last executing test programs:
4.438980405s ago: executing program 0 (id=108):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000940)={0x14, 0x0, 0xb, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4)
4.240961677s ago: executing program 0 (id=111):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x7, 0xd09)
4.015296521s ago: executing program 0 (id=115):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f00000003c0)={[{@errors_remount}, {@sysvgroups}, {@resuid}, {@jqfmt_vfsold}, {@data_ordered}, {@resuid={'resuid', 0x3d, 0xee00}}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5ee, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkysHoyYMXT4aEqOFo4prZzpRuO9sfS7sLnc8nWfrmvRnem06/OzNv35sNoLQG038qEXsjYjqJ6E/mF8s6IyscXFjv3j+fnE5fSVSrb/yVRJLl5esn2c++bOOeiPjlpyT2dKysd2buyvnxqanJy9ny8OyF6eGZuSsHz10YPzt5dvLi6Eujx44eOXps5FBT+3W1IO/k9fc/7P9s7O3vvvk3Gfn+97Ekjser2YpL92OzDMZg7XeSrCzqO7bZlbVJR/Z3svQQJ51Fa3a1rlGsW3780qPzVPRHR9w/eP3x6WttbRywpapJRHW5HXkhsL0lwhxKKr8OyO/tl98HV1p+RQK0yt0TCx0AK+O/c6FvMHpqfQM77yWxtFsniYjmeubq7YqI27fGrp+5NXY9tqgfDig2fy0ini6K/6QW/wPREwO1+K/UxX96XXAq+5nmv95k/cu7isU/tM5C/PesGv/RIP7fWRL/7zZZ/+D95Hu9dfHf2+wuAQAAAAAAQGndPBERLxZ9/l9ZHP8TBeN/+iLi+CbUP7hseeXn/5U7m1ANUODuiYhXCsf/VvLRvwMdWeqx2niAruTMuanJQxHxeEQciK4d6fLIKnUc/HzP143KBrPxf/krrf92NhYwa8edzh3120yMz44/6H4DEXevRTxTOP43WTz/J7XhvvNLpwvU3g+m11nHnudvnGpUtnb8A1ul+m3E/sLz//2nViSrP59juHY9MJxfFaz07Mdf/NCo/mbjv/ARE8CGpOf/navH/0Cy9Hk9Mxuv4/BcZ7VBUXez1//dyZu1R850Z3kfjc/OXh6J6E5OdqS5dfmjG28zbEd5POTxksb/gedW7/9LCvr/eiNiftn/nfxdP6c49+R/fX80ao/rf2ifNP4nNnT+33hi9MbAj43qX9/5/0jtXH8gy9H/Bwu+ysO0uz6/IBw7i4pa3V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A4qEbErksrQYrpSGRqK6IuIJ2JnZerSzOwLZy59cHEiLat9/38l/6bf/oXlJP/+/4Ely6PLlg9HxO6I+LKjt7Y8dPrS1ES7dx4AAAAAAAAAAAAAAAAAAAAeEn0N5v+n/uxod+uALdfZ7gYAbVMQ/7+2ox1A6zn/Q3mJfygv8Q/lJf6hvMQ/lJf4h/IS/1Be4h8AAAAAALaV3ftu/pZExPzLvbVXqjsr62pry4CtVml3A4C28YgfKC9Df6C83OMDyRrlPQ03WmvL1UyffoCNAQAAAAAAAAAAAKB09u81/x/Kyvx/KC/z/6G88vn/+9rcDqD13OMDscZM/sL5/2tuBQAAAAAAAAAAAABsppm5K+fHp6YmLz8KiZ+3tIq32r+DrU5Uq9Wr6V/Bw9KeRzyRD4V/WNqzLJHP9VvfVu17TwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr9HwAA//87QSCw")
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100020000000000040000000000000008000700", @ANYRES32=0x0, @ANYBLOB="100005000000000020"], 0x2c, 0x0)
3.664202456s ago: executing program 2 (id=119):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1ab92b}, {0x85, 0x0, 0x0, 0x88}, {0x4}}, {{0x5, 0x0, 0x4, 0x9, 0x0, 0x1, 0x2000}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x9}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
3.343096151s ago: executing program 0 (id=123):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={[{}]}, 0x1, 0x232, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiAwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1t9BgaGDSDnulXOjbnrFi/ItUz9fN2bFwwHoz5PZGBkZGBgYmCYGbZzD7K/yhugkcHAzMDAoMIAUsTCkJaZk2rgwcDIwMzAws6ADGCqmRg4wKr0kvNzUtoZGMFJAKxtOQML3AzDxwys/CDlII7RYwZWuIyxRQPMyHYorQKlPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDReJ//iJDNgYGhorEkpIiQ4hYSUmREVzMSABuMxPU1rlMqJ47zsQwCkbBKBgFo2AUjIJRMApGwSgYBSMZAAIAAP//kpC1eQ==")
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905"], 0x0)
3.250282032s ago: executing program 2 (id=126):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x3, 0x101142)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, 0x0)
2.972588616s ago: executing program 2 (id=127):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000380)={'team_slave_0\x00', &(0x7f0000000200)=@ethtool_sset_info={0x14, 0x0, 0x101}})
2.757653529s ago: executing program 2 (id=129):
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x1000, 0x0, 0x200, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b7000000000000004e00000000000000870a000000000000184a0000fdff0acfa0f561c5121e00009500000000000000bc337c6aebe4a39c6b39b2f91db3427f902e3399a0967a9f603a2ed13265f8e840223d4eded19b645a26925d1dd18c6a1ef93b9c341fa77e02deee894dec13d1b20e798eda7af089a48f6241be5f1274b78ef0fb0084c5899c9e698189bc2ccb7fa9047359d270b6b9cb37010b99"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xb579, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x8}, 0x23)
2.591152162s ago: executing program 2 (id=130):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
2.325930315s ago: executing program 1 (id=133):
setuid(0xee01)
fanotify_init(0x1200, 0x0)
2.234604007s ago: executing program 3 (id=134):
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="bb", 0x1}], 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="20000000000000008400000002000000fe8041000000000092000000000000001000"], 0x30}, 0x0)
2.230119357s ago: executing program 1 (id=135):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x7)
2.073850459s ago: executing program 1 (id=136):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000001e0001002cbd7000fddbdf250a000000", @ANYRES32=0x0, @ANYBLOB="000000ff"], 0x38}}, 0x0)
2.05379663s ago: executing program 3 (id=137):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x8, 0x3, 0x500, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x430, 0xffffffff, 0xffffffff, 0x430, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x208, 0x270, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@iprange={{0x68}, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4=@remote, @ipv6=@empty, @ipv6=@loopback}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x3, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x59d)
1.824190923s ago: executing program 1 (id=138):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000240)={0x1, 0x101})
1.661442355s ago: executing program 3 (id=139):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)=@overlay={0x7, 0x7, 0x4, 0x40, 0x7, {}, {0x3, 0x8, 0x8, 0xb, 0x5, 0x7, "fc8b4106"}, 0x23b, 0x3, {}, 0x1})
1.34161158s ago: executing program 3 (id=140):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0x5015, 0x0)
908.939686ms ago: executing program 3 (id=141):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
fgetxattr(r0, &(0x7f0000000040)=@random={'security.', '\xe8H4[-]\',!@Q*+#+%\x00'}, &(0x7f00000002c0)=""/19, 0x13)
705.587819ms ago: executing program 1 (id=142):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000640)={'tunl0\x00', &(0x7f0000000580)={'ip_vti0\x00', 0x0, 0x8, 0x20, 0x7b9c0000, 0xa1, {{0x5, 0x4, 0x0, 0x7, 0x14, 0x68, 0x0, 0x1, 0x2f, 0x0, @rand_addr, @empty}}}})
698.314699ms ago: executing program 0 (id=143):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x8)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='c >'], 0x8)
255.120636ms ago: executing program 0 (id=144):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="3c0000001800ef0100000000000000000a00fc"], 0x3c}, 0x1, 0x11}, 0x0)
218.802996ms ago: executing program 3 (id=145):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001e000100000000000400000002000000", @ANYRES32=0x0, @ANYBLOB="0000000008000d80"], 0x2c}}, 0x0)
191.264077ms ago: executing program 1 (id=146):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000300)='./file0\x00', 0x800, &(0x7f0000000240)={[{@shortad}, {@gid}, {@uid_forget}, {@gid_forget}, {@volume={'volume', 0x3d, 0x3ff}}, {@utf8}, {@noadinicb}, {@lastblock={'lastblock', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@dmode={'dmode', 0x3d, 0x7}}]}, 0x1, 0xc32, &(0x7f000001fd40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
0s ago: executing program 2 (id=147):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000140)={0xa, 0x7, 0x0, @remote, 0x11e}, 0x20)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts.
syzkaller login: [ 82.835428][ T5775] cgroup: Unknown subsys name 'net'
