last executing test programs: 37.305042404s ago: executing program 2 (id=168): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) creat(&(0x7f00000001c0)='./file0\x00', 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0xff], &(0x7f0000001280), 0x0, 0x1}}, 0x40) 37.00521697s ago: executing program 2 (id=172): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10) ioperm(0x0, 0x3ff, 0x4) 36.799360082s ago: executing program 2 (id=174): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r2}, 0x10) sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 36.685511578s ago: executing program 2 (id=176): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0xfe, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b4020000000000007911130000000000850000002e0000009500000000000000358bb9f43d86b13600"/50], &(0x7f0000000100)='syzkaller\x00', 0x4, 0xc5, &(0x7f0000000300)=""/197, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0), 0xffffffffffffff35, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x54) r0 = open(&(0x7f0000000140)='./bus\x00', 0x147142, 0x89) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x30, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x30, 0x0, @opaque="a2696f86455958eecf1078d5d937f54cc226d975f4a7a1e747ecaba69666c37f78c09aa536d8633c"}}}}}}, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) getsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f0000000680), &(0x7f0000000240)=0xfffffffffffffeb7) mount_setattr(r0, &(0x7f00000000c0)='./file0\x00', 0xc00, &(0x7f0000000200)={0x0, 0x9, 0x180000, {r0}}, 0x20) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x21200040}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, r5, 0x10, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x5a}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x86}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}]}, 0x40}}, 0x940) open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x0, 0x0, @dev, @local}}}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) r8 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r8, &(0x7f0000000000)={0x1d, r7}, 0x10) setsockopt$CAN_RAW_ERR_FILTER(r8, 0x65, 0x2, &(0x7f0000000040)=0x2, 0x4) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x40044) 35.224109936s ago: executing program 2 (id=184): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000001000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_open_pts(r0, 0x42) 31.995136863s ago: executing program 2 (id=197): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_open_dev$usbfs(0x0, 0x10, 0x20481) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21081e, &(0x7f00000002c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mbind(&(0x7f0000564000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0xffff, 0xc, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'}) 31.926620553s ago: executing program 32 (id=197): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_open_dev$usbfs(0x0, 0x10, 0x20481) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21081e, &(0x7f00000002c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mbind(&(0x7f0000564000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0xffff, 0xc, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'}) 11.212696852s ago: executing program 5 (id=273): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0xffffffffffffffff, @ANYRES16=0x0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="170000000000000000140000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES16=r0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000680)={'veth1_virt_wifi\x00', 0x4000}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = socket$unix(0x1, 0x1, 0x0) bind$unix(r3, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) listen(r3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x4) write(r4, &(0x7f00000000c0)="29000000140005b7ff000000040860eb0101b6ff02150000e578a6ed5bb9c26ed697944d4b06c19897", 0x29) syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10) iopl(0x3) syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000040)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nobh}, {@block_validity}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==") mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=@raw=[@call={0x85, 0x0, 0x0, 0xae}, @exit], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_clone(0x5480, &(0x7f0000000380)="ecb2c188d9460d7abb6f5d2eafa3e3adc9bc0d6b626ced792955e393242bd454b79f61e67368d997fedca203d9689e5405b7be17234d82f8dae6df7727f9a63cba3060e8273ff0154cb8761b604525b4bbe583614c7481dd49d9293e2609f6aa3e097509ecddfde65c9a7b3a9dc3b955edd9b74d0a5a5980", 0x78, &(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)="a8071c38dab0e2e8ce1e260ecd2589051473d772e16a81623ca0bb39cf635bdb25097fd507fb6a0fbe17ae77540b8fae6be8fe916ebfa9900c41a010e166ae99b30057aa6cac07633a0c2e3abf628c84802036235a18f46b981573a69743ed152526019c67f4af588f7d8fa440489a146b9efdcbdb030d623039b500b8") openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) 7.954552908s ago: executing program 3 (id=287): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00') r1 = inotify_init() ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r1, 0x5452, &(0x7f0000000000)={'sit0\x00', 0x0}) close_range(r0, 0xffffffffffffffff, 0x0) 6.648608337s ago: executing program 3 (id=294): r0 = socket(0x1e, 0x805, 0x0) connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}, 0x2}}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) connect$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1}, 0x10) close(r0) 6.447299256s ago: executing program 3 (id=296): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffc00}, 0x18) getdents64(0xffffffffffffffff, 0x0, 0x0) 6.306636678s ago: executing program 3 (id=297): timer_create(0x9, &(0x7f0000000180)={0x0, 0x21}, &(0x7f0000000040)) timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x1}, &(0x7f0000000240)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) unshare(0x20000400) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) 5.177958152s ago: executing program 3 (id=301): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0x1596}]}}]}, 0x38}}, 0x800) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265"], 0x40}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0xfffffff8, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x2242}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_OKEY={0x8, 0x5, 0x200}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x200080c4) 4.069138497s ago: executing program 0 (id=303): rt_sigprocmask(0x1, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) write$binfmt_script(r0, &(0x7f0000000380), 0x208e24b) 4.01334306s ago: executing program 3 (id=304): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$netlink(0x10, 0x3, 0x14) openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000024c0), 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0) 3.852085248s ago: executing program 5 (id=305): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0xfff7fffc, 0x0, 0xffffffff, 0x0, "fb00"}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f77fff00"}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000002c0)={0x90000019}) r2 = syz_open_pts(r0, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"}) r3 = dup3(r2, r0, 0x0) read$rfkill(r3, &(0x7f00000002c0), 0x8) read$watch_queue(r3, &(0x7f0000000e00)=""/4096, 0x1000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)) 3.358891539s ago: executing program 1 (id=308): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, r1) keyctl$KEYCTL_MOVE(0x1e, r1, r1, r2, 0x0) 3.162804687s ago: executing program 1 (id=310): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786cab00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000004000000850000007d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) rt_sigaction(0x40, 0x0, 0x0, 0x8, &(0x7f00000002c0)) 3.094989968s ago: executing program 0 (id=311): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000000090000003c0003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x50}}, 0x0) 3.014153635s ago: executing program 1 (id=312): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x400000000000000}, 0x18) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x34, r1, 0x1, 0x0, 0x800000, {{}, {}, {0x18, 0x17, {0x0, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0) 2.993610187s ago: executing program 4 (id=313): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}]}, 0x44}}, 0x0) 2.809615811s ago: executing program 1 (id=314): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socket$key(0xf, 0x3, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x5, &(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRESHEX=0x0], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket(0x40000000015, 0x5, 0x0) bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2200054, &(0x7f0000000180), 0x4, 0x244, &(0x7f0000000480)="$eJzs3TFoE3scB/DfJU372oZH33vLgwfvPRARLRTdBAfrolCQIg6CChURJ2mF2uLWOrk46KzSyUXEzeooLsVFEZyqdKiLoMXB0kGHSHJpbW3F0sSc9D4fuCR397/73ZH7/i8E7i6A3OqJiP6IKEZEb0SUIiJZ3eD/dOipj051zgxFVCrHPyS1dul4anm57oiYjIj90b6ymvHpU/NLs0d2XRsr7bwzfbKzRbu3xsL83NHF24NXHwzsG3/+8t1gEv1Rrs9bvR/NlGwwrS2J+PNnFPtFJG1ZbwGbcezy/VfV3P8VETtq+S9FIdIv7/po+5NS7Ln1vWVvvH/xTyu3FWi+SqVUPQdOVoDcKUREOZJCX0SknwuFvr70N/zrYlfhwsjopd7zI2PD57LuqYBmKUfMHX7U8bD7m/y/Lab5B7avcvpXX81iMdttAVqrev7vPTOxO+Qfckf+Ybtp33RL+Yf8kn/IL/mH/JJ/yC/5h/ySf8gv+Yf8kn/Ir9X5BwDypdKxteuGl29s0+zrkYHWybr/AQAAAAAAAAAAAAAAAAAA1pvqnBlaHlpV8+nNiIVDEdG2Uf1i7XnEEb/VXrs+JtVmK5J0sYac/q/BFTToXsZXX//+Jtv6z/7Ntv7EcMTklYhYqk9Yc/wl9eNv6/74wfzS2QYLNOjAiWzrf76bbf2B2YjH1f5n70b9TyH+rr2v738OpvdP+/oA5S26+KnBFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAyXwIAAP//VeRflA==") r5 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$9p(r5, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9905000000257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200) sendfile(r5, r6, 0x0, 0xe065) 2.707412677s ago: executing program 0 (id=315): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) 2.70703635s ago: executing program 4 (id=316): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00') flock(r0, 0x2) 2.532237679s ago: executing program 5 (id=317): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) 1.603343638s ago: executing program 4 (id=318): r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0xa}) readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1) 1.502153886s ago: executing program 5 (id=319): timer_create(0x0, 0x0, &(0x7f00000003c0)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) timer_delete(0x0) 1.433663643s ago: executing program 0 (id=320): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000580)={r0, &(0x7f00000004c0), &(0x7f0000000540)=@tcp6, 0x1}, 0x20) 1.302283121s ago: executing program 4 (id=321): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="12000000090000000400000002"], 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, 0x0}, 0x20) 1.299078944s ago: executing program 1 (id=322): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) process_mrelease(0xffffffffffffffff, 0x0) bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000000)={@ifindex, 0xf, 0x1, 0x0, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0xe) 1.103089967s ago: executing program 5 (id=323): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) gettid() r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setresgid(0xee00, 0xffffffffffffffff, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r6, &(0x7f00000000c0), 0x10f) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r6, 0x0) write$tun(r6, &(0x7f0000000280)={@void, @void, @llc={@llc={0xf4, 0x2, "b7"}}}, 0x3) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b8200000", @ANYRES32, @ANYBLOB="000000000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x200400c0) syz_open_dev$evdev(&(0x7f00000003c0), 0x8, 0x2200) fchown(r4, 0x0, 0x0) 1.10276637s ago: executing program 0 (id=324): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 948.987736ms ago: executing program 4 (id=325): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SET_PTRACER(0x59616d61, r0) syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8") r2 = socket(0x11, 0x3, 0x0) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000700)=0xe9, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'veth0_virt_wifi\x00', 0x0}) bind$packet(r2, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r5, &(0x7f0000000200), 0xf000) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x7547, 0x2, 0x2, 0x7, 0xd3, 0x9}) r6 = accept$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000240)=0x14) getsockopt$packet_int(r6, 0x107, 0x3, &(0x7f0000000280), &(0x7f0000000300)=0x4) 324.22338ms ago: executing program 4 (id=326): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1}, 0x18) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3}, 0x18) connect$can_j1939(r2, &(0x7f0000000140)={0x1d, r3}, 0x18) sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)='data', 0x4}}, 0x0) r4 = dup2(r2, r2) recvmsg$can_j1939(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)=""/4, 0x4}], 0x1}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r4) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r5, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r6, 0x20, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x9, 0x75}}}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x1026}, @NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x1083}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x1373}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x451}]}, 0x60}, 0x1, 0x0, 0x0, 0x840}, 0x8000) 155.37912ms ago: executing program 0 (id=327): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a0b04000000000000000002000000480004802c0001800b000100736f636b657400001c000280080002400000000b080001400000000308000300000000891800018008000100647570006a8c6ba4080001400000000c0900010073797a30000000000900020073797a32"], 0x9c}}, 0x0) 155.106634ms ago: executing program 5 (id=328): r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, &(0x7f0000000040)=""/4096, 0x1000) read$char_usb(r0, 0x0, 0x0) 0s ago: executing program 1 (id=329): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) kernel console output (not intermixed with test programs): command tx timeout [ 59.319787][ T53] Bluetooth: hci1: command tx timeout [ 59.325282][ T5844] Bluetooth: hci3: command tx timeout [ 59.398144][ T5828] hsr_slave_0: entered promiscuous mode [ 59.408207][ T5828] hsr_slave_1: entered promiscuous mode [ 59.414571][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.422121][ T5828] Cannot create hsr debugfs directory [ 59.442130][ T5840] hsr_slave_0: entered promiscuous mode [ 59.448325][ T5840] hsr_slave_1: entered promiscuous mode [ 59.455366][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.462974][ T5840] Cannot create hsr debugfs directory [ 59.479946][ T5834] hsr_slave_0: entered promiscuous mode [ 59.486082][ T5834] hsr_slave_1: entered promiscuous mode [ 59.492039][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.499903][ T5834] Cannot create hsr debugfs directory [ 59.781238][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.795187][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.825824][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.838590][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.870936][ T5840] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.881226][ T5840] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.913862][ T5840] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.936222][ T5840] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.951393][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.962793][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.976610][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.989563][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.075669][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.085534][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.118000][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.141634][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 60.180656][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.189950][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.218875][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.229161][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.261752][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.300075][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.352063][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.376833][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.384885][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.400708][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.420369][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.427545][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.455754][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.475698][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.484230][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.491342][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.508185][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.530150][ T1339] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.537310][ T1339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.550062][ T1339] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.557326][ T1339] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.591993][ T1339] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.599143][ T1339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.619460][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.638617][ T1339] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.645787][ T1339] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.666403][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.717376][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.740677][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.747870][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.797157][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.857615][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.864784][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.931662][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.939118][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.000665][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.201662][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.221153][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.314393][ T5844] Bluetooth: hci2: command tx timeout [ 61.352414][ T5827] veth0_vlan: entered promiscuous mode [ 61.386121][ T5826] veth0_vlan: entered promiscuous mode [ 61.400106][ T5844] Bluetooth: hci3: command tx timeout [ 61.405701][ T5838] Bluetooth: hci4: command tx timeout [ 61.407910][ T5827] veth1_vlan: entered promiscuous mode [ 61.411111][ T5838] Bluetooth: hci1: command tx timeout [ 61.422424][ T5842] Bluetooth: hci0: command tx timeout [ 61.441268][ T5826] veth1_vlan: entered promiscuous mode [ 61.461419][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.488737][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.509651][ T5827] veth0_macvtap: entered promiscuous mode [ 61.520249][ T5827] veth1_macvtap: entered promiscuous mode [ 61.561571][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.586981][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.619661][ T5840] veth0_vlan: entered promiscuous mode [ 61.626135][ T5826] veth0_macvtap: entered promiscuous mode [ 61.644153][ T5827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.653032][ T5827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.662842][ T5827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.672555][ T5827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.688722][ T5828] veth0_vlan: entered promiscuous mode [ 61.697340][ T5826] veth1_macvtap: entered promiscuous mode [ 61.716374][ T5840] veth1_vlan: entered promiscuous mode [ 61.732066][ T5834] veth0_vlan: entered promiscuous mode [ 61.772122][ T5834] veth1_vlan: entered promiscuous mode [ 61.781316][ T5828] veth1_vlan: entered promiscuous mode [ 61.818392][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.831272][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.842545][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.853100][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.868413][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.880580][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.925347][ T5826] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.935029][ T5826] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.944129][ T5826] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.952924][ T5826] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.967988][ T5840] veth0_macvtap: entered promiscuous mode [ 61.989227][ T5828] veth0_macvtap: entered promiscuous mode [ 62.009082][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.017973][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.028591][ T5828] veth1_macvtap: entered promiscuous mode [ 62.044936][ T5834] veth0_macvtap: entered promiscuous mode [ 62.059902][ T5840] veth1_macvtap: entered promiscuous mode [ 62.069806][ T5834] veth1_macvtap: entered promiscuous mode [ 62.116764][ T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.130586][ T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.153888][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.165747][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.175686][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.188595][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.201034][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.210656][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.221803][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.231982][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.242563][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.254255][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.265073][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.279934][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.300555][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.311480][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.321466][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.332359][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.342419][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.354174][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.364135][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.374683][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.385716][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.395478][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.406160][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.419545][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.430056][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.441824][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.459346][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.472756][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.485340][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.496515][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.506481][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.517589][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.528793][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.539614][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.541914][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 62.549030][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.573839][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.582571][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.595951][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.606529][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.616755][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.627408][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.637402][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.647968][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.658162][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.669575][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.683725][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.703957][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.711824][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.737557][ T5840] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.751780][ T5840] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.773456][ T5840] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.787167][ T5840] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.822397][ T5913] loop2: detected capacity change from 0 to 128 [ 62.823060][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.839689][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.848665][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.857459][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.897122][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.905703][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.111440][ T5915] x_tables: ip_tables: ah match: only valid for protocol 51 [ 63.131759][ T29] audit: type=1326 audit(1732157902.485:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 63.257115][ T29] audit: type=1326 audit(1732157902.485:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 63.333519][ T29] audit: type=1326 audit(1732157902.535:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 63.365511][ T29] audit: type=1326 audit(1732157902.535:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 63.410565][ T5844] Bluetooth: hci2: command tx timeout [ 63.474155][ T5842] Bluetooth: hci0: command tx timeout [ 63.481161][ T5842] Bluetooth: hci4: command tx timeout [ 63.490488][ T5838] Bluetooth: hci1: command tx timeout [ 63.498450][ T5844] Bluetooth: hci3: command tx timeout [ 63.503097][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.540472][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.565219][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.805011][ T1339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.812877][ T1339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.871759][ T1339] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.891727][ T1339] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.914631][ T5918] loop1: detected capacity change from 0 to 512 [ 63.981118][ T5920] loop2: detected capacity change from 0 to 128 [ 64.066292][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.093637][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 64.102016][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.196050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.338760][ T29] audit: type=1326 audit(1732157903.695:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 64.434791][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.459917][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.477979][ T29] audit: type=1326 audit(1732157903.725:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 64.504017][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.605601][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.696919][ T5925] loop0: detected capacity change from 0 to 128 [ 64.708588][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.712506][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 64.737040][ T5918] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.773552][ T5918] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.813429][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.836290][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.845553][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.852995][ T29] audit: type=1326 audit(1732157903.755:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 64.958495][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.007078][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.083362][ T29] audit: type=1326 audit(1732157903.785:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 65.118241][ T5932] x_tables: ip_tables: ah match: only valid for protocol 51 [ 65.484876][ T53] Bluetooth: hci2: command tx timeout [ 65.536880][ T29] audit: type=1326 audit(1732157904.065:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 65.561420][ T53] Bluetooth: hci3: command tx timeout [ 65.567190][ T53] Bluetooth: hci4: command tx timeout [ 65.572597][ T53] Bluetooth: hci0: command tx timeout [ 65.578428][ T53] Bluetooth: hci1: command tx timeout [ 65.621352][ T29] audit: type=1326 audit(1732157904.585:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 65.730572][ T5939] Illegal XDP return value 4294967294 on prog (id 2) dev N/A, expect packet loss! [ 65.965393][ T5942] loop3: detected capacity change from 0 to 2048 [ 66.757240][ T5942] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 67.330548][ T5947] loop0: detected capacity change from 0 to 2048 [ 67.433631][ T5948] loop4: detected capacity change from 0 to 256 [ 67.466472][ T5948] ======================================================= [ 67.466472][ T5948] WARNING: The mand mount option has been deprecated and [ 67.466472][ T5948] and is ignored by this kernel. Remove the mand [ 