 0 to 512 [ 349.827041][ T7696] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 350.053353][ T7700] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 350.686010][ T7710] fuse: Unknown parameter 'user_i00000000000000000000' [ 350.718042][ T5082] Bluetooth: hci2: unexpected event for opcode 0x0000 [ 350.824465][ T7712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.598'. [ 352.059008][ T7729] netlink: 28 bytes leftover after parsing attributes in process `syz.3.606'. [ 352.892101][ T7739] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 353.252128][ T7741] loop1: detected capacity change from 0 to 512 [ 353.352504][ T7741] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 353.499911][ T7741] EXT4-fs (loop1): 1 truncate cleaned up [ 353.507962][ T7741] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.104244][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.306390][ T5082] Bluetooth: hci1: unexpected event for opcode 0x0000 [ 354.752160][ T5082] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 354.760713][ T5082] Bluetooth: hci2: Injecting HCI hardware error event [ 354.769601][ T5082] Bluetooth: hci2: hardware error 0x00 [ 355.587356][ T7771] netlink: 28 bytes leftover after parsing attributes in process `syz.1.621'. [ 355.910474][ T7774] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 356.832244][ T5082] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 359.282372][ T5082] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 359.290919][ T5082] Bluetooth: hci1: Injecting HCI hardware error event [ 359.300778][ T5082] Bluetooth: hci1: hardware error 0x00 [ 359.537759][ T7795] mmap: syz.3.630 (7795) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 361.277512][ T7819] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 361.398815][ T5082] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 362.162727][ T7833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 362.174516][ T7833] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 362.802350][ T30] audit: type=1326 audit(1759544624.330:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 362.825335][ T30] audit: type=1326 audit(1759544624.330:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.046694][ T30] audit: type=1326 audit(1759544624.550:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.069246][ T30] audit: type=1326 audit(1759544624.560:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.450601][ T30] audit: type=1326 audit(1759544624.690:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.474236][ T30] audit: type=1326 audit(1759544624.750:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.501001][ T30] audit: type=1326 audit(1759544624.750:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.524678][ T30] audit: type=1326 audit(1759544624.750:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.629162][ T7851] loop0: detected capacity change from 0 to 512 [ 363.743177][ T7851] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 363.766858][ T30] audit: type=1326 audit(1759544625.100:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.790654][ T30] audit: type=1326 audit(1759544625.100:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f626898eec9 code=0x7ffc0000 [ 363.791785][ T7842] fuse: Bad value for 'fd' [ 363.874075][ T7851] EXT4-fs (loop0): 1 truncate cleaned up [ 363.882279][ T7851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.463008][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.905218][ T7864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.915388][ T7864] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 368.799655][ T7894] binder: 7891:7894 ioctl c0306201 200000000240 returned -11 [ 371.599311][ T7925] kvm: pic: non byte write [ 371.905567][ T7939] netlink: 'syz.3.677': attribute type 12 has an invalid length. [ 371.913815][ T7939] netlink: 'syz.3.677': attribute type 29 has an invalid length. [ 371.922399][ T7939] netlink: 148 bytes leftover after parsing attributes in process `syz.3.677'. [ 371.931693][ T7939] netlink: 59 bytes leftover after parsing attributes in process `syz.3.677'. [ 372.566960][ T7948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 372.577283][ T7948] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 372.803142][ T7952] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3722248192 (7444496384 ns) > initial count (24 ns). Using initial count to start timer. [ 372.852474][ T7955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 372.862638][ T7955] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 374.236632][ T7974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 374.246879][ T7974] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 374.292740][ T7970] kvm: pic: non byte write [ 375.487205][ T7994] fuse: Unknown parameter 'use00000000000000000000' [ 377.490024][ T8029] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 377.500707][ T8029] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 377.828387][ T8037] loop1: detected capacity change from 0 to 512 [ 377.911944][ T8037] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 378.082714][ T8037] EXT4-fs (loop1): 1 truncate cleaned up [ 378.090534][ T8037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.566359][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.854573][ T8052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.718'. [ 378.876124][ T8051] netlink: 8 bytes leftover after parsing