[ 83.002879][ T5775] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 84.734112][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 86.813029][ T5798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 86.821354][ T5798] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 86.829988][ T5798] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 86.838134][ T5798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 86.845627][ T5798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 86.854625][ T5798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 86.855325][ T5799] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 86.862348][ T5798] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 86.877632][ T5798] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 86.885958][ T5803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 86.894230][ T5803] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 86.896519][ T5801] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 86.902113][ T5803] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 86.909417][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 86.920325][ T5801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 86.924348][ T5798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 86.930850][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 86.940800][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 86.952195][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 86.959753][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 86.967851][ T5801] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 86.967962][ T5798] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 86.982723][ T5798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 86.983290][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 87.658625][ T5789] chnl_net:caif_netlink_parms(): no params data found
[ 87.679114][ T5786] chnl_net:caif_netlink_parms(): no params data found
[ 87.904988][ T5787] chnl_net:caif_netlink_parms(): no params data found
[ 87.932379][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.939648][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.948188][ T5789] bridge_slave_0: entered allmulticast mode
[ 87.955480][ T5789] bridge_slave_0: entered promiscuous mode
[ 87.987244][ T5788] chnl_net:caif_netlink_parms(): no params data found
[ 88.005517][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.012964][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.020168][ T5789] bridge_slave_1: entered allmulticast mode
[ 88.027441][ T5789] bridge_slave_1: entered promiscuous mode
[ 88.112051][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.119450][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.127022][ T5786] bridge_slave_0: entered allmulticast mode
[ 88.134751][ T5786] bridge_slave_0: entered promiscuous mode
[ 88.156529][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.169937][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.179538][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.187099][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.194407][ T5786] bridge_slave_1: entered allmulticast mode
[ 88.201475][ T5786] bridge_slave_1: entered promiscuous mode
[ 88.342463][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.351824][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.359284][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.366556][ T5788] bridge_slave_0: entered allmulticast mode
[ 88.374026][ T5788] bridge_slave_0: entered promiscuous mode
[ 88.382169][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.390841][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.398127][ T5788] bridge_slave_1: entered allmulticast mode
[ 88.405463][ T5788] bridge_slave_1: entered promiscuous mode
[ 88.413570][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.420723][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.428129][ T5787] bridge_slave_0: entered allmulticast mode
[ 88.435341][ T5787] bridge_slave_0: entered promiscuous mode
[ 88.443709][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.450872][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.458149][ T5787] bridge_slave_1: entered allmulticast mode
[ 88.465485][ T5787] bridge_slave_1: entered promiscuous mode
[ 88.477067][ T5789] team0: Port device team_slave_0 added
[ 88.485597][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.560276][ T5789] team0: Port device team_slave_1 added
[ 88.588043][ T5786] team0: Port device team_slave_0 added
[ 88.597532][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.610279][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.646701][ T5786] team0: Port device team_slave_1 added
[ 88.680290][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.693297][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.703805][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 88.710785][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.737023][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.751535][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.758605][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.784596][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.839818][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 88.848136][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.874779][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.887752][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.894766][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.921289][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.936300][ T5788] team0: Port device team_slave_0 added
[ 88.963293][ T5792] Bluetooth: hci2: command tx timeout
[ 88.970284][ T5788] team0: Port device team_slave_1 added
[ 88.979219][ T5787] team0: Port device team_slave_0 added
[ 89.024024][ T5787] team0: Port device team_slave_1 added
[ 89.043278][ T5801] Bluetooth: hci0: command tx timeout
[ 89.043332][ T50] Bluetooth: hci3: command tx timeout
[ 89.054790][ T5792] Bluetooth: hci1: command tx timeout
[ 89.072118][ T5789] hsr_slave_0: entered promiscuous mode
[ 89.079764][ T5789] hsr_slave_1: entered promiscuous mode
[ 89.099889][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 89.106983][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.133548][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 89.147136][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 89.154310][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.180616][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 89.210942][ T5786] hsr_slave_0: entered promiscuous mode
[ 89.217615][ T5786] hsr_slave_1: entered promiscuous mode
[ 89.224870][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 89.232851][ T5786] Cannot create hsr debugfs directory
[ 89.271207][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 89.278352][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.304875][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 89.349658][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 89.356969][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.383162][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 89.441893][ T5788] hsr_slave_0: entered promiscuous mode
[ 89.448516][ T5788] hsr_slave_1: entered promiscuous mode
[ 89.455441][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 89.463187][ T5788] Cannot create hsr debugfs directory
[ 89.533213][ T5787] hsr_slave_0: entered promiscuous mode
[ 89.540781][ T5787] hsr_slave_1: entered promiscuous mode
[ 89.549069][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 89.556784][ T5787] Cannot create hsr debugfs directory
[ 89.927390][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 89.951834][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 89.963543][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 89.975064][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 90.039604][ T5786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 90.064311][ T5786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 90.075768][ T5786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 90.098631][ T5786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 90.159944][ T5787] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 90.181903][ T5787] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 90.210824][ T5787] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 90.223509][ T5787] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 90.302002][ T5788] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 90.323187][ T5788] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 90.340204][ T5788] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 90.351709][ T5788] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 90.458951][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.502101][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[ 90.537678][ T34] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.545169][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.577337][ T34] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.584515][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.625725][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.660917][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.726587][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.747800][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[ 90.765032][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[ 90.825432][ T3505] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.832729][ T3505] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.845874][ T3505] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.853241][ T3505] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.871361][ T3505] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.878629][ T3505] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.895122][ T3505] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.902379][ T3505] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.007273][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.042651][ T5792] Bluetooth: hci2: command tx timeout
