last executing test programs: 5.143909971s ago: executing program 0: r0 = socket(0x10, 0x803, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b098ac4b2313118ac27223be51de34edc2252f3566202b4c94d53461e194cd72c3182cc14d7ed81c5f0838b9839dc07c9d477ab24889b145f2cd30f1998016aa19eff5b016847cf5c3e1b33800434803514e145e98b4f8e8e2e44ab8fc59c2465ed6543afa8052a71c835d09c8a8f58add989cb798bf2213f3994ffbb812aeafe14ad4cab9e1c95bfe1acc85b1407a888ca967735d8a2ac078091a456a5f7219e2900b1913efb87cd6cc301fd286e6bb5b2358d6b55afcbe1bb", 0x22a}], 0x1}, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x41}, {&(0x7f0000000280)=""/85, 0x5c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x288}, {&(0x7f00000007c0)=""/154, 0x32}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x6558}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 4.986234485s ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)='}', 0x1}], 0x1}, 0x0) recvmsg(r1, 0x0, 0x0) close(r2) 4.829459189s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x200000000000000) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000040000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001780)={&(0x7f0000000300)='ext4_sync_file_enter\x00', r4}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r5, &(0x7f0000000200), 0x43451) 3.484928745s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)='}', 0x1}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) close(0xffffffffffffffff) 3.462685869s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000880)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 3.348977126s ago: executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x40}}, 0x0) sendmmsg$inet(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000001c0)="e347ef671fe7c895fc0f", 0xa}], 0x1}}], 0x1, 0x0) 2.586608443s ago: executing program 0: bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$udambuf(0xffffffffffffff9c, 0x0, 0x2) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0xa00010, &(0x7f0000000700)=ANY=[@ANYBLOB='nodecompose,decompose,nobfrrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=") mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_type(r3, &(0x7f0000000040), 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000000, 0x10, r3, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x66e, &(0x7f0000000cc0)="$eJzs3c1vHGcdB/DvrDd2Ni2p2yZtQJVqNRIgLBK/yAVzISCEfKhQVQ6crcRprGzSYrvIrRB1eL320D+gHHxBnJC4RyocuMCtN+RjJSQuvWBOi3Z2dr1Zv2TdNl6nfD7R7PPM88w883t+szP7YkUb4P/W0nTq91NkafqVzfb6zvZ8c2d7/k63nmQiyVZST1JLUvyn1Wp9mFxLit4wxUC5z/uri6999MnOx521erWU29eO2m9Atd3WQPNWt20qyVhVfgYPjHf9M49X9CK/luRyVcLInUnSesBP//Zkr6dP46C9z55IjMCjVXReN1O9HvdMJueqC739PqD7yls7+QiHMzHkdoPvIAAAAOBxM8xn4Kd2s5vN4vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfCFt7v/9fVEutW59K0f39//GqLVX9dHnxeJvff1RxAAAAAAAAAMAJenE3u9nM+e56qyj/5v9SuXKhfHwib2U9K1nLlWxmORvZyFpmk0z2DTS+ubyxsTY7xJ5zB+4595BAJ6qy8fnMGwAAAAAAAAC+YH6Zpb2//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlQJGOdIsW9vubJ1OpJziYZbzdsJf/o1h9n90cdAAAAAJyAp3azm82c7663ilxI8lz5HcDZvJW72chqNtLMSm6U3wt0PvXXdrbnmzvb83fay/5xv/fvY4VRjpjOdw8HH/lSuUUjN7NatlzJ9byRZm6kVu7ZdqmKpzvqQFz32jEV360MGdmNqmzP/L2q3OfdY032MMf8MmWyzMiZXkZmqtja2Xi6e2YOPkPHPDuDR5pNrRfshYEjDUziU+X8XFW25/Pbw3I+EoOZmOt79j13dM6Tr/35jz+ZqeqnZ0rDGavKVvnY2J+J+b5MPD9MJm41796+dXN9+nHLxD4zZSYu9taX8sP8ONOZyqtZy2p+luVsZCVT+UFZW65OftF3yR+SqWsPrL36sEjGq2do52QdL6aXyn3PZzU/yhu5kZW8XP6by2y+lYUsZLHvDF88+gyXV33tkKu+9aUDg7/89arSSPK7qjzQoR2PSjuvT/fltf+eO1n29bfsZemZIbJ0zHtj/StVpX2MX1Xl6TCYidm+TDx7dCZ+X95W1pt3b6/dWn5zuMM9815VaV9HvzlVt9T28+WZ9skq1x58drT7nj2wb7bsu9Drq+3ru9jr61ypW4deqePVe7j9I82Vfc8f2Ddf9l3q6zvo/RYAp965b5wbb/yr8ffGB41fN241Xjn7/YlvT7wwnjN/OfOd+szYV2svFH/KB/nF3ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t/+53by83mytpApdVqvXtI10lX6g8JdV8lU/98or1Dt6WVXlf358xOcBZffjIZeQ5HXvlvq9WqWopDtvnDX09NolqVU5G6EVVGd08CTsbVjTtvXl1/+51vrt5Zfn3l9ZW7iwsLizOLCy/PX7252lyZ6TyOOkrgUdh70R91JAAAAAAAAAAAAMCwTuK/E4x6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjbWk69fspMjtzZaa9vrM932wv3frelvUktSTFz5Piw+RaOksm+4YrDjvO+6uLr330yc7He2PVu9vXjtpvOFvVkqkkY53y3uc13vWqPFJx1BSK3gzbCbvcTRyM2v8CAAD///IHB5c=") open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) unlink(&(0x7f0000000300)='./bus\x00') write$char_usb(r4, &(0x7f00000002c0)="9f", 0x1) 2.581501774s ago: executing program 1: r0 = socket(0xa, 0x1, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0xa, 0x0, 0x0, 0x91ffffff}, 0x18, &(0x7f0000000080)={0x0}}, 0x2004c052) 2.581015924s ago: executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup2(r0, r1) sendmmsg$inet(r2, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a00)="316f825a3d29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d750e168350685e0f4f079d2d8e79be174ef9355b70719c712c5d15d2e7505a8696b50738ece15ee5", 0xbe}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef3", 0xde}, {&(0x7f0000000500)="fff5c0293353db83a683db60266a3867d03f740f4f0a7bafe7be9b2bac0bf1b2019dbde5f640c897ac57789fb8490642b47a96f0d03ec69d1f6e90e86be7fb3ef9e76969438283b0ab8d31b707ddd3b453f5ed67232e172945aecaf6dd89d72d7a429ef6d0dcc5f0d9cc15dba0", 0x6d}], 0x4}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)="d06e8c3dc885a29d9b5a4c", 0xb}], 