attributes in process `syz.4.720'. [ 378.936168][ T8051] syz_tun: entered promiscuous mode [ 378.954104][ T8051] syz_tun: left promiscuous mode [ 379.339598][ T8063] tipc: Enabled bearer , priority 0 [ 379.423389][ T8060] tipc: Resetting bearer [ 379.705490][ T8053] tipc: Disabling bearer [ 380.455642][ T8082] process 'syz.3.729' launched '/dev/fd/3' with NULL argv: empty string added [ 380.712647][ T8086] loop4: detected capacity change from 0 to 512 [ 380.761989][ T8086] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 380.858905][ T8086] EXT4-fs (loop4): 1 truncate cleaned up [ 380.966577][ T8086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 381.416946][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.418711][ T8097] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 381.945319][ T8102] bond1: (slave bridge2): Enslaving as an active interface with an up link [ 382.062463][ T8097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.733'. [ 382.072498][ T8097] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 382.157383][ T8097] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 382.354224][ T8105] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 382.467109][ T8102] macvlan2: entered promiscuous mode [ 382.472977][ T8102] macvlan2: entered allmulticast mode [ 382.481277][ T8102] bond1: entered promiscuous mode [ 382.486999][ T8102] bridge2: entered promiscuous mode [ 382.493469][ T8102] gretap1: entered promiscuous mode [ 382.502544][ T8102] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 382.553678][ T8102] bond1: left promiscuous mode [ 382.558833][ T8102] bridge2: left promiscuous mode [ 382.565594][ T8102] gretap1: left promiscuous mode [ 382.767465][ T30] audit: type=1326 audit(1759544644.140:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.790208][ T30] audit: type=1326 audit(1759544644.150:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.812700][ T30] audit: type=1326 audit(1759544644.150:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.835656][ T30] audit: type=1326 audit(1759544644.150:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.859662][ T30] audit: type=1326 audit(1759544644.150:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.882492][ T30] audit: type=1326 audit(1759544644.150:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.904931][ T30] audit: type=1326 audit(1759544644.150:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.927404][ T30] audit: type=1326 audit(1759544644.150:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.949627][ T30] audit: type=1326 audit(1759544644.150:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 382.972984][ T30] audit: type=1326 audit(1759544644.160:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.0.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 383.125103][ T8115] fuse: Bad value for 'fd' [ 384.060494][ T8125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.070807][ T8125] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.170352][ T8127] binder: BINDER_SET_CONTEXT_MGR already set [ 384.177619][ T8127] binder: 8126:8127 ioctl 4018620d 200000000040 returned -16 [ 384.245300][ T8125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.254762][ T8125] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.344552][ T8125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.354324][ T8125] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 386.393337][ T8157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.404018][ T8157] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 386.691373][ T8160] netlink: 4 bytes leftover after parsing attributes in process `syz.4.755'. [ 388.069199][ T8173] fuse: Unknown parameter '0x0000000000000003' [ 389.158824][ T8192] overlayfs: overlapping lowerdir path [ 390.581272][ T8206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 390.591497][ T8206] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 390.643962][ T8207] netlink: 8 bytes leftover after parsing attributes in process `syz.4.775'. [ 390.740106][ T8206] netlink: 4 bytes leftover after parsing attributes in process `syz.0.773'. [ 390.930494][ T8206] hsr_slave_1 (unregistering): left promiscuous mode [ 391.076153][ T8215] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 392.108260][ T8223] netlink: 24 bytes leftover after parsing attributes in process `syz.4.779'. [ 394.447209][ T8244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.785'. [ 394.456656][ T8244] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.513568][ T8244] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.123480][ T8257] tipc: Started in network mode [ 396.128727][ T8257] tipc: Node identity cef6cf010f8, cluster identity 4711 [ 396.136577][ T8257] tipc: Enabled bearer , priority 0 [ 396.175217][ T8258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 396.184896][ T8258] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 396.222354][ T8259] syzkaller0: entered promiscuous mode [ 396.227942][ T8259] syzkaller0: entered allmulticast mode [ 396.353908][ T8261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.790'. [ 396.420034][ T8253] tipc: Resetting bearer [ 396.537686][ T8252] tipc: Resetting bearer [ 396.614557][ T8252] tipc: Disabling bearer [ 397.533454][ T8269] loop3: detected capacity change from 0 to 128 [ 398.982461][ T8284] loop1: detected capacity change from 0 to 1024 [ 399.023718][ T8284] EXT4-fs: Ignoring removed nomblk_io_submit