[ 91.050599][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.057824][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.091047][ T59] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.098284][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.121346][ T5786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 91.123156][ T5792] Bluetooth: hci1: command tx timeout
[ 91.137877][ T50] Bluetooth: hci3: command tx timeout
[ 91.137888][ T5801] Bluetooth: hci0: command tx timeout
[ 91.252038][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.378204][ T5789] veth0_vlan: entered promiscuous mode
[ 91.424648][ T5789] veth1_vlan: entered promiscuous mode
[ 91.515654][ T5789] veth0_macvtap: entered promiscuous mode
[ 91.542007][ T5789] veth1_macvtap: entered promiscuous mode
[ 91.588826][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 91.621242][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 91.664026][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.679320][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.688907][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.703824][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.790753][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.841488][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.900424][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.931040][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.956316][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.027645][ T5786] veth0_vlan: entered promiscuous mode
[ 92.039946][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.045896][ T5786] veth1_vlan: entered promiscuous mode
[ 92.063807][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.115878][ T5787] veth0_vlan: entered promiscuous mode
[ 92.156229][ T5788] veth0_vlan: entered promiscuous mode
[ 92.181583][ T9] cfg80211: failed to load regulatory.db
[ 92.191194][ T5786] veth0_macvtap: entered promiscuous mode
[ 92.203883][ T5787] veth1_vlan: entered promiscuous mode
[ 92.222104][ T5788] veth1_vlan: entered promiscuous mode
[ 92.235654][ T5786] veth1_macvtap: entered promiscuous mode
[ 92.321542][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 92.335570][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.349293][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 92.370326][ T5787] veth0_macvtap: entered promiscuous mode
[ 92.401585][ T5787] veth1_macvtap: entered promiscuous mode
[ 92.426343][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 92.454161][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.466253][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 92.491406][ T5788] veth0_macvtap: entered promiscuous mode
[ 92.521320][ T5786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.525018][ T5883] syz.1.5[5883]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 92.530561][ T5786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.549780][ T5786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.559601][ T5786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.589612][ T5883] loop1: detected capacity change from 0 to 2048
[ 92.596686][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 92.608643][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.627622][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 92.640179][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.655717][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 92.678219][ T5788] veth1_macvtap: entered promiscuous mode
[ 92.681488][ T5883] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 92.728617][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 92.756457][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.767450][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 92.779187][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 92.794786][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 92.837570][ T5787] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.844280][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 92.855424][ T5787] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.865958][ T5787] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.878716][ T5787] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.994322][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 93.006765][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.017867][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 93.060888][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.072526][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 93.084080][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.088080][ T5890] usb usb1: usbfs: process 5890 (syz.1.7) did not claim interface 0 before use
[ 93.097299][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 93.122977][ T5801] Bluetooth: hci2: command tx timeout
[ 93.129669][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 93.140348][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.151020][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 93.162329][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.172187][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 93.183407][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 93.195431][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 93.203227][ T5792] Bluetooth: hci0: command tx timeout
[ 93.208707][ T5792] Bluetooth: hci1: command tx timeout
[ 93.215047][ T5801] Bluetooth: hci3: command tx timeout
[ 93.304640][ T5788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.320076][ T5788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.331157][ T5788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.348801][ T5788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.458525][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.471254][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.521311][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.531583][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.584262][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.592167][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.642791][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.651238][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.696851][ T1024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.705254][ T5842] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 93.720862][ T1024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.782761][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.790686][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.923544][ T5842] usb 2-1: Using ep0 maxpacket: 8
[ 93.946233][ T5842] usb 2-1: config 6 has an invalid interface number: 2 but max is 0
[ 93.972550][ T5842] usb 2-1: config 6 has no interface number 0
[ 93.979217][ T5842] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 94.028926][ T5842] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 94.066030][ T5842] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 94.108875][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 94.131186][ T5842] usb 2-1: Product: syz
[ 94.141971][ T5842] usb 2-1: Manufacturer: syz
[ 94.158288][ T5842] usb 2-1: SerialNumber: syz
[ 94.207688][ T5842] hso 2-1:6.2: Failed to find INT IN ep
[ 94.378343][ T5911] pim6reg: entered allmulticast mode
[ 94.453834][ T5913] netlink: 'syz.0.15': attribute type 5 has an invalid length.