0x1}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000f00)="2ea5d94f90933978352c42a3dad24b4909f57c7dba08e38797ab936fc9c5158f38287dbf6242139b1abfd08aabc9d67efa71c608a29bc1636373ad0461338c453a5bae9e10b5713832e4a6b717d0ebe8c0ee1fd8ccfdd83c514ffa754463ff63126faf04b514e5a27aa54f59f9516e5cba1a7a587a56a944c41c7081bcfd9fc61a4f714f7d7284f39cb83ab2013358814c3043db5fb95583aafd0910c9fc00000000000000000099a821fe7b604fa870b9a8fd792630f0ac3d", 0xb9}], 0x1}}], 0x3, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001340)={0x268, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NODE={0x1a8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xd5, 0x3, "82bc53704ab4c13199ac5424884ba508fb42ac529181043c252e22b8b4da8b60b8b955b760d4c6f06634f5550e7e901177c406f802e08d30637d41f2d904604a7d2bb829412d5d4d381d5cfb5b044d4b81deb3b44ffced9979d600f9a8711fac05c4e408dcdf5c230f6f3912bfeffd69472de9b957655499e2990fba26a9e23b156b7768f093956642327438e23df5fee55e885b679c9bcc3d3ec0b35acf834612310622399e6746f5fe79c0cca88dd2d73b2083fb6abe37e4d19699583fb1b8046e2505bcde2526e12321f910a2005fea"}, @TIPC_NLA_NODE_ID={0x35, 0x3, "650b190f9349cee7a89f0baefa15e35e8fddc2480dc011adcb1ecc7a9fff5d0f64080a0c8998298870ab9e23426d10612f"}, @TIPC_NLA_NODE_ID={0x49, 0x3, "c0b77ef5f912e156682c17da2b24eea11baf91b71d57172c534eed7f96b0c2227d22396a9aec6dbe4d57fdbfccdfc771f6f80f8b9c5fe40fa86984988c035f6f787c6d91cc"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "2a73b8b4821f3e9256d41613bb521e6da4b1e138"}}, @TIPC_NLA_NODE_REKEYING={0x8}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @broadcast}}, {0x14, 0x2, @in={0x2, 0x0, @private}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}]}, 0x268}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 2.578658365s ago: executing program 3: r0 = socket(0x10, 0x803, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b098ac4b2313118ac27223be51de34edc2252f3566202b4c94d53461e194cd72c3182cc14d7ed81c5f0838b9839dc07c9d477ab24889b145f2cd30f1998016aa19eff5b016847cf5c3e1b33800434803514e145e98b4f8e8e2e44ab8fc59c2465ed6543afa8052a71c835d09c8a8f58add989cb798bf2213f3994ffbb812aeafe14ad4cab9e1c95bfe1acc85b1407a888ca967735d8a2ac078091a456a5f7219e2900b1913efb87cd6cc301fd286e6bb5b2358d6b55afcbe1bb033d0b07", 0x22e}], 0x1}, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x41}, {&(0x7f0000000280)=""/85, 0x5c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x288}, {&(0x7f00000007c0)=""/154, 0x32}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x6558}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 2.54279212s ago: executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8, 0x5, r5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x44, 0x31, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r8, @ANYBLOB="edf7159c15afb0025753c13d74e3bb5bf6fa4afcf0929745e61f7b68c776e1abebb5e9e5cb3b300e9a4a7a71d0c8101e0c52245d29732bf32759815fc73bb7540b6f842943279ff7b9ea13f7d701ada0a65366ade5065a74ff17bba855f664f3da9128d87174d437f6a0b13366d51a91207bb75bce731f02ef3829e14ffa0ae042c64c60b0ebce75b9b61702d6508eeb69eee758da0456e599fe506097bb66b5a3f63902ec27cb6828a3e12a0fab7fa34da765e5ee304e6796d3ebdc907281225860a8209fadee103c331af04fce0310e92d1eb8bdf2a373526feddd27dc12c7dda277f66e37028146056e1484cf24"], 0x1c}}, 0x0) 2.47798033s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000080850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0) 2.472236851s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="8252", 0x2}], 0x1}}], 0x1, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000140)={0x0, 0x0, 0xf9}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.299684987s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket$key(0xf, 0x3, 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in=@broadcast, @in=@multicast2}, {@in6=@empty, 0x0, 0x32}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0) 2.285508059s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) geteuid() 2.117087415s ago: executing program 2: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00157ed0", @ANYRES16=0x0, @ANYRESOCT], 0x1, 0x178, &(0x7f0000000240)="$eJzslL9OAkEQxr/dQxDjE9hYSCIWHneHGhsKGisLE/8QCxOJnAQ9xMAVQmLhE/gMFr6Htj6EQRttsNL6zN4u3Gr4Y0yUGOdXzH17Ozs3O5d8IAji3/L48NYOXnNPBoBppJBQ75+NKIdr+feTL+e362uFy73ru0TbTParGQRf/34MwE3egN87+/F0Sj23wHt6GxwLShfAYCq9D44dpV0w7Cp9pOmayDfNw4rnmgc1rySEJYItgiNC9nN/nQuGktYf0/YbzdZx0fPc+g+KUfPr5DlyWn/6/+rOxtLmZ4PDVjoLhk2lV5HozkaORLv/TCyqb/zy/UmQIPHXRORPwRXDvOZPMc0/Mn71NNNothYr1WLZLbsnjpNdsZYsa9nJhEYk4xD/S4b+NKXVnxiQG2dxnBV9v27L2Fs7MvZzXB76H0d6Tq6F98cHdiP3mTrHQpU2hqQTBEGMjVmw0DNH4GyMu1GCIAiCIAiCIAiCIL7NewAAAP//Lt94Bg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f00000002c0)) sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4000) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) dup(r2) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000300)={[{@data_err_abort}, {@noblock_validity}, {@dioread_lock}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4b9, &(0x7f0000000c80)="$eJzs3M1vFOUfAPDvTF8ory38+P1+8qKsorERbWlB5eBBjSZcTEz0gMdaKkEKGFoTIUSKMXg0/gXq0cTEkxdPmhijnjRe9W5MiOECejA1sztDZ9kXt9uWCvv5JLt9npl59nm+M/PsPjtPZwPoWZXsKYnYEhE/R8RwLVu/QaX258a1i9N/XLs4ncTi4ku/J9Xtrl+7OF1sWpTbnGdG04j03ST2NKl37vyFU1OzszPn8vz4/Ok3xufOX3js5OmpEzMnZs5MHjly+NDEk09MPr4qcWZxXd/99tm9u46+8sEL04vx6nefZu3dkq8vx1EzsuI6K1EZiojFzNLSwerzQyt+9X+XraV00r+ODWFZ+iIiO1wD1f4/HH2xdPCG4/l3bma+XqcGAmsm+2za3rC0L/+b1j68gLtUoo9Djyo+8bPvv8Xjdo4/1tvVZ7LnmWr8N/JHbU1/pNl32ZHaN/a+FuX/