67.466472][ T5948] option from the mount to silence this warning. [ 67.466472][ T5948] ======================================================= [ 67.704915][ T5948] cgroup: Unknown subsys name 'cpuset' [ 67.995445][ T5950] loop4: detected capacity change from 0 to 8 [ 68.011635][ T5950] loop4: detected capacity change from 0 to 256 [ 68.018566][ T5950] exfat: Unknown parameter 'ÿ' [ 68.462654][ T5953] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 69.208526][ T5947] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 69.262938][ T5838] Bluetooth: hci1: unexpected event 0x01 length: 11 > 1 [ 69.586720][ T5956] loop2: detected capacity change from 0 to 128 [ 69.861385][ T5965] loop3: detected capacity change from 0 to 1024 [ 69.873541][ T5965] EXT4-fs: Ignoring removed orlov option [ 69.912675][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 69.912715][ T29] audit: type=1326 audit(1732157909.125:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 70.291874][ T29] audit: type=1326 audit(1732157909.125:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 70.306010][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.324467][ T29] audit: type=1326 audit(1732157909.135:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 70.419535][ T5956] x_tables: ip_tables: ah match: only valid for protocol 51 [ 70.514173][ T29] audit: type=1326 audit(1732157909.135:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 70.934677][ T29] audit: type=1326 audit(1732157909.135:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 71.423560][ T29] audit: type=1326 audit(1732157909.135:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 71.704918][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.706951][ T5965] ext4: Unknown parameter 'dont_measure' [ 71.711515][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.938523][ T29] audit: type=1326 audit(1732157909.145:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 71.958439][ T5977] loop1: detected capacity change from 0 to 512 [ 71.960752][ T29] audit: type=1326 audit(1732157909.145:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 71.998189][ T29] audit: type=1326 audit(1732157909.155:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 72.020496][ T29] audit: type=1326 audit(1732157909.155:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5959 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5e5417e853 code=0x7ffc0000 [ 72.022879][ T5977] EXT4-fs: quotafile must be on filesystem root [ 72.398934][ T5979] loop0: detected capacity change from 0 to 128 [ 72.495010][ T5979] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.547370][ T5979] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 72.603638][ T5979] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_64 policy on filesystem 'loop0' because it doesn't have stable inode numbers [ 72.720363][ T5880] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 72.721739][ T5828] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.758487][ T5988] loop2: detected capacity change from 0 to 128 [ 72.939837][ T5988] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.954871][ T5988] ext4 filesystem being mounted at /7/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 73.021756][ T5880] usb 2-1: Using ep0 maxpacket: 32 [ 73.052135][ T5983] loop3: detected capacity change from 0 to 1024 [ 73.074494][ T5880] usb 2-1: config 0 has an invalid descriptor of length 34, skipping remainder of the config [ 73.086641][ T5880] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 73.098902][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 33 [ 73.114377][ T5880] usb 2-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00 [ 73.121773][ T5994] loop0: detected capacity change from 0 to 128 [ 73.123712][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.164588][ T5983] EXT4-fs: inline encryption not supported [ 73.179718][ T5880] usb 2-1: config 0 descriptor?? [ 73.206114][ T5983] EXT4-fs: Ignoring removed orlov option [ 73.246724][ T5994] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.265669][ T5983] EXT4-fs (loop3): Test dummy encryption mode enabled [ 73.278821][ T5994] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.367498][ T5983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.436083][ T5880] usb 2-1: string descriptor 0 read error: -71 [ 73.475527][ T5880] usb 2-1: USB disconnect, device number 2 [ 73.499490][ T5827] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.499873][ T5983] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21'. [ 73.538316][ T5983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21'. [ 73.560294][ T5828] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.747792][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.749650][ T6003] netlink: 550 bytes leftover after parsing attributes in process `syz.4.26'. [ 73.822434][ T6001] loop0: detected capacity change from 0 to 512 [ 73.843094][ T6001] EXT4-fs: Ignoring removed oldalloc option [ 73.890096][ T6006] loop2: detected capacity change from 0 to 256 [ 73.910890][ T6001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.931921][ T6001] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.966086][ T6001] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.019024][ T6006] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 74.203233][ T5880] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 75.136321][ T6022] loop2: detected capacity change from 0 to 512 [ 75.267933][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.278973][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.301139][ T5880] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 75.856271][ T6014] loop4: detected capacity change from 0 to 1024 [ 76.245633][ T5880] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 76.255006][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.265053][ T5880] usb 4-1: config 0 descriptor?? [ 76.820698][ T6022] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 76.943434][ T6022] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 77.051646][ T6022] EXT4-fs (loop2): 1 truncate cleaned up [ 77.086362][ T6022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.100152][ T6024] netlink: 20 bytes leftover after parsing attributes in process `syz.0.33'. [ 77.308380][ T25] cfg80211: failed to load regulatory.db [ 77.816467][ T6031] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 77.860826][ T6031] No such timeout policy "syz0" [ 78.105123][ T5880] usbhid 4-1:0.0: can't add hid device: -71 [ 78.112724][ T5880] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 78.534495][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.902666][ T5880] usb 4-1: USB disconnect, device number 2 [ 78.936223][ T6040] loop3: detected capacity change from 0 to 1024 [ 79.175024][ T6040] EXT4-fs: Ignoring removed orlov option [ 79.195731][ T6040] EXT4-fs (loop3): Test dummy encryption mode enabled [ 79.818251][ T6040] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 79.835447][ T6039] loop4: detected capacity change from 0 to 1024 [ 79.842981][ T6039] EXT4-fs: Ignoring removed orlov option [ 79.864429][ T6039] EXT4-fs (loop4): Test dummy encryption mode enabled [ 80.458195][ T6040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.556361][ T6039] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.663944][ T974] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 80.764694][ T6040] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 80.829970][ T974] usb 1-1: Using ep0 maxpacket: 16 [ 80.991268][ T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.148560][ T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.160062][ T6039] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 81.172298][ T6040] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 81.181938][ T974] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 81.207443][ T974] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00 [ 81.226976][ T974] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.257842][ T6069] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 81.295151][ T974] usb 1-1: config 0 descriptor?? [ 81.361241][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.379790][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.393958][ T5880] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 81.559014][ T5880] usb 2-1: Using ep0 maxpacket: 16 [ 81.566338][ T5880] usb 2-1: config 5 has an invalid interface number: 168 but max is 0 [ 81.575418][ T5880] usb 2-1: config 5 has no interface number 0 [ 81.581549][ T5880] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 81.603275][ T768] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 81.623540][ T5880] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024 [ 81.643261][ T5880] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x4 has invalid maxpacket 1023 [ 81.657023][ T5880] usb 2-1: config 5 interface 168 has no altsetting 0 [ 81.665875][ T5880] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58 [ 81.675160][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.683300][ T5880] usb 2-1: Product: syz [ 81.687459][ T5880] usb 2-1: Manufacturer: syz [ 81.692039][ T5880] usb 2-1: SerialNumber: syz [ 81.699774][ T6064] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 81.710198][ T6064] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 81.717556][ T5884] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 81.759810][ T974] input: HID 0955:7214 Haptics as /devices/virtual/input/input5 [ 81.773699][ T768] usb 3-1: Using ep0 maxpacket: 8 [ 81.783635][ T5882] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 81.797921][ T768] usb 3-1: config 162 has an invalid interface number: 251 but max is 1 [ 81.805933][ T974] shield 0003:0955:7214.0001: Registered Thunderstrike controller [ 81.810893][ T768] usb 3-1: config 162 has an invalid interface number: 209 but max is 1 [ 81.822518][ T974] shield 0003:0955:7214.0001: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 81.826404][ T768] usb 3-1: config 162 has no interface number 0 [ 81.840816][ T768] usb 3-1: config 162 has no interface number 1 [ 81.847409][ T768] usb 3-1: config 162 interface 251 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 81.860657][ T768] usb 3-1: config 162 interface 209 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 81.872417][ T768] usb 3-1: config 162 interface 209 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 81.886722][ T768] usb 3-1: config 162 interface 209 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 81.894518][ T5884] usb 5-1: Using ep0 maxpacket: 8 [ 81.898458][ T768] usb 3-1: config 162 interface 209 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 81.917756][ T768] usb 3-1: config 162 interface 209 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 81.919705][ T5884] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 81.937983][ T768] usb 3-1: config 162 interface 251 has no altsetting 0 [ 81.955327][ T5884] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice= 9.58 [ 81.955507][ T768] usb 3-1: config 162 interface 209 has no altsetting 0 [ 81.971136][ T5884] usb 5-1: New USB device strings: Mfr=64, Product=2, SerialNumber=3 [ 81.982358][ T5884] usb 5-1: Product: syz [ 81.983701][ T5882] usb 4-1: Using ep0 maxpacket: 8 [ 81.992283][ T5884] usb 5-1: Manufacturer: syz [ 82.005992][ C1] usb 2-1: NFC: Urb failure (status -71) [ 82.006718][ T8] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 82.012358][ C1] usb 2-1: NFC: Urb failure (status -71) [ 82.024441][ T5884] usb 5-1: SerialNumber: syz [ 82.037864][ T5880] usb 2-1: NFC: Unable to get FW version [ 82.045868][ T5880] pn533_usb 2-1:5.168: probe with driver pn533_usb failed with error -71 [ 82.051507][ T8] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 82.069707][ T768] usb 3-1: New USB device found, idVendor=1608, idProduct=0010, bcdDevice=4f.88 [ 82.079296][ T768] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.087630][ T768] usb 3-1: Product: syz [ 82.091823][ T768] usb 3-1: Manufacturer: syz [ 82.096604][ T768] usb 3-1: SerialNumber: syz [ 82.102284][ T25] usb 1-1: USB disconnect, device number 2 [ 82.102591][ T8] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 82.115135][ T5882] usb 4-1: unable to get BOS descriptor or descriptor too short [ 82.123704][ T5884] usb 5-1: config 0 descriptor?? [ 82.129087][ T5880] usb 2-1: USB disconnect, device number 3 [ 82.147644][ T5882] usb 4-1: config 8 has an invalid interface number: 24 but max is 0 [ 82.155857][ T5882] usb 4-1: config 8 has no interface number 0 [ 82.163243][ T5882] usb 4-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024 [ 82.164811][ T5884] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 82.174559][ T5882] usb 4-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 255, changing to 11 [ 82.187562][ T8] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 82.192278][ T5882] usb 4-1: config 8 interface 24 has no altsetting 0 [ 82.221741][ T5882] usb 4-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af [ 82.233278][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.241361][ T5882] usb 4-1: Product: syz [ 82.245636][ T5882] usb 4-1: Manufacturer: syz [ 82.250279][ T5882] usb 4-1: SerialNumber: syz [ 82.271971][ T6090] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22 [ 82.352791][ T768] io_edgeport 3-1:162.251: required endpoints missing [ 82.363350][ T768] io_edgeport 3-1:162.209: Edgeport 2 port adapter converter detected [ 82.374193][ T768] usb 3-1: detected [ 82.378942][ T768] usb 3-1: error in getting manufacturer descriptor: -71 [ 82.386711][ T768] usb 3-1: error in getting boot descriptor: -71 [ 82.393102][ T768] usb 3-1: Device Reported 0 serial ports vs. core thinking we have 2 ports, email greg@kroah.com this information. [ 82.411574][ T768] usb 3-1: Direct firmware load for edgeport/down.fw failed with error -2 [ 82.420692][ T768] usb 3-1: Falling back to sysfs fallback for: edgeport/down.fw [ 82.506564][ T5882] comedi comedi0: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'. [ 82.530133][ T5882] usb 4-1: USB disconnect, device number 3 [ 82.780555][ T5884] gspca_zc3xx: reg_w_i err -71 [ 82.903390][ T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 82.909380][ T6099] warning: `syz.2.49' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 82.953237][ T5879] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 83.376199][ T6104] loop2: detected capacity change from 0 to 1024 [ 83.385758][ T6104] EXT4-fs: Ignoring removed mblk_io_submit option [ 83.848955][ T8] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 