[ 94.519343][ T5863] usb 2-1: USB disconnect, device number 2
[ 94.669688][ T27] audit: type=1326 audit(1752115653.490:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.0.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 94.694737][ T5921] loop2: detected capacity change from 0 to 8
[ 94.762804][ T27] audit: type=1326 audit(1752115653.490:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.0.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 94.822587][ T27] audit: type=1326 audit(1752115653.490:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.0.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 94.874446][ T27] audit: type=1326 audit(1752115653.490:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.0.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 94.908012][ T27] audit: type=1326 audit(1752115653.490:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.0.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 94.945615][ T27] audit: type=1800 audit(1752115653.780:7): pid=5921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.18" name="file1" dev="loop2" ino=5 res=0 errno=0
[ 95.204076][ T5801] Bluetooth: hci2: command tx timeout
[ 95.282963][ T5801] Bluetooth: hci0: command tx timeout
[ 95.288531][ T5792] Bluetooth: hci3: command tx timeout
[ 95.292161][ T50] Bluetooth: hci1: command tx timeout
[ 95.352863][ T5937] macvtap0: entered allmulticast mode
[ 95.388085][ T5937] veth0_macvtap: entered allmulticast mode
[ 95.537293][ T5943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.30'.
[ 95.582592][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.30'.
[ 95.719944][ T5951] capability: warning: `syz.3.34' uses deprecated v2 capabilities in a way that may be insecure
[ 95.937798][ T5959] Illegal XDP return value 772299264 on prog (id 3) dev N/A, expect packet loss!
[ 96.214769][ T5967] autofs4:pid:5967:validate_dev_ioctl: invalid path supplied for cmd(0xc018937d)
[ 96.475800][ T27] audit: type=1326 audit(1752115655.310:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5978 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 96.527422][ T27] audit: type=1326 audit(1752115655.310:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5978 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 96.560379][ T27] audit: type=1326 audit(1752115655.310:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5978 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 96.637308][ T27] audit: type=1326 audit(1752115655.310:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5978 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd893d8e929 code=0x7ffc0000
[ 96.662825][ T28] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[ 96.820835][ T5990] loop3: detected capacity change from 0 to 128
[ 96.860238][ T5990] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 96.889239][ T28] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10
[ 96.912456][ T28] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 96.929609][ T28] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 96.940648][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 96.955614][ T28] usb 2-1: Product: syz
[ 96.961690][ T28] usb 2-1: Manufacturer: syz
[ 96.969075][ T28] usb 2-1: SerialNumber: syz
[ 96.975302][ T5990] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 96.989169][ T28] usb 2-1: config 0 descriptor??
[ 97.008364][ T28] snd-usb-audio: probe of 2-1:0.0 failed with error -90
[ 97.261494][ T5842] usb 2-1: USB disconnect, device number 3
[ 97.455148][ T6004] loop3: detected capacity change from 0 to 256
[ 97.542564][ T6004] FAT-fs (loop3): Directory bread(block 64) failed
[ 97.549550][ T6004] FAT-fs (loop3): Directory bread(block 65) failed
[ 97.565605][ T6004] FAT-fs (loop3): Directory bread(block 66) failed
[ 97.577042][ T6004] FAT-fs (loop3): Directory bread(block 67) failed
[ 97.586759][ T6004] FAT-fs (loop3): Directory bread(block 68) failed
[ 97.601418][ T6004] FAT-fs (loop3): Directory bread(block 69) failed
[ 97.617708][ T6004] FAT-fs (loop3): Directory bread(block 70) failed
[ 97.628275][ T6004] FAT-fs (loop3): Directory bread(block 71) failed
[ 97.628565][ T6008] netlink: 16 bytes leftover after parsing attributes in process `syz.0.62'.
[ 97.635240][ T6004] FAT-fs (loop3): Directory bread(block 72) failed
[ 97.650723][ T6004] FAT-fs (loop3): Directory bread(block 73) failed
[ 97.880477][ T6012] netlink: 20 bytes leftover after parsing attributes in process `syz.2.64'.
[ 98.113847][ T6019] qrtr: Invalid version 0
[ 98.662519][ T6036] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[ 99.589615][ T6069] netlink: 'syz.2.89': attribute type 4 has an invalid length.
[ 99.622585][ T6069] netlink: 152 bytes leftover after parsing attributes in process `syz.2.89'.
[ 99.724873][ T6069] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 99.951458][ T6073] loop0: detected capacity change from 0 to 4096
[ 99.985071][ T6073] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 100.014632][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.2.96'.
[ 100.192664][ T6085] netlink: 500 bytes leftover after parsing attributes in process `syz.1.98'.
[ 100.228238][ T6085] netlink: 16 bytes leftover after parsing attributes in process `syz.1.98'.
[ 100.476399][ T6091] netlink: 36 bytes leftover after parsing attributes in process `syz.1.104'.
[ 100.539643][ T6089] loop3: detected capacity change from 0 to 4096
[ 100.719648][ T6101] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 100.749388][ T6102] netlink: 'syz.2.107': attribute type 21 has an invalid length.
[ 100.793981][ T6102] netlink: 132 bytes leftover after parsing attributes in process `syz.2.107'.