t8L6t0TEsYU/P8we0fQ6BADA6voyG/882mz8l9aNbbblcygjEXEgInZExH8iYmdE/DcfB/0/Iu5ZZv2VW/KN458fN3YVWIey8d9T+dxW/fgvzbdIbua2VuMfSF47OTtzMN8nozGwIctPtKnjq+d+er/Vukpp/Jc9svqLsWDejt/6N9SXOT41P7WCkOtcvRyxu79Z/MnNmYBsD+yKiN1dvH62z04+8sneLL1tc+P6xvizkXY5/jZWYZ5p8eOIh2vHfyFuib+Q1GpqNT85PhSzMwfHi7Oi0fc/XHmxnB8opeviH+ospqFug20iO/6bmp7/efxFNyjma+eWX8eVX95r+Z2m8fgncWyhvEV+/pfeBbLzfzB5uZoezJe9NTU/f24iYjBfULd8cqlskS+2z+If3d+8/++I+OujvNyeiMhO4nsj4r6I2Je3/f6IeCAi9reJ/9tnH3y9/R5q1//XVhb/8XbHP2IkKc/Xd5HoO/XNF63q7+z973A1NZov6eT9r9MGrmTfAQAAwJ0irc5BJ+lYkS5dnNoZm9LZs3PzByrx5pnjtbnqkRhIiytdw6XroRP5teEiP3lL/lBEbK/+p9HGan5s+uzs1vUMHKjeq1PX/yNNx8Zq635t9U8vwN1jWfNo5bsDP/t89RsD3Fbu14Tepf9D79L/oXfp/9C7mvX/SxE31qEpwG3m8x96l/4PvUv/h96l/0NParwlvvihhW7u9F9K7Di6ouJrnlgcXpNXXlh+qb6585fXItIo/2hHy0QSEd1VEWn7bQY7qP3c3KX1OQHSf9zm6S53yzIS+/LEhojotNSljvbqap0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd76/AwAA//8zudg1") 2.103989817s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x200000000000000) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000040000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001780)={&(0x7f0000000300)='ext4_sync_file_enter\x00', r4}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r5, &(0x7f0000000200), 0x43451) 2.101967778s ago: executing program 4: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001440)={{0x12, 0x1, 0x0, 0xab, 0xd1, 0xa0, 0x40, 0x77b, 0x2226, 0xca8b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3a, 0x92, 0xf8}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1.784239616s ago: executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x40}}, 0x0) sendmmsg$inet(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000001c0)="e347ef671fe7c895fc0f", 0xa}], 0x1}}], 0x1, 0x0) 1.356476992s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 1.221906012s ago: executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)='}', 0x1}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) close(0xffffffffffffffff) 336.080138ms ago: executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup2(r0, r1) sendmmsg$inet(r2, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a00)="316f825a3d29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d750e168350685e0f4f079d2d8e79be174ef9355b70719c712c5d15d2e7505a8696b50738ece15ee5", 0xbe}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef3", 0xde}, {&(0x7f0000000500)="fff5c0293353db83a683db60266a3867d03f740f4f0a7bafe7be9b2bac0bf1b2019dbde5f640c897ac57789fb8490642b47a96f0d03ec69d1f6e90e86be7fb3ef9e76969438283b0ab8d31b707ddd3b453f5ed67232e172945aecaf6dd89d72d7a429ef6d0dcc5f0d9cc15dba0", 0x6d}], 0x4}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)="d06e8c3dc885a29d9b5a4c", 0xb}], 0x1}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000f00)="2ea5d94f90933978352c42a3dad24b4909f57c7dba08e38797ab936fc9c5158f38287dbf6242139b1abfd08aabc9d67efa71c608a29bc1636373ad0461338c453a5bae9e10b5713832e4a6b717d0ebe8c0ee1fd8ccfdd83c514ffa754463ff63126faf04b514e5a27aa54f59f9516e5cba1a7a587a56a944c41c7081bcfd9fc61a4f714f7d7284f39cb83ab2013358814c3043db5fb95583aafd0910c9fc00000000000000000099a821fe7b604fa870b9a8fd792630f0ac3d", 0xb9}], 0x1}}], 0x3, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001340)={0x268, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NODE={0x1a8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xd5, 0x3, "82bc53704ab4c13199ac5424884ba508fb42ac529181043c252e22b8b4da8b60b8b955b760d4c6f06634f5550e7e901177c406f802e08d30637d41f2d904604a7d2bb829412d5d4d381d5cfb5b044d4b81deb3b44ffced9979d600f9a8711fac05c4e408dcdf5c230f6f3912bfeffd69472de9b957655499e2990fba26a9e23b156b7768f093956642327438e23df5fee55e885b679c9bcc3d3ec0b35acf834612310622399e6746f5fe79c0cca88dd2d73b2083fb6abe37e4d19699583fb1b8046e2505bcde2526e12321f910a2005fea"}, @TIPC_NLA_NODE_ID={0x35, 0x3, "650b190f9349cee7a89f0baefa15e35e8fddc2480dc011adcb1ecc7a9fff5d0f64080a0c8998298870ab9e23426d10612f"}, @TIPC_NLA_NODE_ID={0x49, 0x3, "c0b77ef5f912e156682c17da2b24eea11baf91b71d57172c534eed7f96b0c2227d22396a9aec6dbe4d57fdbfccdfc771f6f80f8b9c5fe40fa86984988c035f6f787c6d91cc"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "2a73b8b4821f3e9256d41613bb521e6da4b1e138"}}, @TIPC_NLA_NODE_REKEYING={0x8}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @broadcast}}, {0x14, 0x2, @in={0x2, 0x0, @private}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}]}, 0x268}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 334.017448ms ago: executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x0, 0x0, 0x0, 0x8}, &(0x7f00000002c0)=0x20) 333.173049ms ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getnexthop={0x20, 0x6a, 0x1, 0x0, 0x0, {}, [@NHA_OIF={0x8}]}, 0x20}}, 0x0) 288.650455ms ago: executing program 1: r0 = socket(0x10, 0x803, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b098ac4b2313118ac27223be51de34edc2252f3566202b4c94d53461e194cd72c3182cc14d7ed81c5f0838b9839dc07c9d477ab24889b145f2cd30f1998016aa19eff5b016847cf5c3e1b33800434803514e145e98b4f8e8e2e44ab8fc59c2465ed6543afa8052a71c835d09c8a8f58add989cb798bf2213f3994ffbb812aeafe14ad4cab9e1c95bfe1acc85b1407a888ca967735d8a2ac078091a456a5f7219e2900b1913efb87cd6cc301fd286e6bb5b2358d6b55afcbe1bb", 0x22a}], 0x1}, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x41}, {&(0x7f0000000280)=""/85, 