option [ 399.254528][ T8284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 405.044920][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.403674][ T8306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.413651][ T8306] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 405.553239][ T8307] tipc: Enabled bearer , priority 0 [ 405.569087][ T8310] loop1: detected capacity change from 0 to 128 [ 405.591761][ T8306] netlink: 4 bytes leftover after parsing attributes in process `syz.2.807'. [ 405.757334][ T8317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.768176][ T8317] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 405.771965][ T8306] hsr_slave_1 (unregistering): left promiscuous mode [ 405.872976][ T8307] syzkaller0: entered promiscuous mode [ 405.876656][ T8312] netlink: 28 bytes leftover after parsing attributes in process `syz.3.808'. [ 405.878632][ T8307] syzkaller0: entered allmulticast mode [ 405.887845][ T8312] netlink: 28 bytes leftover after parsing attributes in process `syz.3.808'. [ 406.027095][ T8312] dummy0: entered promiscuous mode [ 406.038351][ T8312] team0: entered promiscuous mode [ 406.043830][ T8312] team_slave_0: entered promiscuous mode [ 406.050652][ T8312] team_slave_1: entered promiscuous mode [ 406.124477][ T8304] tipc: Resetting bearer [ 406.185812][ T8304] tipc: Disabling bearer [ 406.775144][ T8328] fuse: Unknown parameter 'fd0x0000000000000004' [ 408.861902][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 408.868635][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 409.022734][ T8362] syzkaller0: entered promiscuous mode [ 409.028525][ T8362] syzkaller0: entered allmulticast mode [ 409.112163][ T8363] netlink: 28 bytes leftover after parsing attributes in process `syz.4.825'. [ 409.744287][ T8375] fuse: Unknown parameter 'fd0x0000000000000004' [ 409.938652][ T8380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.828'. [ 410.194874][ T8383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 410.205140][ T8383] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 410.563196][ T8392] loop4: detected capacity change from 0 to 1024 [ 410.989594][ T5072] hfsplus: b-tree write err: -5, ino 4 [ 411.502362][ T8402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 411.528735][ T8402] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 412.316319][ T8420] fuse: Unknown parameter '0x0000000000000003' [ 412.982902][ T8426] netlink: 16 bytes leftover after parsing attributes in process `syz.4.845'. [ 413.328431][ T8430] loop4: detected capacity change from 0 to 512 [ 413.529395][ T8430] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.845: casefold flag without casefold feature [ 413.599939][ T8435] loop2: detected capacity change from 0 to 1024 [ 413.622850][ T8430] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.845: couldn't read orphan inode 15 (err -117) [ 413.815098][ T8430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 414.229153][ T3844] hfsplus: b-tree write err: -5, ino 4 [ 414.335482][ T8442] 9pnet_fd: p9_fd_create_unix (8442): problem connecting socket: ./file0: -103 [ 414.702954][ T8455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 414.716556][ T8455] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 414.796980][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.989039][ T8462] fuse: Unknown parameter '0xffffffffffffffff' [ 415.317781][ T8464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 415.330123][ T8464] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 416.398640][ T8481] netlink: 28 bytes leftover after parsing attributes in process `syz.2.863'. [ 416.576350][ T8483] loop3: detected capacity change from 0 to 1024 [ 416.586778][ T8487] tipc: Enabled bearer , priority 0 [ 416.613116][ T8487] syzkaller0: entered promiscuous mode [ 416.619044][ T8487] syzkaller0: entered allmulticast mode [ 416.733674][ T8487] tipc: Resetting bearer [ 416.827835][ T8485] tipc: Resetting bearer [ 416.898943][ T8485] tipc: Disabling bearer [ 417.070446][ T3813] hfsplus: b-tree write err: -5, ino 4 [ 417.266767][ T8486] 9pnet_fd: p9_fd_create_unix (8486): problem connecting socket: ./file0: -103 [ 419.289235][ T8525] loop1: detected capacity change from 0 to 1024 [ 419.364986][ T8527] tipc: Enabled bearer , priority 0 [ 419.377532][ T8527] syzkaller0: entered promiscuous mode [ 419.383442][ T8527] syzkaller0: entered allmulticast mode [ 419.460284][ T8527] tipc: Resetting bearer [ 419.470388][ T8526] tipc: Resetting bearer [ 419.505855][ T8526] tipc: Disabling bearer [ 419.716734][ T3844] hfsplus: b-tree write err: -5, ino 4 [ 420.189371][ T8539] tipc: Enabled bearer , priority 0 [ 420.219733][ T8542] loop0: detected capacity change from 0 to 512 [ 420.231477][ T8539] syzkaller0: entered promiscuous mode [ 420.237593][ T8539] syzkaller0: entered allmulticast mode [ 420.295899][ T8542] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 420.300975][ T8546] tipc: Resetting bearer [ 420.425234][ T8538] tipc: Resetting bearer [ 420.449644][ T8542] EXT4-fs (loop0): 1 truncate cleaned up [ 420.458308][ T8542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 420.498946][ T8538] tipc: Disabling bearer [ 420.796182][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.626796][ T30] kauditd_printk_skb: 41 callbacks suppressed [ 421.626869][ T30] audit: type=1326 audit(1759544683.170:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.657553][ T30] audit: type=1326 