[ 101.173718][ T6113] warning: `syz.3.112' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 101.309077][ T6116] loop2: detected capacity change from 0 to 1024
[ 101.390673][ T6118] loop0: detected capacity change from 0 to 1024
[ 101.409909][ T6118] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 101.450784][ T6118] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 101.543410][ T34] hfsplus: b-tree write err: -5, ino 4
[ 101.585685][ T6118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 101.737189][ T6118] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2797: inode #2: comm syz.0.115: corrupted in-inode xattr: bad e_name length
[ 101.771844][ T6118] EXT4-fs (loop0): Remounting filesystem read-only
[ 101.790215][ T6118] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2867: Unable to expand inode 2. Delete some EAs or run e2fsck.
[ 101.812569][ T6134] delete_channel: no stack
[ 101.870206][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 102.076651][ T6144] loop0: detected capacity change from 0 to 8
[ 102.082157][ T6143] loop1: detected capacity change from 0 to 512
[ 102.110984][ T6144] SQUASHFS error: xz decompression failed, data probably corrupt
[ 102.121826][ T6144] SQUASHFS error: Failed to read block 0x108: -5
[ 102.129050][ T6144] SQUASHFS error: Unable to read metadata cache entry [106]
[ 102.140530][ T6144] SQUASHFS error: Unable to read inode 0x11f
[ 102.170278][ T6143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 102.199068][ T6143] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 102.268112][ T6143] __quota_error: 1 callbacks suppressed
[ 102.268130][ T6143] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[ 102.302493][ T6143] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 102.322412][ T6143] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.125: Failed to acquire dquot type 0
[ 102.436723][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 102.792538][ T5895] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 102.996988][ T5834] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 103.021532][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 103.050497][ T5895] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 103.077420][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33119, setting to 1024
[ 103.089860][ T5895] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 103.103678][ T5895] usb 1-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[ 103.120562][ T5895] usb 1-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[ 103.142409][ T5895] usb 1-1: Manufacturer: syz
[ 103.164405][ T5895] usb 1-1: config 0 descriptor??
[ 103.174057][ T6144] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 103.185754][ T5895] smsusb:smsusb_probe: board id=9, interface number 0
[ 103.204118][ T50] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 103.212864][ T50] Bluetooth: hci2: Injecting HCI hardware error event
[ 103.221405][ T5792] Bluetooth: hci2: hardware error 0x00
[ 103.234414][ T5834] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 103.251654][ T5834] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 103.253607][ T5895] smsusb:siano_media_device_register: media controller created
[ 103.285133][ T5834] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 103.292051][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.301663][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.302899][ T5834] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 103.309019][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.327469][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.330741][ T5834] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 103.335888][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.352283][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.354263][ T5834] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 103.369306][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.376656][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.383989][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.391303][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.417778][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.425172][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.432736][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.440022][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.447362][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.465272][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.472641][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.479971][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.482327][ T5834] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 103.487345][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.502868][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.521398][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.523060][ T5834] usb 3-1: Product: syz
[ 103.528755][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.540254][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.547610][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.554938][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.562785][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.570114][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.577399][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.584833][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.592090][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.608474][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.615885][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.620034][ T5834] usb 3-1: Manufacturer: syz
[ 103.623236][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.635251][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.642641][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.650004][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.657797][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.665747][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.673165][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.680036][ T5834] cdc_wdm 3-1:1.0: skipping garbage
[ 103.680456][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.693066][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.700381][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.703210][ T5834] cdc_wdm 3-1:1.0: skipping garbage
[ 103.707757][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.720364][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.733960][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.741296][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.748587][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.756002][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.763312][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.764973][ T5834] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 103.770698][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.770754][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.793869][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.801229][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.808564][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.815921][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.818546][ T5834] cdc_wdm 3-1:1.0: Unknown control protocol
[ 103.823209][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.823277][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.843850][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.852687][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.860048][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.867386][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.874733][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.882370][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.889713][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.897030][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.906410][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.913799][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.921174][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.928503][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.936030][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.943301][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.950648][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.958357][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.965742][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.973163][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.980521][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.987869][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 103.995206][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.003385][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.010746][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.018569][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.026005][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.033514][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.041256][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.048594][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.055918][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.063236][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.070669][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.078000][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.085315][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.092963][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.100302][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.107636][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.114976][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.122307][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.129722][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.137723][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.145062][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.152560][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.159886][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.167212][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.174528][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.181855][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.189749][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.197178][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.204504][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.211822][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.219244][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.226573][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.233916][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.237846][ T6156] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[ 104.242021][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.255307][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.262784][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.270190][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.277604][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.284934][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.292776][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.300724][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.308162][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.315487][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.316294][ T5863] usb 3-1: USB disconnect, device number 2
[ 104.322891][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.336270][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.343706][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.351085][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.365250][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.372717][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.380053][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.387386][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.394738][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.402100][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.409688][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.417856][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.425205][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.432533][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.439848][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.447162][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.454439][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.461694][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.469490][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.476845][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.484201][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.491549][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.498902][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.506244][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.514329][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.521696][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.529030][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.536377][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.543725][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.551879][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.559247][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.566941][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.574496][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.581799][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.589167][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.596485][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.603775][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.611058][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.618633][ T5895] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[ 104.627977][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.628089][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.628186][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.652024][ T5895] smsmdtv:smscore_set_device_mode: mode detect failed -22
[ 104.659253][ T5895] smsmdtv:smscore_start_device: set device mode failed , rc -22
[ 104.667038][ T5895] smsusb:smsusb_init_device: smscore_start_device(...) failed
[ 104.674843][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.682185][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.689514][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.696913][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.704257][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.711591][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.718921][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.732917][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.740276][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.747610][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.757324][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.764689][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.772031][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.779368][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.786716][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.787957][ T6180] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 104.794502][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.813253][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.820605][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.827938][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.835239][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.843333][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.850774][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.858100][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.865441][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.872757][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.880078][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.887402][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.894726][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.902050][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.909970][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.917308][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.924635][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.931976][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.939317][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.946654][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.954682][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.961988][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.974316][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.984338][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.991692][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 104.999010][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.006331][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.013663][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.020993][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.028755][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.036075][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.044481][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.051904][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.059184][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.066450][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.073706][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.080957][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.088267][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.095570][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.103176][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.115411][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.122883][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.130214][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.137569][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.144921][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.152254][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.159600][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.167728][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.175152][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.182930][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.190263][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.197634][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.204950][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.212270][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.219596][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.226919][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.235267][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.242616][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.249923][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.257327][ C1] smsusb:smsusb_onresponse: error, urb status -2, 0 bytes
[ 105.264584][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.272020][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.279345][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.286667][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.293986][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.301293][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 105.311003][ T5895] ------------[ cut here ]------------
[ 105.316980][ T5895] ODEBUG: free active (active state 0) object: ffff88802f6720e8 object type: work_struct hint: do_submit_urb+0x0/0x360
[ 105.326825][ T6187] netlink: 32 bytes leftover after parsing attributes in process `syz.0.144'.