0x5c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x288}, {&(0x7f00000007c0)=""/154, 0x32}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x6558}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 264.390459ms ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x7, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x24, 0x1a, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff1}}}, 0x24}}, 0x0) 263.956299ms ago: executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8, 0x5, r5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x44, 0x31, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r8, @ANYBLOB="edf7159c15afb0025753c13d74e3bb5bf6fa4afcf0929745e61f7b68c776e1abebb5e9e5cb3b300e9a4a7a71d0c8101e0c52245d29732bf32759815fc73bb7540b6f842943279ff7b9ea13f7d701ada0a65366ade5065a74ff17bba855f664f3da9128d87174d437f6a0b13366d51a91207bb75bce731f02ef3829e14ffa0ae042c64c60b0ebce75b9b61702d6508eeb69eee758da0456e599fe506097bb66b5a3f63902ec27cb6828a3e12a0fab7fa34da765e5ee304e6796d3ebdc907281225860a8209fadee103c331af04fce0310e92d1eb8bdf2a373526feddd27dc12c7dda277f66e37028146056e1484cf24"], 0x1c}}, 0x0) 211.474177ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r0}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r3, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000300), 0x0, 0x0, 0x0) 180.330432ms ago: executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00157ed0", @ANYRES16=0x0, @ANYRESOCT], 0x1, 0x178, &(0x7f0000000240)="$eJzslL9OAkEQxr/dQxDjE9hYSCIWHneHGhsKGisLE/8QCxOJnAQ9xMAVQmLhE/gMFr6Htj6EQRttsNL6zN4u3Gr4Y0yUGOdXzH17Ozs3O5d8IAji3/L48NYOXnNPBoBppJBQ75+NKIdr+feTL+e362uFy73ru0TbTParGQRf/34MwE3egN87+/F0Sj23wHt6GxwLShfAYCq9D44dpV0w7Cp9pOmayDfNw4rnmgc1rySEJYItgiNC9nN/nQuGktYf0/YbzdZx0fPc+g+KUfPr5DlyWn/6/+rOxtLmZ4PDVjoLhk2lV5HozkaORLv/TCyqb/zy/UmQIPHXRORPwRXDvOZPMc0/Mn71NNNothYr1WLZLbsnjpNdsZYsa9nJhEYk4xD/S4b+NKXVnxiQG2dxnBV9v27L2Fs7MvZzXB76H0d6Tq6F98cHdiP3mTrHQpU2hqQTBEGMjVmw0DNH4GyMu1GCIAiCIAiCIAiCIL7NewAAAP//Lt94Bg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f00000002c0)) sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4000) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) dup(r2) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000300)={[{@data_err_abort}, {@noblock_validity}, {@dioread_lock}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4b9, &(0x7f0000000c80)="$eJzs3M1vFOUfAPDvTF8ory38+P1+8qKsorERbWlB5eBBjSZcTEz0gMdaKkEKGFoTIUSKMXg0/gXq0cTEkxdPmhijnjRe9W5MiOECejA1sztDZ9kXt9uWCvv5JLt9npl59nm+M/PsPjtPZwPoWZXsKYnYEhE/R8RwLVu/QaX258a1i9N/XLs4ncTi4ku/J9Xtrl+7OF1sWpTbnGdG04j03ST2NKl37vyFU1OzszPn8vz4/Ok3xufOX3js5OmpEzMnZs5MHjly+NDEk09MPr4qcWZxXd/99tm9u46+8sEL04vx6nefZu3dkq8vx1EzsuI6K1EZiojFzNLSwerzQyt+9X+XraV00r+ODWFZ+iIiO1wD1f4/HH2xdPCG4/l3bma+XqcGAmsm+2za3rC0L/+b1j68gLtUoo9Djyo+8bPvv8Xjdo4/1tvVZ7LnmWr8N/JHbU1/pNl32ZHaN/a+FuX/t8L6t0TEsYU/P8we0fQ6BADA6voyG/882mz8l9aNbbblcygjEXEgInZExH8iYmdE/DcfB/0/Iu5ZZv2VW/KN458fN3YVWIey8d9T+dxW/fgvzbdIbua2VuMfSF47OTtzMN8nozGwIctPtKnjq+d+er/Vukpp/Jc9svqLsWDejt/6N9SXOT41P7WCkOtcvRyxu79Z/MnNmYBsD+yKiN1dvH62z04+8sneLL1tc+P6xvizkXY5/jZWYZ5p8eOIh2vHfyFuib+Q1GpqNT85PhSzMwfHi7Oi0fc/XHmxnB8opeviH+ospqFug20iO/6bmp7/efxFNyjma+eWX8eVX95r+Z2m8fgncWyhvEV+/pfeBbLzfzB5uZoezJe9NTU/f24iYjBfULd8cqlskS+2z+If3d+8/++I+OujvNyeiMhO4nsj4r6I2Je3/f6IeCAi9reJ/9tnH3y9/R5q1//XVhb/8XbHP2IkKc/Xd5HoO/XNF63q7+z973A1NZov6eT9r9MGrmTfAQAAwJ0irc5BJ+lYkS5dnNoZm9LZs3PzByrx5pnjtbnqkRhIiytdw6XroRP5teEiP3lL/lBEbK/+p9HGan5s+uzs1vUMHKjeq1PX/yNNx8Zq635t9U8vwN1jWfNo5bsDP/t89RsD3Fbu14Tepf9D79L/oXfp/9C7mvX/SxE31qEpwG3m8x96l/4PvUv/h96l/0NParwlvvihhW7u9F9K7Di6ouJrnlgcXpNXXlh+qb6585fXItIo/2hHy0QSEd1VEWn7bQY7qP3c3KX1OQHSf9zm6S53yzIS+/LEhojotNSljvbqap0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd76/AwAA//8zudg1") 0s ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0) kernel console output (not intermixed with test programs): 0:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f899b67cf69 code=0x0 [ 367.681650][ T26] audit: type=1804 audit(1717472704.080:122): pid=9308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=1 errno=0 [ 367.771564][ T9310] loop3: detected capacity change from 0 to 1024 [ 367.779462][ T9310] hfsplus: unable to parse mount options [ 367.970272][ T26] audit: type=1804 audit(1717472704.370:123): pid=9308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=1 errno=0 [ 368.462872][ T9314] loop3: detected capacity change from 0 to 1024 [ 368.476542][ T9314] hfsplus: unable to parse mount options [ 368.659502][ T26] audit: type=1326 audit(1717472704.980:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x0 [ 369.062761][ T3583] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 369.116474][ T26] audit: type=1326 audit(1717472705.520:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9319 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f899b67cf69 code=0x0 [ 369.323945][ T9325] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 369.771362][ T26] audit: type=1326 audit(1717472706.170:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6b4c7cf69 code=0x7ffc0000 [ 369.820174][ T9343] loop4: detected capacity change from 0 to 512 [ 369.854068][ T26] audit: type=1326 audit(1717472706.200:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6b4c7cf69 code=0x7ffc0000 [ 369.890719][ T9343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 369.916514][ T26] audit: type=1326 audit(1717472706.210:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6b4c7cf69 code=0x7ffc0000 [ 369.972065][ T9343] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 370.021484][ T9343] ext4 filesystem being mounted at /root/syzkaller-testdir1751149709/syzkaller.IrKEnF/25/file1 supports timestamps until 2038 (0x7fffffff) [ 370.039033][ T26] audit: type=1326 audit(1717472706.210:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6b4c7cf69 code=0x7ffc0000 [ 370.039082][ T26] audit: type=1326 audit(1717472706.210:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6b4c7cf69 code=0x7ffc0000 [ 370.140638][ T9343] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 370.245244][ T8775] EXT4-fs (loop4): unmounting filesystem. [ 370.310194][ T9357] loop3: detected capacity change from 0 to 1024 [ 370.317611][ T9357] hfsplus: unable to parse mount options [ 371.056441][ T9364] loop3: detected capacity change from 0 to 1024 [ 371.068787][ T9364] hfsplus: unable to parse mount options [ 372.216589][ T9361] bond0: (slave macsec1): Error -34 calling dev_set_mtu [ 372.317891][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 372.317909][ T26] audit: type=1326 audit(1717472708.720:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f7605e7a6e7 code=0x0 [ 372.347544][ T9367] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 372.710208][ T9381] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 372.751107][ T26] audit: type=1326 audit(1717472709.150:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x0 [ 372.905608][ T9398] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 372.953007][ T9394] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 373.253038][ T9403] loop4: detected capacity change from 0 to 1024 [ 373.298172][ T9403] UDF-fs: bad mount option "subj_type=" or missing value [ 375.033925][ T26] audit: type=1326 audit(1717472711.080:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9411 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 375.558766][ T9431] loop3: detected capacity change from 0 to 128 [ 375.655804][ T9431] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 375.726242][ T9431] ext4 filesystem being mounted at mnt:[4026532846] supports timestamps until 2038 (0x7fffffff) [ 375.807999][ T9431] EXT4-fs (loop3): unmounting filesystem. [ 375.903478][ T9442] overlayfs: failed to clone upperpath [ 376.039606][ T9452] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 376.070406][ T9452] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 376.078517][ T9452] IPv6: NLM_F_CREATE should be set when creating new route [ 376.085928][ T9452] IPv6: NLM_F_CREATE should be set when creating new route [ 377.193799][ T26] audit: type=1326 audit(1717472713.190:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9449 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 377.709466][ T9484] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 377.783816][ T9484] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 378.365950][ T9505] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 378.456864][ T9511] loop4: detected capacity change from 0 to 512 [ 378.480330][ T1256] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.486804][ T1256] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.522130][ T9511] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 378.554245][ T9511] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 378.592228][ T9470] loop3: detected capacity change from 0 to 32768 [ 378.642312][ T9470] XFS (loop3): Mounting V5 Filesystem [ 378.764089][ T9470] XFS (loop3): Ending clean mount [ 378.775863][ T9470] XFS (loop3): Quotacheck needed: Please wait. [ 378.852266][ T9470] XFS (loop3): Quotacheck: Done. [ 378.911158][ T26] audit: type=1804 audit(1717472715.310:170): pid=9470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir943652291/syzkaller.pTmr6F/354/file0/bus" dev="loop3" ino=9291 res=1 errno=0 [ 379.014437][ T3579] XFS (loop3): Unmounting Filesystem [ 379.591319][ T9541] loop1: detected capacity change from 0 to 512 [ 379.650271][ T9541] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 379.673562][ T9541] ext4 filesystem being mounted at /root/syzkaller-testdir2177872071/syzkaller.Vw6DzJ/229/file0 supports timestamps until 2038 (0x7fffffff) [ 379.735044][ T5879] EXT4-fs (loop1): unmounting filesystem. [ 380.270721][ T9556] overlayfs: failed to clone upperpath [ 380.333513][ T3589] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 380.351314][ T3589] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 380.360328][ T3589] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 380.375103][ T3589] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 380.384544][ T3589] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 380.392334][ T3589] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 380.428541][ T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.614815][ T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.744320][ T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.833227][ T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.090045][ T9568] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 381.150628][ T9557] chnl_net:caif_netlink_parms(): no params data found [ 381.370596][ T9554] loop3: detected capacity