83.863459][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 83.872395][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 83.883479][ T5884] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 83.890418][ T6104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.950955][ T5884] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 83.970864][ T5879] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=b9.bf [ 83.980076][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.992375][ T5884] usb 5-1: USB disconnect, device number 2 [ 83.998372][ T5879] usb 2-1: Product: syz [ 84.002657][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.011857][ T5879] usb 2-1: Manufacturer: syz [ 84.017493][ T5879] usb 2-1: SerialNumber: syz [ 84.028497][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.038542][ T5879] usb 2-1: config 0 descriptor?? [ 84.044807][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.101348][ T5879] usb 2-1: Waiting for MOTU Microbook II to boot up... [ 84.103276][ T5882] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 84.108375][ T5879] usb 2-1: failed setting the sample rate for Motu MicroBook II: -22 [ 84.124163][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.130921][ T5879] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 84.143944][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.152878][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.168494][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.174374][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.187701][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.196981][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.214970][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.231215][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.250252][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.263635][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.278070][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.287302][ T5882] usb 4-1: Using ep0 maxpacket: 16 [ 84.298498][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.311533][ T5882] usb 4-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.349094][ T5882] usb 4-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 84.365289][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.372104][ T5882] usb 4-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8 [ 84.372137][ T5882] usb 4-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 84.372166][ T5882] usb 4-1: config 1 interface 0 has no altsetting 0 [ 84.373759][ T5882] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 84.395570][ T5884] usb 2-1: USB disconnect, device number 4 [ 84.429173][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 84.450191][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.476514][ T5882] usb 4-1: SerialNumber: syz [ 84.483350][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.507114][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.510942][ T6106] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 84.529018][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 84.542995][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 84.552184][ T6106] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 84.567356][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 84.586920][ T8] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 84.596629][ T8] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 84.607490][ T8] usb 1-1: Product: syz [ 84.611689][ T8] usb 1-1: Manufacturer: syz [ 84.626224][ T8] usb 1-1: SerialNumber: syz [ 84.636763][ T8] usb 1-1: config 0 descriptor?? [ 84.666847][ T8] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0 [ 84.703260][ T5879] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 84.786751][ T6106] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 84.798842][ T6106] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 84.873589][ T5879] usb 5-1: Using ep0 maxpacket: 16 [ 84.889719][ T5879] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 84.924543][ T5879] usb 5-1: config 0 has no interface number 0 [ 84.930724][ T5879] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 84.959102][ T5879] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 84.969888][ T5879] usb 5-1: config 0 interface 41 has no altsetting 0 [ 84.978224][ C0] usb 1-1: yurex_control_callback - control failed: -71 [ 84.988674][ T8] usb 1-1: USB disconnect, device number 3 [ 84.999985][ T5879] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 85.009884][ T8] yurex 1-1:0.0: USB YUREX #0 now disconnected [ 85.027686][ T5879] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.051803][ T5879] usb 5-1: Product: syz [ 85.056392][ T5879] usb 5-1: Manufacturer: syz [ 85.061157][ T5879] usb 5-1: SerialNumber: syz [ 85.104421][ T5879] usb 5-1: config 0 descriptor?? [ 85.110813][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 85.131089][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 85.372152][ T5882] cdc_ether 4-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 85.644060][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 85.765273][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 86.121673][ T5882] usb 4-1: USB disconnect, device number 4 [ 86.129256][ T5882] cdc_ether 4-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device [ 86.283506][ T5884] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 86.332793][ T5879] Error reading MAC address [ 86.338620][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 86.356606][ T6113] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 86.583340][ T5880] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 86.760603][ T5880] usb 1-1: config 32 has an invalid interface number: 228 but max is 0 [ 86.793454][ T5880] usb 1-1: config 32 has no interface number 0 [ 86.834936][ T5880] usb 1-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=b1.9b [ 86.870688][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.895698][ T5880] usb 1-1: Product: syz [ 86.910323][ T5880] usb 1-1: Manufacturer: syz [ 86.928206][ T5880] usb 1-1: SerialNumber: syz [ 87.113304][ T5882] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 87.214272][ T5880] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 87.247603][ T5880] dvb-usb: bulk message failed: -22 (4/0) [ 87.261017][ T5880] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 87.280596][ T5880] dvb-usb: bulk message failed: -22 (5/0) [ 87.291927][ T5880] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 87.307705][ T5882] usb 4-1: Using ep0 maxpacket: 16 [ 87.318957][ T5882] usb 4-1: unable to get BOS descriptor or descriptor too short [ 87.335648][ T5884] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 87.340635][ T5880] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 87.351023][ T5884] usb 2-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 87.355318][ T5880] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 87.374484][ T5882] usb 4-1: config 129 has an invalid interface number: 50 but max is 0 [ 87.382772][ T5882] usb 4-1: config 129 has no interface number 0 [ 87.384857][ T5884] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 87.396613][ T5880] usb 1-1: media controller created [ 87.409314][ T5882] usb 4-1: config 129 interface 50 altsetting 250 bulk endpoint 0xC has invalid maxpacket 16 [ 87.410135][ T5884] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 87.430611][ T5882] usb 4-1: config 129 interface 50 altsetting 250 has an endpoint descriptor with address 0xFD, changing to 0x8D [ 87.430647][ T5882] usb 4-1: config 129 interface 50 altsetting 250 endpoint 0x8D has invalid maxpacket 18502, setting to 1024 [ 87.430673][ T5882] usb 4-1: config 129 interface 50 altsetting 250 bulk endpoint 0x8D has invalid maxpacket 1024 [ 87.430697][ T5882] usb 4-1: config 129 interface 50 altsetting 250 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 87.430724][ T5882] usb 4-1: config 129 interface 50 has no altsetting 0 [ 87.434478][ T5882] usb 4-1: New USB device found, idVendor=05a3, idProduct=8388, bcdDevice=a7.f4 [ 87.492732][ T5884] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 87.500032][ T5880] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 87.527499][ T5880] ttusb2: set interface to alts=3 failed [ 87.531936][ T5884] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 87.551222][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 87.558902][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.559622][ T5884] usb 2-1: Product: syz [ 87.572251][ T5884] usb 2-1: Manufacturer: syz [ 87.582037][ T5882] usb 4-1: Product: syz [ 87.589764][ T5884] cdc_wdm 2-1:1.0: skipping garbage [ 87.603647][ T5884] cdc_wdm 2-1:1.0: skipping garbage [ 87.614636][ T5882] usb 4-1: Manufacturer: syz [ 87.619911][ T5880] DVB: Unable to find symbol tda10086_attach() [ 87.620874][ T5884] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 87.626913][ T5880] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 87.642361][ T5882] usb 4-1: SerialNumber: syz [ 87.658078][ T5884] cdc_wdm 2-1:1.0: Unknown control protocol [ 87.668801][ T6141] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22 [ 87.669030][ T5880] dvb-usb: bulk message failed: -22 (4/0) [ 87.676628][ T6141] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22 [ 87.689139][ T5880] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 87.707873][ T5880] dvb-usb: bulk message failed: -22 (5/0) [ 87.721048][ T5880] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 87.774170][ T5880] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 87.814838][ T5880] usb 1-1: USB disconnect, device number 4 [ 87.846602][ T5883] usb 2-1: USB disconnect, device number 5 [ 87.900857][ T5880] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 87.927292][ T6141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 87.969348][ T6141] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.005177][ T5882] usb 4-1: USB disconnect, device number 5 [ 88.203710][ T5880] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 88.284919][ T5883] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 88.366188][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.377221][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.387165][ T5880] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 88.400042][ T5880] usb 1-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 88.409224][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.419122][ T5880] usb 1-1: config 0 descriptor?? [ 88.445227][ T5883] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 88.454110][ T5883] usb 2-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 88.465604][ T5883] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 88.474699][ T5883] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 88.485901][ T5883] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 88.500519][ T5883] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 88.509979][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 88.518098][ T5883] usb 2-1: Product: syz [ 88.522572][ T5883] usb 2-1: Manufacturer: syz [ 88.544626][ T5883] cdc_wdm 2-1:1.0: skipping garbage [ 88.549930][ T5883] cdc_wdm 2-1:1.0: skipping garbage [ 88.574907][ T5883] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 88.586145][ T5883] cdc_wdm 2-1:1.0: Unknown control protocol [ 88.632240][ T6160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.641278][ T6160] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.652465][ T6160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.661179][ T6160] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.674161][ T5880] usbhid 1-1:0.0: can't add hid device: -71 [ 88.682487][ T5880] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 88.694506][ T5880] usb 1-1: USB disconnect, device number 5 [ 88.823388][ T974] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 88.940495][ T5879] sr9700 5-1:0.41 eth1: register 'sr9700' at usb-dummy_hcd.4-1, CoreChip SR9700 USB Ethernet, ee:8f:59:75:d0:58 [ 88.961605][ T5879] usb 5-1: USB disconnect, device number 3 [ 88.971155][ T5879] sr9700 5-1:0.41 eth1: unregister 'sr9700' usb-dummy_hcd.4-1, CoreChip SR9700 USB Ethernet [ 88.982498][ T974] usb 4-1: Using ep0 maxpacket: 8 [ 88.993947][ T974] usb 4-1: config 0 has no interfaces? [ 89.002129][ T974] usb 4-1: New USB device found, idVendor=05ac, idProduct=1202, bcdDevice=32.f0 [ 89.011840][ T974] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.019901][ T974] usb 4-1: Product: syz [ 89.024207][ T974] usb 4-1: Manufacturer: syz [ 89.028835][ T974] usb 4-1: SerialNumber: syz [ 89.038870][ T974] apple-mfi-fastcharge 4-1: config 0 descriptor?? [ 89.118927][ T5884] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 89.256550][ T5880] apple-mfi-fastcharge 4-1: USB disconnect, device number 6 [ 89.273380][ T5884] usb 1-1: Using ep0 maxpacket: 8 [ 89.279933][ T5884] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 89.289725][ T5884] usb 1-1: config 0 has no interface number 0 [ 89.301619][ T5884] usb 1-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 89.312005][ T5884] usb 1-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 89.322341][ T5884] usb 1-1: config 0 interface 1 has no altsetting 0 [ 89.331577][ T5884] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 89.340928][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.352571][ T5884] usb 1-1: config 0 descriptor?? [ 89.360319][ T5884] hso 1-1:0.1: Failed to find BULK OUT ep [ 89.501149][ T6164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.509961][ T6164] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 89.561715][ T5883] usb 1-1: USB disconnect, device number 6 [ 89.694855][ T5880] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 89.866116][ T5880] usb 5-1: Using ep0 maxpacket: 16 [ 89.891472][ T5880] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.903820][ T5880] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 96 [ 89.913954][ T5880] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 89.923742][ T5880] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 89.938312][ T5880] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 89.947941][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 89.956165][ T5880] usb 5-1: SerialNumber: syz [ 89.969445][ T6168] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 89.978457][ T6168] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 89.987298][ T5880] hub 5-1:1.0: bad descriptor, ignoring hub [ 89.994127][ T5880] hub 5-1:1.0: probe with driver hub failed with error -5 [ 90.129265][ T5883] usb 2-1: USB disconnect, device number 6 [ 90.213589][ T6168] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 90.218439][ T6176] loop0: detected capacity change from 0 to 512 [ 90.220838][ T6168] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 90.266371][ T6176] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 90.276297][ T6176] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002] [ 90.286981][ T6176] System zones: 1-12 [ 90.291395][ T6176] EXT4-fs (loop0): orphan cleanup on readonly fs [ 90.302871][ T6176] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 90.318640][ T6176] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 90.331809][ T6176] EXT4-fs (loop0): 1 truncate cleaned up [ 90.339071][ T6176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 90.389726][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.503037][ T6181] netlink: 666 bytes leftover after parsing attributes in process `syz.0.67'. [ 90.744092][ T5880] cdc_ether 5-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 90.830765][ T6191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.72'. [ 90.929883][ T6168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.945180][ T6168] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.965901][ T6195] netlink: 16 bytes leftover after parsing attributes in process `syz.3.73'. [ 91.003647][ T5884] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 91.072876][ T6195] No such timeout policy "syz0" [ 91.488736][ T25] usb 5-1: USB disconnect, device number 4 [ 91.528881][ T25] cdc_ether 5-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 92.337940][ T6221] 9pnet_fd: Insufficient options for proto=fd [ 92.345026][ T5884] usb 1-1: Using ep0 maxpacket: 8 [ 92.363648][ T5884] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 92.374416][ T5911] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 92.691932][ T5884] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 92.702047][ T5884] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 92.711919][ T5884] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 92.722114][ T5884] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 92.735408][ T5884] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 92.744758][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.768078][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 92.768097][ T29] audit: type=1326 audit(1732157932.025:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 92.905394][ T5911] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 92.917687][ T5911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.934156][ T5911] usb 2-1: config 0 descriptor?? [ 92.943341][ T29] audit: type=1326 audit(1732157932.045:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 93.153589][ T29] audit: type=1326 audit(1732157932.045:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 93.545942][ T29] audit: type=1326 audit(1732157932.045:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 93.571261][ T6187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.657853][ T6187] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.736094][ T6187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.751146][ T6238] nfs4: Unknown parameter 'context …' [ 93.776314][ T29] audit: type=1326 audit(1732157932.045:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 93.825542][ T6187] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.920772][ T5884] usb 1-1: GET_CAPABILITIES returned 0 [ 93.926478][ T5884] usbtmc 1-1:16.0: can't read capabilities [ 93.943392][ T5911] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 93.967888][ T29] audit: type=1326 audit(1732157932.065:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 94.538545][ T6245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.547148][ T6245] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.561973][ T29] audit: type=1326 audit(1732157932.115:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 94.608941][ T5911] usb 2-1: USB disconnect, device number 7 [ 94.896601][ T6245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.956593][ T29] audit: type=1326 audit(1732157932.115:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 94.994192][ T6245] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.033350][ T29] audit: type=1326 audit(1732157932.185:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 95.167758][ T29] audit: type=1326 audit(1732157932.185:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.2.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102ab7e819 code=0x7ffc0000 [ 95.338696][ T6263] loop3: detected capacity change from 0 to 1024 [ 95.387712][ T6263] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.90: Failed to acquire dquot type 0 [ 95.410016][ T6263] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 95.433447][ T6263] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.90: corrupted inode contents [ 95.448498][ T6263] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #13: comm syz.3.90: mark_inode_dirty error [ 95.461493][ T6263] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.90: corrupted inode contents [ 95.477928][ T6263] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.90: mark_inode_dirty error [ 95.491397][ T6263] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.90: corrupted inode contents [ 95.506550][ T6263] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 95.517967][ T6263] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.90: corrupted inode contents [ 95.532983][ T6263] EXT4-fs error (device loop3): ext4_truncate:4240: inode #13: comm syz.3.90: mark_inode_dirty error [ 95.558179][ T6263] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 95.580806][ T6263] EXT4-fs (loop3): 1 truncate cleaned up [ 95.587966][ T6269] tipc: Can't bind to reserved service type 0 [ 95.603106][ T6263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.696935][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.832204][ T5880] usb 1-1: USB disconnect, device number 7 [ 95.927937][ T6274] netlink: 28 bytes leftover after parsing attributes in process `syz.0.93'. [ 96.408777][ T6284] syz.0.97[6284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.408844][ T6284] syz.0.97[6284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.442495][ T6284] syz.0.97[6284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.541389][ T6287] loop0: detected capacity change from 0 to 128 [ 96.622223][ T6287] syz.0.98: attempt to access beyond end of device [ 96.622223][ T6287] loop0: rw=2049, sector=145, nr_sectors = 481 limit=128 [ 96.810787][ T6291] loop3: detected capacity change from 0 to 512 [ 96.856793][ T6291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.871639][ T6291] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 97.075836][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.280047][ T6308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.103'. [ 97.616589][ T6315] netlink: 'syz.0.108': attribute type 2 has an invalid length. [ 97.629292][ T6315] netlink: 'syz.0.108': attribute type 8 has an invalid length. [ 97.639260][ T6315] netlink: 32 bytes leftover after parsing attributes in process `syz.0.108'. [ 97.707747][ T6315] syz.0.108 uses obsolete (PF_INET,SOCK_PACKET) [ 97.949872][ T6315] netlink: 'syz.0.108': attribute type 39 has an invalid length. [ 98.406056][ T6323] netlink: 4 bytes leftover after parsing attributes in process `syz.3.111'. [ 98.632845][ T6331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.116'. [ 98.778210][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 98.778229][ T29] audit: type=1326 audit(1732157938.135:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 98.785770][ T6339] syz.4.115[6339] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.838517][ T29] audit: type=1326 audit(1732157938.135:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 98.866860][ T6339] syz.4.115[6339] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.882067][ T29] audit: type=1326 audit(1732157938.135:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 98.927102][ T6339] syz.4.115[6339] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.972523][ T6344] serio: Serial port ptm0 [ 98.983227][ T29] audit: type=1326 audit(1732157938.135:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.049675][ T29] audit: type=1326 audit(1732157938.135:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.226864][ T29] audit: type=1326 audit(1732157938.135:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.531927][ T29] audit: type=1326 audit(1732157938.135:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.693325][ T29] audit: type=1326 audit(1732157938.135:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.760024][ T29] audit: type=1326 audit(1732157938.135:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 99.782372][ T29] audit: type=1326 audit(1732157938.145:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dcff7e819 code=0x7ffc0000 [ 100.142018][ T6367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.129'. [ 100.274782][ T6367] bond1: entered promiscuous mode [ 100.283589][ T6367] bond1: entered allmulticast mode [ 100.293707][ T6367] 8021q: adding VLAN 0 to HW filter on device bond1 [ 100.381999][ T6377] loop1: detected capacity change from 0 to 512 [ 100.401689][ T6377] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 100.564864][ T6377] EXT4-fs (loop1): 1 truncate cleaned up [ 100.571539][ T6377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.833819][ T6391] netlink: 20 bytes leftover after parsing attributes in process `syz.2.140'. [ 100.854339][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.594108][ T6424] loop1: detected capacity change from 0 to 1024 [ 101.641519][ T6424] ext4: Bad value for 'max_dir_size_kb' [ 101.719035][ T6424] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.744405][ T6432] netlink: 666 bytes leftover after parsing attributes in process `syz.2.154'. [ 102.764660][ T6436] tty tty23: ldisc open failed (-12), clearing slot 22 [ 103.020776][ T6443] loop1: detected capacity change from 0 to 164 [ 103.170847][ T6451] loop2: detected capacity change from 0 to 512 [ 103.291868][ T6451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.325324][ T6451] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.413726][ T6451] netlink: 268 bytes leftover after parsing attributes in process `syz.2.162'. [ 103.631730][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.834779][ T6473] loop1: detected capacity change from 0 to 512 [ 103.845467][ T6473] ext2: Unknown parameter 'seclabel' [ 103.999753][ T6478] syz.0.173[6478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 103.999851][ T6478] syz.0.173[6478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.017855][ T6478] syz.0.173[6478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.158788][ T6482] netlink: 8 bytes leftover after parsing attributes in process `syz.0.175'. [ 104.334852][ T6484] loop2: detected capacity change from 0 to 1024 [ 104.361219][ T6484] EXT4-fs: Ignoring removed orlov option [ 104.383261][ T6484] EXT4-fs: Ignoring removed nomblk_io_submit option [ 104.454240][ T6484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.500874][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 104.500892][ T29] audit: type=1800 audit(1732157943.855:107): pid=6484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.176" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 104.550322][ T6490] netlink: 4 bytes leftover after parsing attributes in process `syz.0.178'. [ 104.612505][ T6490] hsr_slave_1 (unregistering): left promiscuous mode [ 104.676797][ T6484] loop2: detected capacity change from 1024 to 64 [ 104.699367][ T6492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.176'. [ 104.778690][ T6494] loop3: detected capacity change from 0 to 1024 [ 104.864822][ T6494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.155063][ T6503] loop0: detected capacity change from 0 to 1024 [ 105.683996][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 105.742596][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.794106][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 105.923757][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 106.046315][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 106.112472][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 106.738044][ T6509] loop1: detected capacity change from 0 to 2048 [ 107.325069][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 107.408344][ T6509] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.431334][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 107.501435][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 107.517139][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 107.531201][ T5827] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 107.656860][ T6518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.187'. [ 107.748717][ T6520] netlink: 56 bytes leftover after parsing attributes in process `syz.3.189'. [ 107.786969][ T6520] loop3: detected capacity change from 0 to 1024 [ 107.795549][ T6520] EXT4-fs: Ignoring removed orlov option [ 107.801245][ T6520] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.831775][ T29] audit: type=1326 audit(1732157947.125:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 107.842753][ T6518] bond1: entered promiscuous mode [ 107.862490][ T6518] bond1: entered allmulticast mode [ 107.878692][ T6518] 8021q: adding VLAN 0 to HW filter on device bond1 [ 107.883224][ T29] audit: type=1326 audit(1732157947.125:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 107.933204][ T29] audit: type=1326 audit(1732157947.125:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 107.973226][ T29] audit: type=1326 audit(1732157947.125:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 108.023361][ T29] audit: type=1326 audit(1732157947.125:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 108.064837][ T29] audit: type=1326 audit(1732157947.125:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 108.113270][ T29] audit: type=1326 audit(1732157947.125:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 108.135076][ T6527] capability: warning: `syz.1.191' uses deprecated v2 capabilities in a way that may be insecure [ 108.153216][ T29] audit: type=1326 audit(1732157947.125:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5e5417e853 code=0x7ffc0000 [ 108.203370][ T29] audit: type=1326 audit(1732157947.135:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6519 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5e5417d2ff code=0x7ffc0000 [ 108.273914][ T6520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.487163][ T6529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.192'. [ 108.518489][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.563054][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.761699][ T6487] kmmpd-loop2: attempt to access beyond end of device [ 108.761699][ T6487] loop2: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 108.785794][ T6487] Buffer I/O error on dev loop2, logical block 64, lost sync page write [ 108.921451][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.387627][ T6547] loop1: detected capacity change from 0 to 1024 [ 109.917014][ T6551] serio: Serial port pts0 [ 109.926120][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.202523][ T6553] No such timeout policy "syz0" [ 111.279893][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.677308][ T6557] syz.3.203: vmalloc error: size 100663296, failed to allocated page array size 196608, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 111.750547][ T6557] CPU: 0 UID: 0 PID: 6557 Comm: syz.3.203 Not tainted 6.12.0-next-20241120-syzkaller #0 [ 111.760326][ T6557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 111.770409][ T6557] Call Trace: [ 111.773703][ T6557] [ 111.776636][ T6557] dump_stack_lvl+0x241/0x360 [ 111.781319][ T6557] ? __pfx_dump_stack_lvl+0x10/0x10 [ 111.786514][ T6557] ? __pfx__printk+0x10/0x10 [ 111.791103][ T6557] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 111.797525][ T6557] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 111.804035][ T6557] warn_alloc+0x278/0x410 [ 111.808368][ T6557] ? __pfx_warn_alloc+0x10/0x10 [ 111.813227][ T6557] ? bpf_uprobe_multi_link_attach+0x498/0xdd0 [ 111.819311][ T6557] ? __get_vm_area_node+0x1c8/0x2d0 [ 111.824516][ T6557] ? __get_vm_area_node+0x25c/0x2d0 [ 111.829721][ T6557] __vmalloc_node_range_noprof+0x62f/0x1380 [ 111.835613][ T6557] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 111.841346][ T6557] ? rcu_is_watching+0x15/0xb0 [ 111.846111][ T6557] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 111.852438][ T6557] ? rcu_is_watching+0x15/0xb0 [ 111.857210][ T6557] ? trace_kmalloc+0x1f/0xd0 [ 111.861804][ T6557] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 111.867265][ T6557] ? __kvmalloc_node_noprof+0x72/0x190 [ 111.872727][ T6557] __kvmalloc_node_noprof+0x142/0x190 [ 111.878104][ T6557] ? bpf_uprobe_multi_link_attach+0x498/0xdd0 [ 111.884177][ T6557] bpf_uprobe_multi_link_attach+0x498/0xdd0 [ 111.890086][ T6557] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 111.896551][ T6557] ? __fget_files+0x395/0x410 [ 111.901234][ T6557] ? bpf_prog_attach_check_attach_type+0x42c/0x4f0 [ 111.907739][ T6557] link_create+0x6d7/0x870 [ 111.912163][ T6557] __sys_bpf+0x4bc/0x810 [ 111.916413][ T6557] ? __pfx___sys_bpf+0x10/0x10 [ 111.921195][ T6557] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 111.927181][ T6557] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 111.933519][ T6557] ? do_syscall_64+0x100/0x230 [ 111.938285][ T6557] __x64_sys_bpf+0x7c/0x90 [ 111.942705][ T6557] do_syscall_64+0xf3/0x230 [ 111.947207][ T6557] ? clear_bhb_loop+0x35/0x90 [ 111.951888][ T6557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.957801][ T6557] RIP: 0033:0x7f5e5417e819 [ 111.962216][ T6557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.981817][ T6557] RSP: 002b:00007f5e54fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 111.990235][ T6557] RAX: ffffffffffffffda RBX: 00007f5e54335fa0 RCX: 00007f5e5417e819 [ 111.998213][ T6557] RDX: 0000000000000040 RSI: 0000000020000100 RDI: 000000000000001c [ 112.006187][ T6557] RBP: 00007f5e541f175e R08: 0000000000000000 R09: 0000000000000000 [ 112.014155][ T6557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.022121][ T6557] R13: 0000000000000000 R14: 00007f5e54335fa0 R15: 00007fffab269248 [ 112.030108][ T6557] [ 112.060207][ T6557] Mem-Info: [ 112.063515][ T6557] active_anon:19452 inactive_anon:0 isolated_anon:0 [ 112.063515][ T6557] active_file:21128 inactive_file:38208 isolated_file:0 [ 112.063515][ T6557] unevictable:768 dirty:329 writeback:0 [ 112.063515][ T6557] slab_reclaimable:9938 slab_unreclaimable:97304 [ 112.063515][ T6557] mapped:29302 shmem:16016 pagetables:810 [ 112.063515][ T6557] sec_pagetables:0 bounce:0 [ 112.063515][ T6557] kernel_misc_reclaimable:0 [ 112.063515][ T6557] free:1299140 free_pcp:1602 free_cma:0 [ 112.066433][ T6570] netlink: 536 bytes leftover after parsing attributes in process `syz.0.207'. [ 112.110711][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.139193][ T6557] Node 0 active_anon:75036kB inactive_anon:0kB active_file:84512kB inactive_file:152756kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117232kB dirty:1316kB writeback:0kB shmem:59676kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11144kB pagetables:3256kB sec_pagetables:0kB all_unreclaimable? no [ 112.172507][ T6557] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 112.203049][ T6557] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 112.230761][ T6557] lowmem_reserve[]: 0 2465 2466 0 0 [ 112.236480][ T6557] Node 0 DMA32 free:1288712kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:52796kB inactive_anon:0kB active_file:84512kB inactive_file:151928kB unevictable:1536kB writepending:1312kB present:3129332kB managed:2552864kB mlocked:0kB bounce:0kB free_pcp:23324kB local_pcp:4200kB free_cma:0kB [ 112.267198][ T6557] lowmem_reserve[]: 0 0 0 0 0 [ 112.271959][ T6557] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:4kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 112.299128][ T6557] lowmem_reserve[]: 0 0 0 0 0 [ 112.303935][ T6557] Node 1 Normal free:3900488kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 112.333261][ T6557] lowmem_reserve[]: 0 0 0 0 0 [ 112.338032][ T6557] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 112.351305][ T6557] Node 0 DMA32: 117*4kB (UME) 337*8kB (UME) 455*16kB (ME) 562*32kB (UME) 373*64kB (UME) 238*128kB (UME) 150*256kB (UME) 125*512kB (UME) 71*1024kB (UME) 27*2048kB (UME) 244*4096kB (UM) = 1312588kB [ 112.370923][ T6557] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 112.382619][ T6557] Node 1 Normal: 237*4kB (UE) 47*8kB (UME) 41*16kB (UME) 208*32kB (UME) 87*64kB (UME) 36*128kB (UME) 15*256kB (UM) 10*512kB (UM) 2*1024kB (UM) 4*2048kB (UE) 943*4096kB (M) = 3900540kB [ 112.401174][ T6557] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 112.410804][ T6557] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 112.420250][ T6557] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 112.430231][ T6557] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 112.440042][ T6557] 60886 total pagecache pages [ 112.444795][ T6557] 0 pages in swap cache [ 112.444843][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 112.444857][ T29] audit: type=1326 audit(1732157951.785:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.448940][ T6557] Free swap = 124728kB [ 112.465004][ T29] audit: type=1326 audit(1732157951.785:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.477315][ T6557] Total swap = 124996kB [ 112.481422][ T29] audit: type=1326 audit(1732157951.785:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.503649][ T6557] 2097051 pages RAM [ 112.507772][ T29] audit: type=1326 audit(1732157951.785:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.530844][ T6557] 0 pages HighMem/MovableOnly [ 112.557444][ T29] audit: type=1326 audit(1732157951.785:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.561339][ T6557] 426985 pages reserved [ 112.587786][ T6557] 0 pages cma reserved [ 112.587863][ T29] audit: type=1326 audit(1732157951.785:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.614202][ T29] audit: type=1326 audit(1732157951.785:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.637085][ T29] audit: type=1326 audit(1732157951.785:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.674433][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 112.675903][ T29] audit: type=1326 audit(1732157951.785:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.734386][ T29] audit: type=1326 audit(1732157951.785:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6572 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8cb7e819 code=0x7ffc0000 [ 112.760085][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 112.773114][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 112.795331][ T6570] netlink: 60 bytes leftover after parsing attributes in process `syz.0.207'. [ 112.840243][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 112.858045][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 112.877944][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 113.463720][ T6589] loop0: detected capacity change from 0 to 1024 [ 114.002675][ T12] bridge_slave_1: left allmulticast mode [ 114.083530][ T12] bridge_slave_1: left promiscuous mode [ 114.091523][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.312379][ T12] bridge_slave_0: left allmulticast mode [ 114.335713][ T12] bridge_slave_0: left promiscuous mode [ 114.382624][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.573866][ T5882] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 114.773399][ T5882] usb 5-1: Using ep0 maxpacket: 32 [ 114.817443][ T5882] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 114.854701][ T5882] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 114.928812][ T5882] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 114.979654][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 114.993254][ T53] Bluetooth: hci0: command tx timeout [ 115.050313][ T5882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 115.117510][ T5882] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 115.144529][ T5882] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 115.170339][ T5882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.182942][ T5882] usb 5-1: config 0 descriptor?? [ 115.414769][ T5882] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 115.462604][ T5882] usb 5-1: USB disconnect, device number 5 [ 115.496453][ T5882] usblp0: removed [ 115.623854][ T6633] netlink: 20 bytes leftover after parsing attributes in process `syz.0.223'. [ 115.819194][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 115.831784][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 115.844333][ T12] bond0 (unregistering): Released all slaves [ 115.963297][ T5882] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 116.099950][ T6642] pim6reg: entered allmulticast mode [ 116.133698][ T5882] usb 5-1: Using ep0 maxpacket: 32 [ 116.151740][ T5882] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 116.170563][ T5882] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 116.183604][ T5882] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 116.192940][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 116.209262][ T5882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 116.226977][ T5882] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 116.262367][ T6571] chnl_net:caif_netlink_parms(): no params data found [ 116.283049][ T5882] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 116.298729][ T5882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.324473][ T5882] usb 5-1: config 0 descriptor?? [ 116.520318][ T12] hsr_slave_0: left promiscuous mode [ 116.528414][ T12] hsr_slave_1: left promiscuous mode [ 116.539209][ T6596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.548260][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.557020][ T6596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.565420][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.582083][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.591034][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.632544][ T12] veth1_macvtap: left promiscuous mode [ 116.654608][ T12] veth0_macvtap: left promiscuous mode [ 116.660210][ T12] veth1_vlan: left promiscuous mode [ 116.665952][ T12] veth0_vlan: left promiscuous mode [ 116.779847][ T6596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.807801][ T6596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.843752][ T5882] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 117.058741][ T6596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.072799][ T6596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.085060][ T53] Bluetooth: hci0: command tx timeout [ 117.166985][ T6669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.195691][ T6669] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.266731][ C0] usblp0: nonzero read bulk status received: -71 [ 117.277981][ T6669] usblp0: error -71 reading from printer [ 117.299128][ C1] usblp0: nonzero read bulk status received: -71 [ 117.305629][ T5911] usb 5-1: USB disconnect, device number 6 [ 117.306462][ T6596] usblp0: error -71 reading from printer [ 117.331612][ T12] team0 (unregistering): Port device team_slave_1 removed [ 117.425218][ T12] team0 (unregistering): Port device team_slave_0 removed [ 117.499458][ T6595] usblp0: removed [ 118.660668][ T6685] loop4: detected capacity change from 0 to 2048 [ 118.734089][ T6685] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 119.154825][ T53] Bluetooth: hci0: command tx timeout [ 119.321183][ T6689] loop4: detected capacity change from 0 to 512 [ 119.362231][ T6689] ext2: Unknown parameter 'seclabel' [ 120.166909][ T6695] loop3: detected capacity change from 0 to 1024 [ 120.386274][ T6693] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551612) [ 120.404145][ T6693] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647 [ 120.426193][ T6571] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.487134][ T6571] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.573389][ T6571] bridge_slave_0: entered allmulticast mode [ 120.694428][ T6571] bridge_slave_0: entered promiscuous mode [ 120.717215][ T6571] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.763528][ T6571] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.790322][ T6571] bridge_slave_1: entered allmulticast mode [ 120.818198][ T6571] bridge_slave_1: entered promiscuous mode [ 121.138970][ T6571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.233635][ T53] Bluetooth: hci0: command tx timeout [ 121.244323][ T6571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 121.494711][ T6571] team0: Port device team_slave_0 added [ 121.502854][ T6571] team0: Port device team_slave_1 added [ 121.521589][ T6707] syz.1.243 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 121.576494][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.599120][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.635197][ T6571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.658197][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.665403][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.698114][ T6571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 121.714189][ T5882] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 121.753974][ T6713] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 121.844982][ T5882] usb 5-1: device descriptor read/64, error -71 [ 121.966004][ T6571] hsr_slave_0: entered promiscuous mode [ 122.014991][ T6571] hsr_slave_1: entered promiscuous mode [ 122.021199][ T6571] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 122.050199][ T6571] Cannot create hsr debugfs directory [ 122.103278][ T5882] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 122.196625][ T5911] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 122.253289][ T5882] usb 5-1: device descriptor read/64, error -71 [ 122.369381][ T6717] infiniband syz1: set active [ 122.374787][ T5911] usb 4-1: Using ep0 maxpacket: 32 [ 122.380543][ T6717] infiniband syz1: added bond_slave_1 [ 122.387788][ T5911] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 122.396968][ T5882] usb usb5-port1: attempt power cycle [ 122.401481][ T5911] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 122.425652][ T5911] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 122.458128][ T6571] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 122.470512][ T6571] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 122.481665][ T6571] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 122.505538][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 122.506364][ T6571] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 122.562363][ T5911] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 122.599343][ T5911] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 122.630692][ T6717] RDS/IB: syz1: added [ 122.658331][ T5911] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 122.688174][ T6717] smc: adding ib device syz1 with port count 1 [ 122.703239][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.718758][ T6717] smc: ib device syz1 port 1 has pnetid [ 122.742700][ T5911] usb 4-1: config 0 descriptor?? [ 122.753905][ T5882] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 122.766089][ T6571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.804012][ T5882] usb 5-1: device descriptor read/8, error -71 [ 122.818027][ T6571] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.843983][ T6043] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.851131][ T6043] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.900391][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.907617][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.000097][ T5911] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 123.043726][ T6571] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 123.057042][ T5911] usb 4-1: USB disconnect, device number 7 [ 123.073343][ T5882] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 123.086700][ T5911] usblp0: removed [ 123.149373][ T5882] usb 5-1: device descriptor read/8, error -71 [ 123.283757][ T5882] usb usb5-port1: unable to enumerate USB device [ 123.435450][ T6571] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.514162][ T5911] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 123.686547][ T5911] usb 4-1: Using ep0 maxpacket: 32 [ 123.712215][ T5911] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 123.753339][ T5911] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 123.761998][ T5911] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 123.797074][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 123.833198][ T5911] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 123.864805][ T5911] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 123.896955][ T6571] veth0_vlan: entered promiscuous mode [ 123.913243][ T5911] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 123.922328][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.946498][ T6571] veth1_vlan: entered promiscuous mode [ 123.967984][ T6571] veth0_macvtap: entered promiscuous mode [ 123.978970][ T6571] veth1_macvtap: entered promiscuous mode [ 123.994330][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.005529][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.006167][ T5911] usb 4-1: config 0 descriptor?? [ 124.016292][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.031450][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.041559][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.052297][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.062351][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.073295][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.085752][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.095280][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.106220][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.117298][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.128125][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.138121][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.148658][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.158561][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.169062][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.179943][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.190165][ T6571] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.199285][ T6571] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.208473][ T6571] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.217660][ T6571] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.279981][ T6719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.292355][ T6719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.519436][ T6719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.532244][ T6719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.570793][ T5911] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 124.613743][ T6043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.621607][ T6043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.697014][ T6043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.718456][ T6769] process 'syz.4.247' launched './file1' with NULL argv: empty string added [ 124.727705][ T6043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.840760][ T6719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.873424][ T6719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.146044][ T6782] netlink: 'syz.4.250': attribute type 322 has an invalid length. [ 125.208484][ T29] kauditd_printk_skb: 134 callbacks suppressed [ 125.208502][ T29] audit: type=1326 audit(1732157964.525:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 125.237559][ T29] audit: type=1326 audit(1732157964.525:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f44c577d1b0 code=0x7ffc0000 [ 125.263191][ T29] audit: type=1326 audit(1732157964.525:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f44c5780047 code=0x7ffc0000 [ 125.285753][ T29] audit: type=1326 audit(1732157964.525:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 125.309845][ T29] audit: type=1326 audit(1732157964.525:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f44c5780047 code=0x7ffc0000 [ 125.332988][ T29] audit: type=1326 audit(1732157964.525:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f44c577d4aa code=0x7ffc0000 [ 125.355091][ T29] audit: type=1326 audit(1732157964.525:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 125.377360][ T29] audit: type=1326 audit(1732157964.525:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 125.399917][ T29] audit: type=1326 audit(1732157964.525:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 125.422494][ T29] audit: type=1326 audit(1732157964.525:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6781 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f44c577e819 code=0x7ffc0000 [ 126.263996][ T25] usb 4-1: USB disconnect, device number 8 [ 126.404439][ T25] usblp0: removed [ 126.924059][ T6855] netlink: 'syz.4.257': attribute type 10 has an invalid length. [ 127.200343][ T6848] loop3: detected capacity change from 0 to 512 [ 127.302382][ T6855] team0: Port device netdevsim0 added [ 127.371256][ T6868] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.381130][ T6868] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.390526][ T6868] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.399739][ T6868] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.412070][ T6868] vxlan0: entered promiscuous mode [ 127.417569][ T6868] vxlan0: entered allmulticast mode [ 127.443622][ T6848] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 127.458044][ T6848] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 127.469559][ T6848] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.256: Corrupt directory, running e2fsck is recommended [ 127.502141][ T6848] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 127.520848][ T6848] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.256: corrupted in-inode xattr: invalid ea_ino [ 127.523290][ T6868] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 127.543666][ T6868] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 127.552565][ T6868] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 127.561587][ T6868] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 127.604845][ T6848] EXT4-fs (loop3): Remounting filesystem read-only [ 127.614269][ T6848] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.632375][ T6856] lo speed is unknown, defaulting to 1000 [ 127.649899][ T6856] lo speed is unknown, defaulting to 1000 [ 127.679912][ T6856] lo speed is unknown, defaulting to 1000 [ 127.721931][ T6856] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 127.814671][ T6856] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 128.002897][ T6848] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.046947][ T6856] lo speed is unknown, defaulting to 1000 [ 128.048246][ T6877] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 128.069360][ T6856] lo speed is unknown, defaulting to 1000 [ 128.071962][ T6877] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 128.164493][ T6848] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.188895][ T6856] lo speed is unknown, defaulting to 1000 [ 128.199211][ T6856] lo speed is unknown, defaulting to 1000 [ 128.208304][ T6856] lo speed is unknown, defaulting to 1000 [ 128.243817][ T5880] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 128.299836][ T6848] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.443459][ T5880] usb 1-1: Using ep0 maxpacket: 32 [ 128.454914][ T5880] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 128.466329][ T6848] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.472042][ T5880] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 128.516477][ T5880] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 128.559446][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 128.583577][ T5880] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 128.618427][ T5880] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 128.836926][ T5880] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 128.853100][ T6848] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.866069][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.635843][ T6904] loop1: detected capacity change from 0 to 1024 [ 129.666550][ T5880] usb 1-1: config 0 descriptor?? [ 129.870462][ T6848] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.976868][ T6848] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.053002][ T5880] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 130.130080][ T6848] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.186893][ T6909] loop5: detected capacity change from 0 to 1024 [ 130.209044][ T5880] usb 1-1: USB disconnect, device number 8 [ 130.288375][ T5880] usblp0: removed [ 130.294730][ T6909] EXT4-fs: Ignoring removed nobh option [ 130.300323][ T6909] EXT4-fs: Ignoring removed orlov option [ 130.519813][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.529782][ T6916] vlan2: entered promiscuous mode [ 130.535592][ T6916] team0: entered promiscuous mode [ 130.541850][ T6916] team_slave_0: entered promiscuous mode [ 130.563349][ T6916] team_slave_1: entered promiscuous mode [ 130.571996][ T6916] team0: Device vlan2 is already an upper device of the team interface [ 130.594939][ T6916] team0: left promiscuous mode [ 130.600190][ T6916] team_slave_0: left promiscuous mode [ 130.606563][ T6916] team_slave_1: left promiscuous mode [ 130.634093][ T6909] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.665971][ T6909] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.683890][ T5880] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 130.777931][ T6924] loop3: detected capacity change from 0 to 128 [ 130.825607][ T6927] syz.4.279[6927] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.825707][ T6927] syz.4.279[6927] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.843715][ T5880] usb 1-1: Using ep0 maxpacket: 32 [ 130.852869][ T6930] loop1: detected capacity change from 0 to 1024 [ 130.857886][ T5880] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 130.860785][ T6927] syz.4.279[6927] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.868269][ T6930] ext4: Bad value for 'max_dir_size_kb' [ 130.897788][ T6927] loop4: detected capacity change from 0 to 128 [ 130.925873][ T5880] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 130.973291][ T5880] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 131.020728][ T6927] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 131.051651][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 131.093044][ T5880] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 131.164387][ T5880] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 131.177952][ T5880] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 131.181390][ T6927] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 131.187905][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.922073][ T5880] usb 1-1: config 0 descriptor?? [ 131.927583][ T5880] usb 1-1: can't set config #0, error -71 [ 131.936724][ T5880] usb 1-1: USB disconnect, device number 9 [ 132.035765][ T5840] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.240847][ T6951] IPVS: Error joining to the multicast group [ 132.353487][ T6943] loop0: detected capacity change from 0 to 1024 [ 132.519526][ T6952] loop3: detected capacity change from 0 to 1024 [ 132.635150][ T6943] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 132.700171][ T6943] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869) [ 