[ 105.330596][ T54] ==================================================================
[ 105.346539][ T54] BUG: KASAN: slab-use-after-free in __lock_acquire+0xff/0x7c80
[ 105.354213][ T54] Read of size 8 at addr ffff888029311098 by task kworker/1:2/54
[ 105.361957][ T54]
[ 105.364317][ T54] CPU: 1 PID: 54 Comm: kworker/1:2 Not tainted 6.6.96-syzkaller #0
[ 105.372244][ T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 105.382339][ T54] Workqueue: events do_submit_urb
[ 105.387440][ T54] Call Trace:
[ 105.390752][ T54]
[ 105.392409][ T5792] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 105.393699][ T54] dump_stack_lvl+0x16c/0x230
[ 105.404646][ T54] ? __lock_acquire+0x7c80/0x7c80
[ 105.409719][ T54] ? show_regs_print_info+0x20/0x20
[ 105.414969][ T54] ? load_image+0x3b0/0x3b0
[ 105.419517][ T54] ? __virt_addr_valid+0x469/0x540
[ 105.424650][ T54] print_report+0xac/0x230
[ 105.429080][ T54] ? __lock_acquire+0xff/0x7c80
[ 105.433946][ T54] kasan_report+0x117/0x150
[ 105.438468][ T54] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 105.444473][ T54] ? __lock_acquire+0xff/0x7c80
[ 105.449344][ T54] __lock_acquire+0xff/0x7c80
[ 105.454035][ T54] ? mark_lock+0x94/0x320
[ 105.458453][ T54] ? __lock_acquire+0x1334/0x7c80
[ 105.463519][ T54] ? mark_lock+0x94/0x320
[ 105.467862][ T54] ? look_up_lock_class+0x75/0x140
[ 105.472984][ T54] ? verify_lock_unused+0x140/0x140
[ 105.478217][ T54] ? register_lock_class+0xb5/0x890
[ 105.483429][ T54] ? is_dynamic_key+0x260/0x260
[ 105.488300][ T54] ? mark_lock+0x94/0x320
[ 105.492641][ T54] ? __lock_acquire+0x1334/0x7c80
[ 105.497708][ T54] lock_acquire+0x197/0x410
[ 105.502326][ T54] ? smscore_getbuffer+0xa9/0x440
[ 105.507385][ T54] ? read_lock_is_recursive+0x20/0x20
[ 105.512784][ T54] _raw_spin_lock_irqsave+0xa8/0xf0
[ 105.518013][ T54] ? smscore_getbuffer+0xa9/0x440
[ 105.523053][ T54] ? _raw_spin_lock+0x40/0x40
[ 105.527760][ T54] smscore_getbuffer+0xa9/0x440
[ 105.532629][ T54] ? smscore_onresponse+0xf10/0xf10
[ 105.537843][ T54] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 105.543838][ T54] ? read_lock_is_recursive+0x20/0x20
[ 105.549243][ T54] do_submit_urb+0x98/0x360
[ 105.553772][ T54] ? process_scheduled_works+0x957/0x15b0
[ 105.559508][ T54] ? process_scheduled_works+0x957/0x15b0
[ 105.565244][ T54] process_scheduled_works+0xa45/0x15b0
[ 105.570815][ T54] ? assign_work+0x400/0x400
[ 105.575420][ T54] ? assign_work+0x39e/0x400
[ 105.580023][ T54] worker_thread+0xa55/0xfc0
[ 105.584629][ T54] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 105.590545][ T54] ? _raw_spin_unlock+0x40/0x40
[ 105.595588][ T54] ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 105.601508][ T54] kthread+0x2fa/0x390
[ 105.605600][ T54] ? pr_cont_work+0x560/0x560
[ 105.610291][ T54] ? kthread_blkcg+0xd0/0xd0
[ 105.614892][ T54] ret_from_fork+0x48/0x80
[ 105.619412][ T54] ? kthread_blkcg+0xd0/0xd0
[ 105.624015][ T54] ret_from_fork_asm+0x11/0x20
[ 105.628801][ T54]
[ 105.631826][ T54]
[ 105.634172][ T54] Allocated by task 5895:
[ 105.638534][ T54] kasan_set_track+0x4e/0x70
[ 105.643159][ T54] __kasan_kmalloc+0x8f/0xa0
[ 105.647776][ T54] smscore_register_device+0x63/0x10f0
[ 105.653247][ T54] smsusb_probe+0x1362/0x1da0
[ 105.657943][ T54] usb_probe_interface+0x5a4/0xb00
[ 105.663064][ T54] really_probe+0x25b/0xb40
[ 105.667603][ T54] __driver_probe_device+0x18c/0x330
[ 105.672905][ T54] driver_probe_device+0x4f/0x420
[ 105.677951][ T54] __device_attach_driver+0x2ca/0x520
[ 105.683453][ T54] bus_for_each_drv+0x24b/0x2d0
[ 105.688961][ T54] __device_attach+0x2b5/0x400
[ 105.693754][ T54] bus_probe_device+0x180/0x260
[ 105.698625][ T54] device_add+0x85b/0xc20
[ 105.702969][ T54] usb_set_configuration+0x1a79/0x20c0
[ 105.708444][ T54] usb_generic_driver_probe+0x8d/0x150
[ 105.713932][ T54] usb_probe_device+0x13d/0x280
[ 105.718797][ T54] really_probe+0x25b/0xb40
[ 105.723317][ T54] __driver_probe_device+0x18c/0x330
[ 105.728616][ T54] driver_probe_device+0x4f/0x420
[ 105.733654][ T54] __device_attach_driver+0x2ca/0x520
[ 105.739040][ T54] bus_for_each_drv+0x24b/0x2d0
[ 105.743941][ T54] __device_attach+0x2b5/0x400
[ 105.748993][ T54] bus_probe_device+0x180/0x260
[ 105.753872][ T54] device_add+0x85b/0xc20
[ 105.758213][ T54] usb_new_device+0xa31/0x1630