change from 0 to 32768 [ 381.432609][ T9557] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.447562][ T9554] XFS (loop3): Mounting V5 Filesystem [ 381.456677][ T9557] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.466643][ T9557] device bridge_slave_0 entered promiscuous mode [ 381.485085][ T9557] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.492313][ T9557] bridge0: port 2(bridge_slave_1) entered disabled state [ 381.502250][ T9557] device bridge_slave_1 entered promiscuous mode [ 381.634999][ T9554] XFS (loop3): Ending clean mount [ 381.670684][ T9557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 381.718125][ T4947] XFS (loop3): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 [ 381.718786][ T9557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.738786][ T4947] XFS (loop3): Unmount and run xfs_repair [ 381.752460][ T4947] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 381.769345][ T4947] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 381.791679][ T4947] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 381.800957][ T4947] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 381.810288][ T26] audit: type=1804 audit(1717472718.210:171): pid=9561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="bus" dev="sda1" ino=1962 res=1 errno=0 [ 381.831947][ T4947] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 381.849731][ T4947] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 381.861434][ T4947] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 381.879554][ T4947] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 381.902350][ T4947] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 381.922394][ T9554] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74 [ 381.975121][ T9554] XFS (loop3): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573). Shutting down filesystem. [ 381.991891][ T9554] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 382.030298][ T9557] team0: Port device team_slave_0 added [ 382.049792][ T9557] team0: Port device team_slave_1 added [ 382.087306][ T9557] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 382.094949][ T9557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 382.121060][ T9557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 382.135630][ T9557] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 382.142627][ T9557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 382.185535][ T9557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 382.204673][ T3579] XFS (loop3): Unmounting Filesystem [ 382.486014][ T3589] Bluetooth: hci3: command tx timeout [ 382.817073][ T9557] device hsr_slave_0 entered promiscuous mode [ 382.942826][ T9557] device hsr_slave_1 entered promiscuous mode [ 383.073927][ T9557] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 383.167193][ T9557] Cannot create hsr debugfs directory [ 384.073006][ T46] device hsr_slave_0 left promiscuous mode [ 384.116198][ T46] device hsr_slave_1 left promiscuous mode [ 384.144857][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 384.160316][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 384.413906][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 384.421405][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 384.453771][ T46] device bridge_slave_1 left promiscuous mode [ 384.476088][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 384.555808][ T46] device bridge_slave_0 left promiscuous mode [ 384.562113][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.569963][ T3583] Bluetooth: hci3: command tx timeout [ 384.814171][ T46] device veth1_macvtap left promiscuous mode [ 384.822632][ T46] device veth0_macvtap left promiscuous mode [ 384.850503][ T46] device veth1_vlan left promiscuous mode [ 384.867847][ T46] device veth0_vlan left promiscuous mode [ 385.158928][ T9613] loop3: detected capacity change from 0 to 32768 [ 385.254088][ T9613] XFS (loop3): Mounting V5 Filesystem [ 385.426459][ T9613] XFS (loop3): Ending clean mount [ 385.433524][ T9613] XFS (loop3): Unmounting Filesystem [ 385.545652][ T26] audit: type=1804 audit(1717472721.950:172): pid=9618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1952 res=1 errno=0 [ 385.575182][ T9620] loop1: detected capacity change from 0 to 32768 [ 385.679253][ T9620] XFS (loop1): Mounting V5 Filesystem [ 385.787684][ T46] team0 (unregistering): Port device team_slave_1 removed [ 385.877703][ T46] team0 (unregistering): Port device team_slave_0 removed [ 385.921650][ T9620] XFS (loop1): Ending clean mount [ 385.949661][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 385.950705][ T9620] XFS (loop1): Quotacheck needed: Please wait. [ 386.024339][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 386.081496][ T9620] XFS (loop1): Quotacheck: Done. [ 386.231259][ T46] bond0 (unregistering): Released all slaves [ 386.442082][ T5879] XFS (loop1): Unmounting Filesystem [ 386.639645][ T3583] Bluetooth: hci3: command tx timeout [ 387.022850][ T9557] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 387.058485][ T9557] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 387.108878][ T9557] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 387.194878][ T9557] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 387.977745][ T9557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 