audit(1759544683.170:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.795997][ T30] audit: type=1326 audit(1759544683.270:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.819237][ C0] vkms_vblank_simulate: vblank timer overrun [ 421.826214][ T30] audit: type=1326 audit(1759544683.270:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.835855][ T8567] loop1: detected capacity change from 0 to 1024 [ 421.848663][ T30] audit: type=1326 audit(1759544683.280:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.848878][ T30] audit: type=1326 audit(1759544683.280:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.902387][ T30] audit: type=1326 audit(1759544683.280:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.925188][ T30] audit: type=1326 audit(1759544683.290:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.949081][ T30] audit: type=1326 audit(1759544683.290:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 421.971482][ C0] vkms_vblank_simulate: vblank timer overrun [ 421.979484][ T30] audit: type=1326 audit(1759544683.290:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8564 comm="syz.0.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fde98eec9 code=0x7ffc0000 [ 422.443823][ T3640] hfsplus: b-tree write err: -5, ino 4 [ 422.544119][ T8570] tipc: Enabled bearer , priority 0 [ 422.643771][ T8575] syzkaller0: entered promiscuous mode [ 422.649446][ T8575] syzkaller0: entered allmulticast mode [ 422.691116][ T8574] netlink: 16 bytes leftover after parsing attributes in process `syz.0.896'. [ 422.816823][ T8570] tipc: Resetting bearer [ 422.907106][ T8569] tipc: Resetting bearer [ 422.944506][ T8569] tipc: Disabling bearer [ 422.978426][ T8581] loop0: detected capacity change from 0 to 512 [ 423.182940][ T8581] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.896: casefold flag without casefold feature [ 423.245410][ T8581] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.896: couldn't read orphan inode 15 (err -117) [ 423.364941][ T8581] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.480927][ T8586] loop3: detected capacity change from 0 to 512 [ 423.530308][ T8586] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 423.662607][ T8586] EXT4-fs (loop3): 1 truncate cleaned up [ 423.670839][ T8586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.892396][ T8590] tipc: Started in network mode [ 423.897513][ T8590] tipc: Node identity 5ec434eb3831, cluster identity 4711 [ 423.905780][ T8590] tipc: Enabled bearer , priority 0 [ 424.122334][ T8590] syzkaller0: entered promiscuous mode [ 424.128079][ T8590] syzkaller0: entered allmulticast mode [ 424.196153][ T8590] tipc: Resetting bearer [ 424.477896][ T8588] tipc: Resetting bearer [ 424.543581][ T8588] tipc: Disabling bearer [ 424.668798][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.993225][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 425.031834][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.904'. [ 425.530513][ T8613] loop3: detected capacity change from 0 to 1024 [ 425.952050][ T2895] hfsplus: b-tree write err: -5, ino 4 [ 426.364861][ T8615] netlink: 28 bytes leftover after parsing attributes in process `syz.1.908'. [ 426.376232][ T8615] netlink: 28 bytes leftover after parsing attributes in process `syz.1.908'. [ 426.400917][ T8615] bond0: entered promiscuous mode [ 426.406365][ T8615] bond_slave_0: entered promiscuous mode [ 426.413383][ T8615] bond_slave_1: entered promiscuous mode [ 426.444093][ T8624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 426.454379][ T8624] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 426.563577][ T8625] loop4: detected capacity change from 0 to 512 [ 426.638230][ T8625] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 426.775770][ T8615] bond0: left promiscuous mode [ 426.783339][ T8615] bond_slave_0: left promiscuous mode [ 426.791218][ T8615] bond_slave_1: left promiscuous mode [ 426.862219][ T8625] EXT4-fs (loop4): 1 truncate cleaned up [ 426.870635][ T8625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 427.049223][ T8625] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.911'. [ 427.213645][ T8618] loop0: detected capacity change from 0 to 40427 [ 427.273662][ T8618] F2FS-fs (loop0): invalid crc value [ 427.478870][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.584092][ T8618] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 427.597377][ T8618] F2FS-fs (loop0): Start checkpoint disabled! [ 427.640098][ T8618] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 427.762996][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.913'. [ 427.970959][ T3640] kworker/u8:13: attempt to access beyond end of device [ 427.970959][ T3640] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 427.986534][ T3640] CPU: 0 UID: 0 PID: 3640 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(none) [ 427.986676][ T3640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 427.986804][ T3640] Workqueue: writeback wb_workfn (flush-7:0) [ 427.987031][ T3640] Call Trace: [ 427.987088][ T3640] [ 427.987144][ T3640] __dump_stack+0x26/0x30 [ 427.987312][ T3640] dump_stack_lvl+0x1df/0x270 [ 427.987493][ T3640] dump_stack+0x1e/0x25 [ 427.987651][ T3640] f2fs_handle_critical_error+0xa6f/0xc20 [ 427.987840][ T3640] f2fs_stop_checkpoint+0x65/0x80 [ 427.987993][ T3640] f2fs_write_end_io+0x101c/0x1bc0 [ 427.988199][ T3640] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 427.988353][ T3640] bio_endio+0xeb1/0x1010 [ 427.988516][ T3640] submit_bio_noacct+0x2009/0x2930 [ 427.988734][ T3640] submit_bio+0x57c/0x630 [ 427.988902][ T3640] f2fs_submit_write_bio+0x92/0x250 [ 427.989113][ T3640] __submit_merged_bio+0x16f/0x6a0 [ 427.989312][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 427.989501][ T3640] __submit_merged_write_cond+0x458/0x9a0 [ 427.989726][ T3640] f2fs_write_data_pages+0x4bb2/0x5480 [ 427.990024][ T3640] ? f2fs_balance_fs_bg+0x11e7/0x1240 [ 427.990225][ T3640] ? stack_depot_save_flags+0x615/0x7b0 [ 427.990391][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.990558][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.990727][ T3640] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 427.990887][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.991057][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 427.991253][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.991421][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 427.991597][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.991762][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 427.991936][ T3640] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 427.992089][ T3640] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 427.992248][ T3640] do_writepages+0x3ef/0x860 [ 427.992439][ T3640] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 427.992621][ T3640] ? queue_io+0x751/0x790 [ 427.992755][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.992945][ T3640] __writeback_single_inode+0x101/0x1190 [ 427.993114][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.993298][ T3640] writeback_sb_inodes+0xac1/0x1cb0 [ 427.993537][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.993753][ T3640] wb_writeback+0x4ce/0xc00 [ 427.993918][ T3640] ? queue_io+0x451/0x790 [ 427.994086][ T3640] wb_workfn+0x397/0x1910 [ 427.994280][ T3640] ? kmsan_get_metadata+0xfb/0x160 [ 427.994474][ T3640] ? __pfx_wb_workfn+0x10/0x10 [ 427.994658][ T3640] process_scheduled_works+0xb8e/0x1d80 [ 427.994928][ T3640] worker_thread+0xedf/0x1590 [ 427.995114][ T3640] kthread+0xd59/0xf00 [ 427.995263][ T3640] ? __pfx_worker_thread+0x10/0x10 [ 427.995431][ T3640] ? __pfx_kthread+0x10/0x10 [ 427.995583][ T3640] ret_from_fork+0x233/0x380 [ 427.995723][ T3640] ? __pfx_kthread+0x10/0x10 [ 427.995880][ T3640] ret_from_fork_asm+0x1a/0x30 [ 427.996090][ T3640] [ 428.282535][ C0] vkms_vblank_simulate: vblank timer overrun [ 428.291857][ T3640] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 429.594516][ T8650] loop3: detected capacity change from 0 to 256 [ 429.802451][ T8650] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 429.815939][ T8650] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 431.032104][ T8662] syzkaller0: entered promiscuous mode [ 431.037920][ T8662] syzkaller0: entered allmulticast mode [ 431.126262][ T8662] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 431.759442][ T8670] netlink: 4 bytes leftover after parsing attributes in process `syz.2.926'. [ 432.672931][ T8685] tipc: Enabling of bearer rejected, failed to enable media [ 432.856347][ T8691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 432.866451][ T8691] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 433.525031][ C1] hrtimer: interrupt took 274979 ns [ 433.600327][ T8700] bridge3: entered allmulticast mode [ 435.663006][ T8722] netlink: 16 bytes leftover after parsing attributes in process `syz.0.941'. [ 437.665538][ T8724] loop0: detected capacity change from 0 to 512 [ 437.851934][ T8724] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.941: casefold flag without casefold feature [ 437.995476][ T8724] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.941: couldn't read orphan inode 15 (err -117) [ 438.060628][ T8724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 439.128996][ T8734] tipc: Enabling of bearer rejected, failed to enable media [ 439.137571][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.602039][ T8762] bridge3: entered allmulticast mode [ 446.354158][ T8772] overlay: Unknown parameter '/' [ 446.415698][ T8773] loop3: detected capacity change from 0 to 1024 [ 446.892816][ T3678] hfsplus: b-tree write err: -5, ino 4 [ 447.255268][ T8792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 447.267090][ T8792] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 447.357385][ T8793] netlink: 16 bytes leftover after parsing attributes in process `syz.3.957'. [ 447.476325][ T8792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.959'. [ 447.730334][ T8791] loop3: detected capacity change from 0 to 512 [ 447.855604][ T8791] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.957: casefold flag without casefold feature [ 447.899857][ T8791] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.957: couldn't read orphan inode 15 (err -117) [ 447.919578][ T8791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.256677][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.372376][ T8820] netlink: 28 bytes leftover after parsing attributes in process `syz.1.966'. [ 449.740065][ T8822] loop3: detected capacity change from 0 to 1024 [ 449.973846][ T8829] tipc: Enabled bearer , priority 0 [ 450.073352][ T8828] syzkaller0: entered promiscuous mode [ 450.079027][ T8828] syzkaller0: entered allmulticast mode [ 450.160268][ T3741] hfsplus: b-tree write err: -5, ino 4 [ 450.160774][ T8827] tipc: Resetting bearer [ 450.296854][ T8827] tipc: Disabling bearer [ 450.352417][ T8833] loop0: detected capacity change from 0 to 512 [ 450.401951][ T8833] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 450.530410][ T8836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.973'. [ 450.616178][ T8833] EXT4-fs (loop0): 1 truncate cleaned up [ 450.624273][ T8833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 451.250219][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 451.344179][ T8846] netlink: 24 bytes leftover after parsing attributes in process `syz.4.977'. [ 452.813022][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.980'. [ 453.221160][ T8862] loop4: detected capacity change from 0 to 1024 [ 453.736226][ T8866] tipc: Enabled bearer , priority 0 [ 453.833939][ T8869] syzkaller0: entered promiscuous mode [ 453.839707][ T8869] syzkaller0: entered allmulticast mode [ 453.995058][ T3844] hfsplus: b-tree write err: -5, ino 4 [ 454.117229][ T8865] tipc: Resetting bearer [ 454.344604][ T8865] tipc: Disabling bearer [ 461.175650][ T8912] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 461.188020][ T8912] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 461.426204][ T8912] loop3: detected capacity change from 0 to 512 [ 461.459370][ T8912] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 465.881408][ T8955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 465.891940][ T8955] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 466.493523][ T8971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1013'. [ 466.501435][ T8973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 466.514256][ T8973] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 467.514170][ T8990] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 467.524558][ T8990] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 468.956696][ T9010] bridge4: entered allmulticast mode [ 470.306556][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.313319][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 471.732039][ T9027] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1034'. [ 472.026270][ T9029] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 472.036789][ T9029] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 472.082206][ T9024] loop4: detected capacity change from 0 to 512 [ 472.096664][ T9030] netlink: 'syz.3.1036': attribute type 17 has an invalid length. [ 472.340303][ T9024] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1034: casefold flag without casefold feature [ 472.439334][ T9024] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1034: couldn't read orphan inode 15 (err -117) [ 472.633880][ T9024] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 473.855163][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.199220][ T9056] bridge5: entered allmulticast mode [ 475.519146][ T9064] netlink: 'syz.4.1043': attribute type 4 has an invalid length. [ 475.749597][ T9064] netlink: 'syz.4.1043': attribute type 17 has an invalid length. [ 477.320430][ T9068] ===================================================== [ 477.327512][ T9068] BUG: KMSAN: uninit-value in aes_encrypt+0x1239/0x1960 [ 477.334527][ T9068] aes_encrypt+0x1239/0x1960 [ 477.339187][ T9068] aesti_encrypt+0x7d/0xf0 [ 477.343677][ T9068] cipher_crypt_one+0x120/0x2e0 [ 477.348624][ T9068] crypto_cipher_encrypt_one+0x33/0x40 [ 477.354182][ T9068] drbg_ctr_update+0x19a9/0x3700 [ 477.359203][ T9068] drbg_seed+0xb1e/0xe20 [ 477.363522][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.368562][ T9068] crypto_rng_reset+0x190/0x250 [ 477.373565][ T9068] rng_setkey+0x52/0x70 [ 477.377825][ T9068] alg_setkey+0x262/0x3b0 [ 477.382213][ T9068] alg_setsockopt+0x503/0x760 [ 477.386957][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.391900][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.397102][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.401868][ T9068] do_syscall_64+0xd9/0x210 [ 477.406437][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.412410][ T9068] [ 477.414785][ T9068] [ 477.414785][ T9068] [ 477.423564][ T9068] Uninit was stored to memory at: [ 477.428725][ T9068] crypto_sha3_finup+0x136/0xe00 [ 477.433741][ T9068] crypto_shash_finup+0x327/0xe80 [ 477.438858][ T9068] jent_hash_time+0x247/0x590 [ 477.443625][ T9068] jent_condition_data+0x4f0/0x510 [ 477.448823][ T9068] jent_measure_jitter+0x547/0x770 [ 477.454025][ T9068] jent_gen_entropy+0x209/0x450 [ 477.458963][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.463996][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.468954][ T9068] drbg_seed+0x3f2/0xe20 [ 477.473352][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.478445][ T9068] crypto_rng_reset+0x190/0x250 [ 477.483372][ T9068] rng_setkey+0x52/0x70 [ 477.487620][ T9068] alg_setkey+0x262/0x3b0 [ 477.492006][ T9068] alg_setsockopt+0x503/0x760 [ 477.496745][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.501686][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.506891][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.511667][ T9068] do_syscall_64+0xd9/0x210 [ 477.516287][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.522251][ T9068] [ 477.524622][ T9068] Uninit was stored to memory at: [ 477.529774][ T9068] crypto_shash_finup+0xc5a/0xe80 [ 477.534884][ T9068] jent_hash_time+0x1de/0x590 [ 477.539651][ T9068] jent_condition_data+0x4f0/0x510 [ 477.544855][ T9068] jent_measure_jitter+0x547/0x770 [ 477.550054][ T9068] jent_gen_entropy+0x209/0x450 [ 