[ 105.762989][ T54] hub_event+0x2957/0x49c0
[ 105.767423][ T54] process_scheduled_works+0xa45/0x15b0
[ 105.772998][ T54] worker_thread+0xa55/0xfc0
[ 105.777619][ T54] kthread+0x2fa/0x390
[ 105.781733][ T54] ret_from_fork+0x48/0x80
[ 105.786170][ T54] ret_from_fork_asm+0x11/0x20
[ 105.791047][ T54]
[ 105.793378][ T54] Freed by task 5895:
[ 105.797366][ T54] kasan_set_track+0x4e/0x70
[ 105.801973][ T54] kasan_save_free_info+0x2e/0x50
[ 105.807031][ T54] ____kasan_slab_free+0x126/0x1e0
[ 105.812154][ T54] slab_free_freelist_hook+0x130/0x1b0
[ 105.817630][ T54] __kmem_cache_free+0xba/0x1f0
[ 105.822500][ T54] smscore_unregister_device+0x603/0x6e0
[ 105.828144][ T54] smsusb_term_device+0x18f/0x220
[ 105.833187][ T54] smsusb_probe+0x1708/0x1da0
[ 105.837880][ T54] usb_probe_interface+0x5a4/0xb00
[ 105.843008][ T54] really_probe+0x25b/0xb40
[ 105.847524][ T54] __driver_probe_device+0x18c/0x330
[ 105.852825][ T54] driver_probe_device+0x4f/0x420
[ 105.857866][ T54] __device_attach_driver+0x2ca/0x520
[ 105.863256][ T54] bus_for_each_drv+0x24b/0x2d0
[ 105.868120][ T54] __device_attach+0x2b5/0x400
[ 105.872902][ T54] bus_probe_device+0x180/0x260
[ 105.877768][ T54] device_add+0x85b/0xc20
[ 105.882106][ T54] usb_set_configuration+0x1a79/0x20c0
[ 105.887586][ T54] usb_generic_driver_probe+0x8d/0x150
[ 105.893066][ T54] usb_probe_device+0x13d/0x280
[ 105.897937][ T54] really_probe+0x25b/0xb40
[ 105.902461][ T54] __driver_probe_device+0x18c/0x330
[ 105.907761][ T54] driver_probe_device+0x4f/0x420
[ 105.912800][ T54] __device_attach_driver+0x2ca/0x520
[ 105.918187][ T54] bus_for_each_drv+0x24b/0x2d0
[ 105.923048][ T54] __device_attach+0x2b5/0x400
[ 105.927916][ T54] bus_probe_device+0x180/0x260
[ 105.932783][ T54] device_add+0x85b/0xc20
[ 105.937120][ T54] usb_new_device+0xa31/0x1630
[ 105.941898][ T54] hub_event+0x2957/0x49c0
[ 105.946336][ T54] process_scheduled_works+0xa45/0x15b0
[ 105.951914][ T54] worker_thread+0xa55/0xfc0
[ 105.956529][ T54] kthread+0x2fa/0x390
[ 105.960614][ T54] ret_from_fork+0x48/0x80
[ 105.965046][ T54] ret_from_fork_asm+0x11/0x20
[ 105.969825][ T54]
[ 105.972155][ T54] The buggy address belongs to the object at ffff888029311000
[ 105.972155][ T54] which belongs to the cache kmalloc-2k of size 2048
[ 105.986215][ T54] The buggy address is located 152 bytes inside of
[ 105.986215][ T54] freed 2048-byte region [ffff888029311000, ffff888029311800)
[ 106.000107][ T54]
[ 106.002435][ T54] The buggy address belongs to the physical page:
[ 106.008895][ T54] page:ffffea0000a4c400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29310
[ 106.019144][ T54] head:ffffea0000a4c400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 106.028081][ T54] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 106.036072][ T54] page_type: 0xffffffff()
[ 106.040410][ T54] raw: 00fff00000000840 ffff888017842000 ffffea00017b4600 dead000000000002
[ 106.049003][ T54] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 106.057593][ T54] page dumped because: kasan: bad access detected
[ 106.064017][ T54] page_owner tracks the page as allocated
[ 106.069735][ T54] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5787, tgid 5787 (syz-executor), ts 87221185810, free_ts 51481997777
[ 106.091114][ T54] post_alloc_hook+0x1cd/0x210
[ 106.095893][ T54] get_page_from_freelist+0x195c/0x19f0
[ 106.101453][ T54] __alloc_pages+0x1e3/0x460
[ 106.106054][ T54] alloc_slab_page+0x5d/0x170
[ 106.110741][ T54] new_slab+0x87/0x2e0
[ 106.114815][ T54] ___slab_alloc+0xc6d/0x12f0
[ 106.119499][ T54] __kmem_cache_alloc_node+0x1a2/0x260
[ 106.124978][ T54] __kmalloc+0xa4/0x240
[ 106.129144][ T54] ops_init+0x8b/0x640
[ 106.133228][ T54] setup_net+0x3a5/0xa00
[ 106.137724][ T54] copy_net_ns+0x36d/0x5e0
[ 106.142181][ T54] create_new_namespaces+0x3d3/0x6f0
[ 106.147477][ T54] unshare_nsproxy_namespaces+0x11a/0x160
[ 106.153209][ T54] ksys_unshare+0x4c0/0x890
[ 106.157763][ T54] __x64_sys_unshare+0x38/0x40
[ 106.162539][ T54] do_syscall_64+0x55/0xb0
[ 106.167059][ T54] page last free stack trace:
[ 106.171746][ T54] free_unref_page_prepare+0x7ce/0x8e0
[ 106.177219][ T54] free_unref_page+0x32/0x2e0
[ 106.181905][ T54] __unfreeze_partials+0x1cf/0x210
[ 106.187058][ T54] put_cpu_partial+0x17c/0x250