388.063310][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 388.084932][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 388.134221][ T9557] 8021q: adding VLAN 0 to HW filter on device team0 [ 388.178664][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 388.194905][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 388.217606][ T4947] bridge0: port 1(bridge_slave_0) entered blocking state [ 388.224862][ T4947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 388.265527][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 388.286253][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 388.309272][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 388.331497][ T4947] bridge0: port 2(bridge_slave_1) entered blocking state [ 388.338821][ T4947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 388.370537][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 388.378846][ T26] audit: type=1326 audit(1717472724.770:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9666 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 388.415311][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 388.437313][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 388.461678][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 388.468136][ T9661] loop3: detected capacity change from 0 to 32768 [ 388.502657][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 388.515259][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 388.537245][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 388.559089][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 388.629607][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 388.638792][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 388.647456][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 388.658708][ T9557] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 388.666416][ T9661] XFS (loop3): Mounting V5 Filesystem [ 388.715407][ T3583] Bluetooth: hci3: command tx timeout [ 388.836995][ T9661] XFS (loop3): Ending clean mount [ 388.866498][ T9661] XFS (loop3): Quotacheck needed: Please wait. [ 388.979767][ T9661] XFS (loop3): Quotacheck: Done. [ 389.032933][ T26] audit: type=1804 audit(1717472725.430:174): pid=9661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir943652291/syzkaller.pTmr6F/361/file0/bus" dev="loop3" ino=9291 res=1 errno=0 [ 389.177426][ T3579] XFS (loop3): Unmounting Filesystem [ 389.526923][ T9557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 389.559493][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 389.584738][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 390.647854][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 390.670032][ T4949] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 390.749014][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 390.762886][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 390.796470][ T9557] device veth0_vlan entered promiscuous mode [ 390.816503][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 390.838257][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 390.890917][ T9557] device veth1_vlan entered promiscuous mode [ 390.966961][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 390.977228][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 391.001226][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 391.025884][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 391.071713][ T9557] device veth0_macvtap entered promiscuous mode [ 391.114893][ T9557] device veth1_macvtap entered promiscuous mode [ 391.153112][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.170075][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.180109][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.198478][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.214890][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.226536][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.236843][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.298464][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.343760][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.382883][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.415423][ T9557] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 391.434691][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 391.452192][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 391.465941][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 391.484719][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 391.508243][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.550337][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.571802][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.613221][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.651001][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.670095][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.710294][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.720955][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.764725][ T9557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.800694][ T9557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.826632][ T9557] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 391.840684][ T4843] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 