133.030892][ T6943] EXT4-fs (loop0): invalid journal inode [ 133.084481][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.090845][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.117498][ T6943] EXT4-fs (loop0): can't get journal size [ 133.217658][ T6943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 133.434532][ T6943] bridge0: port 3(vlan2) entered blocking state [ 133.440912][ T6943] bridge0: port 3(vlan2) entered disabled state [ 133.538175][ T6943] vlan2: entered allmulticast mode [ 133.615085][ T6943] vlan2: left allmulticast mode [ 133.972463][ T6931] lo speed is unknown, defaulting to 1000 [ 134.300205][ T6980] loop4: detected capacity change from 0 to 1024 [ 134.341012][ T6980] ext4: Bad value for 'max_dir_size_kb' [ 134.418195][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.444567][ T5880] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 134.523272][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 134.523292][ T29] audit: type=1326 audit(1732157973.865:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 134.598781][ T29] audit: type=1326 audit(1732157973.875:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 134.784002][ T29] audit: type=1326 audit(1732157973.925:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.276206][ T29] audit: type=1326 audit(1732157973.925:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.302917][ T5880] usb 2-1: Using ep0 maxpacket: 32 [ 135.310746][ T29] audit: type=1326 audit(1732157973.925:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.363469][ T5880] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 135.372762][ T5880] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 135.383652][ T29] audit: type=1326 audit(1732157973.925:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.406573][ T5880] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 135.416037][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 135.426055][ T29] audit: type=1326 audit(1732157973.935:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.475363][ T5880] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 135.513781][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 135.550425][ T29] audit: type=1326 audit(1732157973.935:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.587581][ T5880] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 135.617260][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.643762][ T29] audit: type=1326 audit(1732157973.935:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 135.860894][ T5880] usb 2-1: config 0 descriptor?? [ 135.923424][ T29] audit: type=1326 audit(1732157973.935:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5417e819 code=0x7ffc0000 [ 136.029244][ T7008] loop0: detected capacity change from 0 to 128 [ 136.151690][ T7006] netlink: 8 bytes leftover after parsing attributes in process `syz.3.301'. [ 136.268552][ T7008] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 136.283604][ T7008] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.571095][ T5880] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 136.594556][ T5880] usb 2-1: USB disconnect, device number 8 [ 136.603037][ T5880] usblp0: removed [ 136.857199][ T5828] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 136.983504][ T5880] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 137.114078][ T7023] loop0: detected capacity change from 0 to 512 [ 137.184872][ T5880] usb 2-1: Using ep0 maxpacket: 32 [ 137.192373][ T5880] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 137.205366][ T7023] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.223294][ T5880] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 137.237776][ T5880] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 137.247123][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 137.257182][ T5880] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 137.267147][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 137.280378][ T5880] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 137.290072][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.299904][ T7028] siw: device registration error -23 [ 137.306771][ T5880] usb 2-1: config 0 descriptor?? [ 137.354951][ T7023] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.529814][ T5880] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 137.577151][ T5880] usb 2-1: USB disconnect, device number 9 [ 137.632814][ T5880] usblp0: removed [ 137.812141][ T7041] syz.4.309[7041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 137.812242][ T7041] syz.4.309[7041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 137.825568][ T7041] syz.4.309[7041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 137.866490][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.054893][ T7045] tipc: Enabling of bearer rejected, failed to enable media [ 138.095637][ T7049] IPVS: Error joining to the multicast group [ 138.475528][ T7058] loop1: detected capacity change from 0 to 128 [ 138.551743][ T7058] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 138.566257][ T7058] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.649627][ T5826] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 139.916843][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 139.916861][ T29] audit: type=1326 audit(1732157979.275:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 139.957836][ T7077] netlink: 24 bytes leftover after parsing attributes in process `syz.5.323'. [ 139.995032][ T29] audit: type=1326 audit(1732157979.315:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 140.247413][ T7089] loop4: detected capacity change from 0 to 2048 [ 140.290592][ T7089] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 140.300580][ T29] audit: type=1326 audit(1732157979.315:410): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 140.618853][ T29] audit: type=1326 audit(1732157979.315:411): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 140.871043][ T29] audit: type=1326 audit(1732157979.315:412): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 140.973692][ T7095] ------------[ cut here ]------------ [ 140.979659][ T7095] refcount_t: underflow; use-after-free. [ 141.024670][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.0.327'. [ 141.043773][ T7095] WARNING: CPU: 0 PID: 7095 at lib/refcount.c:28 refcount_warn_saturate+0x15a/0x1d0 [ 141.053313][ T7095] Modules linked in: [ 141.057305][ T7095] CPU: 0 UID: 0 PID: 7095 Comm: syz.4.326 Not tainted 6.12.0-next-20241120-syzkaller #0 [ 141.067380][ T7095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 141.075926][ T29] audit: type=1326 audit(1732157979.315:413): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 141.077664][ T7095] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0 [ 141.107542][ T7095] Code: 60 43 5e 8c e8 57 94 9f fc 90 0f 0b 90 90 eb 99 e8 6b f6 de fc c6 05 86 11 42 0b 01 90 48 c7 c7 c0 43 5e 8c e8 37 94 9f fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 48 f6 de fc c6 05 60 11 42 0b 01 90 [ 141.127344][ T7095] RSP: 0018:ffffc90002f1f8e8 EFLAGS: 00010246 [ 141.133515][ T7095] RAX: c6ce74ac3404ef00 RBX: ffff88801e2b04a4 RCX: 0000000000080000 [ 141.141587][ T7095] RDX: ffffc9000d2a3000 RSI: 0000000000003d96 RDI: 0000000000003d97 [ 141.149770][ T7095] RBP: 0000000000000003 R08: ffffffff81601b32 R09: fffffbfff1cfa218 [ 141.158379][ T7095] R10: dffffc0000000000 R11: fffffbfff1cfa218 R12: ffff88807af4a868 [ 141.167615][ T7095] R13: ffff88801e2b04a4 R14: 1ffff1100f5e9518 R15: ffff88807af4a800 [ 141.175456][ T29] audit: type=1326 audit(1732157979.315:414): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 141.175704][ T7095] FS: 00007f44c650f6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 141.207823][ T7095] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.215034][ T7095] CR2: 00000000200002c0 CR3: 000000003c8fc000 CR4: 00000000003526f0 [ 141.223198][ T7095] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 141.231221][ T7095] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 141.239345][ T7095] Call Trace: [ 141.239818][ T29] audit: type=1326 audit(1732157979.315:415): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 141.242652][ T7095] [ 141.268205][ T7095] ? __warn+0x168/0x4e0 [ 141.272424][ T7095] ? refcount_warn_saturate+0x15a/0x1d0 [ 141.278105][ T7095] ? report_bug+0x2b3/0x500 [ 141.282648][ T7095] ? refcount_warn_saturate+0x15a/0x1d0 [ 141.288345][ T7095] ? handle_bug+0x60/0x90 [ 141.292728][ T7095] ? exc_invalid_op+0x1a/0x50 [ 141.297537][ T7095] ? asm_exc_invalid_op+0x1a/0x20 [ 141.302670][ T7095] ? __warn_printk+0x292/0x360 [ 141.309262][ T7095] ? refcount_warn_saturate+0x15a/0x1d0 [ 141.314992][ T7095] ? refcount_warn_saturate+0x159/0x1d0 [ 141.320687][ T7095] j1939_session_put+0x1ed/0x440 [ 141.325807][ T7095] j1939_sk_sendmsg+0x121b/0x14c0 [ 141.330883][ T7095] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 141.336360][ T7095] ? __import_iovec+0x590/0x870 [ 141.341264][ T7095] ? aa_sock_msg_perm+0x91/0x160 [ 141.346425][ T7095] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 141.351855][ T7095] __sock_sendmsg+0x221/0x270 [ 141.352523][ T29] audit: type=1326 audit(1732157979.315:416): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 141.356627][ T7095] ____sys_sendmsg+0x52a/0x7e0 [ 141.356664][ T7095] ? __pfx_____sys_sendmsg+0x10/0x10 [ 141.356687][ T7095] ? __fget_files+0x2a/0x410 [ 141.356718][ T7095] ? __fget_files+0x2a/0x410 [ 141.356748][ T7095] __sys_sendmsg+0x269/0x350 [ 141.356774][ T7095] ? __pfx___sys_sendmsg+0x10/0x10 [ 141.356796][ T7095] ? j1939_sk_connect+0x442/0x5c0 [ 141.379715][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.0.327'. [ 141.384258][ T7095] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 141.384290][ T7095] ? do_syscall_64+0x100/0x230 [ 141.384313][ T7095] ? do_syscall_64+0xb6/0x230 [ 141.384332][ T7095] do_syscall_64+0xf3/0x230 [ 141.384349][ T7095] ? clear_bhb_loop+0x35/0x90 [ 141.384373][ T7095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.421712][ T29] audit: type=1326 audit(1732157979.315:417): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7076 comm="syz.5.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f227c77e819 code=0x7ffc0000 [ 141.424019][ T7095] RIP: 0033:0x7f44c577e819 [ 141.424055][ T7095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.424072][ T7095] RSP: 002b:00007f44c650f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 141.424096][ T7095] RAX: ffffffffffffffda RBX: 00007f44c5935fa0 RCX: 00007f44c577e819 [ 141.424111][ T7095] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 141.424126][ T7095] RBP: 00007f44c57f175e R08: 0000000000000000 R09: 0000000000000000 [ 141.536516][ T7095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.544698][ T7095] R13: 0000000000000000 R14: 00007f44c5935fa0 R15: 00007ffd323a0838 [ 141.552818][ T7095] [ 141.556132][ T7095] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 141.563439][ T7095] CPU: 0 UID: 0 PID: 7095 Comm: syz.4.326 Not tainted 6.12.0-next-20241120-syzkaller #0 [ 141.573196][ T7095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 141.583279][ T7095] Call Trace: [ 141.586583][ T7095] [ 141.589543][ T7095] dump_stack_lvl+0x241/0x360 [ 141.594266][ T7095] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.599500][ T7095] ? __pfx__printk+0x10/0x10 [ 141.604123][ T7095] ? vscnprintf+0x5d/0x90 [ 141.608489][ T7095] panic+0x349/0x880 [ 141.612451][ T7095] ? __warn+0x177/0x4e0 [ 141.616639][ T7095] ? __pfx_panic+0x10/0x10 [ 141.621088][ T7095] ? __wake_up_klogd+0xcc/0x110 [ 141.625978][ T7095] __warn+0x34b/0x4e0 [ 141.629992][ T7095] ? refcount_warn_saturate+0x15a/0x1d0 [ 141.635568][ T7095] report_bug+0x2b3/0x500 [ 141.639928][ T7095] ? refcount_warn_saturate+0x15a/0x1d0 [ 141.645508][ T7095] handle_bug+0x60/0x90 [ 141.649695][ T7095] exc_invalid_op+0x1a/0x50 [ 141.654229][ T7095] asm_exc_invalid_op+0x1a/0x20 [ 141.659104][ T7095] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0 [ 141.665286][ T7095] Code: 60 43 5e 8c e8 57 94 9f fc 90 0f 0b 90 90 eb 99 e8 6b f6 de fc c6 05 86 11 42 0b 01 90 48 c7 c7 c0 43 5e 8c e8 37 94 9f fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 48 f6 de fc c6 05 60 11 42 0b 01 90 [ 141.684920][ T7095] RSP: 0018:ffffc90002f1f8e8 EFLAGS: 00010246 [ 141.691030][ T7095] RAX: c6ce74ac3404ef00 RBX: ffff88801e2b04a4 RCX: 0000000000080000 [ 141.699035][ T7095] RDX: ffffc9000d2a3000 RSI: 0000000000003d96 RDI: 0000000000003d97 [ 141.707039][ T7095] RBP: 0000000000000003 R08: ffffffff81601b32 R09: fffffbfff1cfa218 [ 141.715055][ T7095] R10: dffffc0000000000 R11: fffffbfff1cfa218 R12: ffff88807af4a868 [ 141.723141][ T7095] R13: ffff88801e2b04a4 R14: 1ffff1100f5e9518 R15: ffff88807af4a800 [ 141.731143][ T7095] ? __warn_printk+0x292/0x360 [ 141.735943][ T7095] ? refcount_warn_saturate+0x159/0x1d0 [ 141.741517][ T7095] j1939_session_put+0x1ed/0x440 [ 141.746502][ T7095] j1939_sk_sendmsg+0x121b/0x14c0 [ 141.751579][ T7095] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 141.756981][ T7095] ? __import_iovec+0x590/0x870 [ 141.761860][ T7095] ? aa_sock_msg_perm+0x91/0x160 [ 141.766832][ T7095] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 141.772241][ T7095] __sock_sendmsg+0x221/0x270 [ 141.776946][ T7095] ____sys_sendmsg+0x52a/0x7e0 [ 141.781745][ T7095] ? __pfx_____sys_sendmsg+0x10/0x10 [ 141.787090][ T7095] ? __fget_files+0x2a/0x410 [ 141.791715][ T7095] ? __fget_files+0x2a/0x410 [ 141.796346][ T7095] __sys_sendmsg+0x269/0x350 [ 141.800974][ T7095] ? __pfx___sys_sendmsg+0x10/0x10 [ 141.806112][ T7095] ? j1939_sk_connect+0x442/0x5c0 [ 141.811204][ T7095] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 141.817555][ T7095] ? do_syscall_64+0x100/0x230 [ 141.822326][ T7095] ? do_syscall_64+0xb6/0x230 [ 141.827003][ T7095] do_syscall_64+0xf3/0x230 [ 141.831523][ T7095] ? clear_bhb_loop+0x35/0x90 [ 141.836235][ T7095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.842160][ T7095] RIP: 0033:0x7f44c577e819 [ 141.846581][ T7095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.866202][ T7095] RSP: 002b:00007f44c650f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 141.874626][ T7095] RAX: ffffffffffffffda RBX: 00007f44c5935fa0 RCX: 00007f44c577e819 [ 141.882596][ T7095] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 141.890570][ T7095] RBP: 00007f44c57f175e R08: 0000000000000000 R09: 0000000000000000 [ 141.898536][ T7095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.906511][ T7095] R13: 0000000000000000 R14: 00007f44c5935fa0 R15: 00007ffd323a0838 [ 141.914499][ T7095] [ 141.917769][ T7095] Kernel Offset: disabled [ 141.922178][ T7095] Rebooting in 86400 seconds..