[ 106.191832][ T54] __slab_free+0x31d/0x410
[ 106.196257][ T54] qlist_free_all+0x75/0xe0
[ 106.200771][ T54] kasan_quarantine_reduce+0x143/0x160
[ 106.206238][ T54] __kasan_slab_alloc+0x22/0x80
[ 106.211110][ T54] slab_post_alloc_hook+0x6e/0x4d0
[ 106.216231][ T54] __kmem_cache_alloc_node+0x13e/0x260
[ 106.221701][ T54] __kmalloc+0xa4/0x240
[ 106.225863][ T54] tomoyo_realpath_from_path+0xe3/0x5d0
[ 106.231435][ T54] tomoyo_path_perm+0x20f/0x4b0
[ 106.236346][ T54] tomoyo_path_symlink+0xa4/0xe0
[ 106.241295][ T54] security_path_symlink+0xe0/0x130
[ 106.246519][ T54] do_symlinkat+0x108/0x3f0
[ 106.251037][ T54]
[ 106.253371][ T54] Memory state around the buggy address:
[ 106.259025][ T54] ffff888029310f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 106.267111][ T54] ffff888029311000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 106.275292][ T54] >ffff888029311080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 106.283372][ T54] ^
[ 106.288236][ T54] ffff888029311100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 106.296309][ T54] ffff888029311180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 106.304400][ T54] ==================================================================
[ 106.313401][ T54] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 106.321123][ T54] CPU: 1 PID: 54 Comm: kworker/1:2 Not tainted 6.6.96-syzkaller #0
[ 106.329026][ T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 106.339090][ T54] Workqueue: events do_submit_urb
[ 106.344140][ T54] Call Trace:
[ 106.347433][ T54]
[ 106.350374][ T54] dump_stack_lvl+0x16c/0x230
[ 106.355072][ T54] ? show_regs_print_info+0x20/0x20
[ 106.360287][ T54] ? load_image+0x3b0/0x3b0
[ 106.364807][ T54] panic+0x2c0/0x710
[ 106.368713][ T54] ? bpf_jit_dump+0xd0/0xd0
[ 106.373223][ T54] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 106.379212][ T54] ? _raw_spin_unlock+0x40/0x40
[ 106.384069][ T54] ? print_memory_metadata+0x314/0x400
[ 106.389541][ T54] ? __lock_acquire+0xff/0x7c80
[ 106.394404][ T54] check_panic_on_warn+0x84/0xa0
[ 106.399370][ T54] ? __lock_acquire+0xff/0x7c80
[ 106.404234][ T54] end_report+0x6f/0x140
[ 106.408493][ T54] kasan_report+0x128/0x150
[ 106.413012][ T54] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 106.419008][ T54] ? __lock_acquire+0xff/0x7c80
[ 106.423873][ T54] __lock_acquire+0xff/0x7c80
[ 106.428563][ T54] ? mark_lock+0x94/0x320
[ 106.432907][ T54] ? __lock_acquire+0x1334/0x7c80
[ 106.437948][ T54] ? mark_lock+0x94/0x320
[ 106.442377][ T54] ? look_up_lock_class+0x75/0x140
[ 106.447500][ T54] ? verify_lock_unused+0x140/0x140
[ 106.452722][ T54] ? register_lock_class+0xb5/0x890
[ 106.457935][ T54] ? is_dynamic_key+0x260/0x260
[ 106.462802][ T54] ? mark_lock+0x94/0x320
[ 106.467151][ T54] ? __lock_acquire+0x1334/0x7c80
[ 106.472190][ T54] lock_acquire+0x197/0x410
[ 106.476709][ T54] ? smscore_getbuffer+0xa9/0x440
[ 106.481759][ T54] ? read_lock_is_recursive+0x20/0x20
[ 106.487147][ T54] _raw_spin_lock_irqsave+0xa8/0xf0
[ 106.492363][ T54] ? smscore_getbuffer+0xa9/0x440
[ 106.497400][ T54] ? _raw_spin_lock+0x40/0x40
[ 106.502094][ T54] smscore_getbuffer+0xa9/0x440
[ 106.507482][ T54] ? smscore_onresponse+0xf10/0xf10
[ 106.512695][ T54] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 106.518703][ T54] ? read_lock_is_recursive+0x20/0x20
[ 106.524106][ T54] do_submit_urb+0x98/0x360
[ 106.528652][ T54] ? process_scheduled_works+0x957/0x15b0
[ 106.534391][ T54] ? process_scheduled_works+0x957/0x15b0
[ 106.540128][ T54] process_scheduled_works+0xa45/0x15b0
[ 106.545701][ T54] ? assign_work+0x400/0x400
[ 106.550313][ T54] ? assign_work+0x39e/0x400
[ 106.555005][ T54] worker_thread+0xa55/0xfc0
[ 106.559613][ T54] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 106.565533][ T54] ? _raw_spin_unlock+0x40/0x40
[ 106.570399][ T54] ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 106.576319][ T54] kthread+0x2fa/0x390
[ 106.580406][ T54] ? pr_cont_work+0x560/0x560
[ 106.585101][ T54] ? kthread_blkcg+0xd0/0xd0
[ 106.589702][ T54] ret_from_fork+0x48/0x80
[ 106.594131][ T54] ? kthread_blkcg+0xd0/0xd0
[ 106.598728][ T54] ret_from_fork_asm+0x11/0x20
[ 106.603512][ T54]
[ 106.606816][ T54] Kernel Offset: disabled
[ 106.611142][ T54] Rebooting in 86400 seconds..