477.554985][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.560007][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.564947][ T9068] drbg_seed+0x3f2/0xe20 [ 477.569274][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.574382][ T9068] crypto_rng_reset+0x190/0x250 [ 477.579370][ T9068] rng_setkey+0x52/0x70 [ 477.583626][ T9068] alg_setkey+0x262/0x3b0 [ 477.588013][ T9068] alg_setsockopt+0x503/0x760 [ 477.592744][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.597681][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.602887][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.607659][ T9068] do_syscall_64+0xd9/0x210 [ 477.612220][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.618185][ T9068] [ 477.620526][ T9068] Uninit was stored to memory at: [ 477.625659][ T9068] crypto_sha3_finup+0xc98/0xe00 [ 477.630673][ T9068] crypto_shash_finup+0x327/0xe80 [ 477.635792][ T9068] jent_hash_time+0x247/0x590 [ 477.640557][ T9068] jent_condition_data+0x4f0/0x510 [ 477.645759][ T9068] jent_measure_jitter+0x547/0x770 [ 477.650953][ T9068] jent_gen_entropy+0x209/0x450 [ 477.655881][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.660902][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.665841][ T9068] drbg_seed+0x3f2/0xe20 [ 477.670152][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.675182][ T9068] crypto_rng_reset+0x190/0x250 [ 477.680170][ T9068] rng_setkey+0x52/0x70 [ 477.684409][ T9068] alg_setkey+0x262/0x3b0 [ 477.688796][ T9068] alg_setsockopt+0x503/0x760 [ 477.693538][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.698479][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.703678][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.708439][ T9068] do_syscall_64+0xd9/0x210 [ 477.712999][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.718960][ T9068] [ 477.721297][ T9068] Uninit was stored to memory at: [ 477.726405][ T9068] keccakf+0x1efb/0x2110 [ 477.730718][ T9068] crypto_sha3_finup+0x772/0xe00 [ 477.735733][ T9068] crypto_shash_finup+0x327/0xe80 [ 477.740845][ T9068] jent_hash_time+0x247/0x590 [ 477.745609][ T9068] jent_condition_data+0x4f0/0x510 [ 477.750804][ T9068] jent_measure_jitter+0x547/0x770 [ 477.755998][ T9068] jent_gen_entropy+0x209/0x450 [ 477.760927][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.765942][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.770880][ T9068] drbg_seed+0x3f2/0xe20 [ 477.775200][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.780296][ T9068] crypto_rng_reset+0x190/0x250 [ 477.785286][ T9068] rng_setkey+0x52/0x70 [ 477.789503][ T9068] alg_setkey+0x262/0x3b0 [ 477.793890][ T9068] alg_setsockopt+0x503/0x760 [ 477.798622][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.803559][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.808771][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.813545][ T9068] do_syscall_64+0xd9/0x210 [ 477.818111][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.824068][ T9068] [ 477.826411][ T9068] Uninit was stored to memory at: [ 477.831570][ T9068] crypto_sha3_finup+0x5be/0xe00 [ 477.836590][ T9068] crypto_shash_finup+0x327/0xe80 [ 477.841704][ T9068] jent_hash_time+0x247/0x590 [ 477.846471][ T9068] jent_condition_data+0x4f0/0x510 [ 477.851673][ T9068] jent_measure_jitter+0x547/0x770 [ 477.856871][ T9068] jent_gen_entropy+0x209/0x450 [ 477.861801][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.866819][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.871757][ T9068] drbg_seed+0x3f2/0xe20 [ 477.876071][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.881136][ T9068] crypto_rng_reset+0x190/0x250 [ 477.886125][ T9068] rng_setkey+0x52/0x70 [ 477.890346][ T9068] alg_setkey+0x262/0x3b0 [ 477.894731][ T9068] alg_setsockopt+0x503/0x760 [ 477.899477][ T9068] __sys_setsockopt+0x43b/0x580 [ 477.904420][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 477.909620][ T9068] x64_sys_call+0x27c9/0x3e30 [ 477.914380][ T9068] do_syscall_64+0xd9/0x210 [ 477.918944][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.924904][ T9068] [ 477.927242][ T9068] Uninit was stored to memory at: [ 477.932383][ T9068] crypto_sha3_finup+0x136/0xe00 [ 477.937400][ T9068] crypto_shash_finup+0x327/0xe80 [ 477.942512][ T9068] jent_hash_time+0x247/0x590 [ 477.947283][ T9068] jent_condition_data+0x4f0/0x510 [ 477.952482][ T9068] jent_measure_jitter+0x547/0x770 [ 477.957683][ T9068] jent_gen_entropy+0x209/0x450 [ 477.962615][ T9068] jent_read_entropy+0x353/0xeb0 [ 477.967639][ T9068] jent_kcapi_random+0x6c/0x250 [ 477.972578][ T9068] drbg_seed+0x3f2/0xe20 [ 477.976889][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 477.981915][ T9068] crypto_rng_reset+0x190/0x250 [ 477.986908][ T9068] rng_setkey+0x52/0x70 [ 477.991130][ T9068] alg_setkey+0x262/0x3b0 [ 477.995513][ T9068] alg_setsockopt+0x503/0x760 [ 478.000268][ T9068] __sys_setsockopt+0x43b/0x580 [ 478.005205][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 478.010404][ T9068] x64_sys_call+0x27c9/0x3e30 [ 478.015168][ T9068] do_syscall_64+0xd9/0x210 [ 478.019733][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.025697][ T9068] [ 478.028036][ T9068] Uninit was stored to memory at: [ 478.033182][ T9068] crypto_shash_finup+0xc5a/0xe80 [ 478.038290][ T9068] jent_hash_time+0x1de/0x590 [ 478.043053][ T9068] jent_condition_data+0x4f0/0x510 [ 478.048250][ T9068] jent_measure_jitter+0x547/0x770 [ 478.053451][ T9068] jent_gen_entropy+0x209/0x450 [ 478.058390][ T9068] jent_read_entropy+0x353/0xeb0 [ 478.063405][ T9068] jent_kcapi_random+0x6c/0x250 [ 478.068348][ T9068] drbg_seed+0x3f2/0xe20 [ 478.072660][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 478.077673][ T9068] crypto_rng_reset+0x190/0x250 [ 478.082604][ T9068] rng_setkey+0x52/0x70 [ 478.086892][ T9068] alg_setkey+0x262/0x3b0 [ 478.091332][ T9068] alg_setsockopt+0x503/0x760 [ 478.096069][ T9068] __sys_setsockopt+0x43b/0x580 [ 478.101028][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 478.106242][ T9068] x64_sys_call+0x27c9/0x3e30 [ 478.111014][ T9068] do_syscall_64+0xd9/0x210 [ 478.115586][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.121569][ T9068] [ 478.123917][ T9068] Local variable intermediary created at: [ 478.129658][ T9068] jent_hash_time+0x9b/0x590 [ 478.134345][ T9068] jent_condition_data+0x4f0/0x510 [ 478.139545][ T9068] [ 478.141903][ T9068] CPU: 0 UID: 0 PID: 9068 Comm: syz.2.1046 Not tainted syzkaller #0 PREEMPT(none) [ 478.151251][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 478.161349][ T9068] ===================================================== [ 478.168308][ T9068] Disabling lock debugging due to kernel taint [ 478.174498][ T9068] Kernel panic - not syncing: kmsan.panic set ... [ 478.180968][ T9068] CPU: 0 UID: 0 PID: 9068 Comm: syz.2.1046 Tainted: G B syzkaller #0 PREEMPT(none) [ 478.191903][ T9068] Tainted: [B]=BAD_PAGE [ 478.196082][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 478.206185][ T9068] Call Trace: [ 478.209493][ T9068] [ 478.212459][ T9068] __dump_stack+0x26/0x30 [ 478.216880][ T9068] dump_stack_lvl+0x53/0x270 [ 478.221562][ T9068] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 478.227464][ T9068] dump_stack+0x1e/0x25 [ 478.231701][ T9068] vpanic+0x435/0xd30 [ 478.235783][ T9068] panic+0x15d/0x160 [ 478.239789][ T9068] kmsan_report+0x31c/0x320 [ 478.244377][ T9068] ? __msan_warning+0x1b/0x30 [ 478.249120][ T9068] ? aes_encrypt+0x1239/0x1960 [ 478.253949][ T9068] ? aesti_encrypt+0x7d/0xf0 [ 478.258616][ T9068] ? cipher_crypt_one+0x120/0x2e0 [ 478.263739][ T9068] ? crypto_cipher_encrypt_one+0x33/0x40 [ 478.269478][ T9068] ? drbg_ctr_update+0x19a9/0x3700 [ 478.274676][ T9068] ? drbg_seed+0xb1e/0xe20 [ 478.279166][ T9068] ? drbg_kcapi_seed+0x19b2/0x1e40 [ 478.284358][ T9068] ? crypto_rng_reset+0x190/0x250 [ 478.289471][ T9068] ? rng_setkey+0x52/0x70 [ 478.293941][ T9068] ? alg_setkey+0x262/0x3b0 [ 478.298512][ T9068] ? alg_setsockopt+0x503/0x760 [ 478.303425][ T9068] ? __sys_setsockopt+0x43b/0x580 [ 478.308548][ T9068] ? __x64_sys_setsockopt+0xf4/0x1a0 [ 478.313925][ T9068] ? x64_sys_call+0x27c9/0x3e30 [ 478.318958][ T9068] ? do_syscall_64+0xd9/0x210 [ 478.323701][ T9068] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.329853][ T9068] ? crypto_sha3_finup+0xd11/0xe00 [ 478.335077][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.340275][ T9068] ? kmsan_internal_memmove_metadata+0x181/0x230 [ 478.346683][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.351882][ T9068] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 478.358290][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.363488][ T9068] __msan_warning+0x1b/0x30 [ 478.368068][ T9068] aes_encrypt+0x1239/0x1960 [ 478.372730][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.377950][ T9068] aesti_encrypt+0x7d/0xf0 [ 478.382452][ T9068] cipher_crypt_one+0x120/0x2e0 [ 478.387418][ T9068] ? __pfx_aesti_encrypt+0x10/0x10 [ 478.392628][ T9068] ? crypto_cipher_setkey+0x380/0x430 [ 478.398204][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.403409][ T9068] crypto_cipher_encrypt_one+0x33/0x40 [ 478.408987][ T9068] drbg_ctr_update+0x19a9/0x3700 [ 478.414080][ T9068] ? __pfx_drbg_ctr_update+0x10/0x10 [ 478.419457][ T9068] drbg_seed+0xb1e/0xe20 [ 478.423800][ T9068] ? __pfx_jent_kcapi_random+0x10/0x10 [ 478.429373][ T9068] ? kmsan_get_metadata+0xfb/0x160 [ 478.434570][ T9068] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 478.440468][ T9068] drbg_kcapi_seed+0x19b2/0x1e40 [ 478.445524][ T9068] ? __pfx_drbg_kcapi_seed+0x10/0x10 [ 478.450895][ T9068] crypto_rng_reset+0x190/0x250 [ 478.455841][ T9068] rng_setkey+0x52/0x70 [ 478.460080][ T9068] ? __pfx_rng_setkey+0x10/0x10 [ 478.465015][ T9068] alg_setkey+0x262/0x3b0 [ 478.469422][ T9068] alg_setsockopt+0x503/0x760 [ 478.474188][ T9068] ? __pfx_alg_setsockopt+0x10/0x10 [ 478.479460][ T9068] __sys_setsockopt+0x43b/0x580 [ 478.484463][ T9068] __x64_sys_setsockopt+0xf4/0x1a0 [ 478.489695][ T9068] x64_sys_call+0x27c9/0x3e30 [ 478.494492][ T9068] do_syscall_64+0xd9/0x210 [ 478.499126][ T9068] ? irqentry_exit+0x16/0x60 [ 478.503816][ T9068] ? clear_bhb_loop+0x40/0x90 [ 478.508573][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.514553][ T9068] RIP: 0033:0x7ff77a78eec9 [ 478.519022][ T9068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.538708][ T9068] RSP: 002b:00007ff77b683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 478.547198][ T9068] RAX: ffffffffffffffda RBX: 00007ff77a9e5fa0 RCX: 00007ff77a78eec9 [ 478.555229][ T9068] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 478.563246][ T9068] RBP: 00007ff77a811f91 R08: 0000000000000002 R09: 0000000000000000 [ 478.571266][ T9068] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000000 [ 478.579284][ T9068] R13: 00007ff77a9e6038 R14: 00007ff77a9e5fa0 R15: 00007ffd0be95b38 [ 478.587332][ T9068] [ 478.590677][ T9068] Kernel Offset: disabled [ 478.595042][ T9068] Rebooting in 86400 seconds..