391.853380][ T4843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 391.876858][ T9557] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.896470][ T9557] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.913391][ T9557] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.931851][ T9557] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.155043][ T3802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 392.163598][ T3802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.209621][ T4840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 392.280356][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 392.307760][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.361496][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 393.056368][ T9761] loop3: detected capacity change from 0 to 32768 [ 393.118505][ T9761] XFS (loop3): Mounting V5 Filesystem [ 393.236372][ T9761] XFS (loop3): Ending clean mount [ 393.247400][ T9761] XFS (loop3): Unmounting Filesystem [ 394.394416][ T14] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 394.560557][ T9857] loop3: detected capacity change from 0 to 1024 [ 395.057687][ T46] hfsplus: b-tree write err: -5, ino 4 [ 395.548071][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.559328][ T14] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 395.568510][ T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.578468][ T14] usb 2-1: config 0 descriptor?? [ 395.624338][ T14] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 396.275142][ T9870] loop3: detected capacity change from 0 to 32768 [ 396.287580][ T9870] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (9870) [ 396.311865][ T9870] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 396.328248][ T9870] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 396.346260][ T9870] BTRFS info (device loop3): using free space tree [ 396.461115][ T9870] BTRFS info (device loop3): enabling ssd optimizations [ 396.539117][ T3579] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 397.567239][ T14] usb 2-1: USB disconnect, device number 10 [ 399.433818][ T9950] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 400.528410][ T26] audit: type=1804 audit(1717472736.930:175): pid=9983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="file1" dev="sda1" ino=1965 res=1 errno=0 [ 400.869409][ T9992] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 402.170495][ T22] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 402.555175][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.584974][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.618704][ T22] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 402.635358][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.650577][ T22] usb 4-1: config 0 descriptor?? [ 402.879537][T10026] loop4: detected capacity change from 0 to 40427 [ 402.907048][T10026] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 402.914953][T10026] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 402.932409][T10026] F2FS-fs (loop4): invalid crc value [ 402.979133][T10026] F2FS-fs (loop4): Found nat_bits in checkpoint [ 403.132917][T10026] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 403.153214][T10026] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 403.214036][ T22] usbhid 4-1:0.0: can't add hid device: -71 [ 403.229857][ T22] usbhid: probe of 4-1:0.0 failed with error -71 [ 403.252162][ T22] usb 4-1: USB disconnect, device number 10 [ 403.268455][ T9557] syz-executor.4: attempt to access beyond end of device [ 403.268455][ T9557] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 404.644636][ T22] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 405.063730][ T22] usb 2-1: Using ep0 maxpacket: 32 [ 405.293881][ T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 405.322519][ T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 405.368017][ T22] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 405.406914][ T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.437833][ T22] usb 2-1: config 0 descriptor?? [ 405.474075][T10098] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 405.494502][ T22] hub 2-1:0.0: USB hub found [ 405.714018][ T22] hub 2-1:0.0: 2 ports detected [ 405.973985][ T22] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 405.981079][ T22] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 406.078903][ T38] device hsr_slave_0 left promiscuous mode [ 406.104531][ T38] device hsr_slave_1 left promiscuous mode [ 406.114264][ T38] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 406.121760][ T38] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 406.133798][ T22] usbhid 2-1:0.0: can't add hid device: -71 [ 406.139859][ T22] usbhid: probe of 2-1:0.0 failed with error -71 [ 406.181310][ T38] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 406.196997][ T22] usb 2-1: USB disconnect, device number 11 [ 406.212137][ T38] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 406.242140][ T38] device bridge_slave_1 left promiscuous mode [ 406.251351][ T38] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.300082][ T38] device bridge_slave_0 left promiscuous mode [ 406.312739][ T38] bridge0: port 1(bridge_slave_0) entered disabled state [ 406.360610][ T38] device veth1_macvtap left promiscuous mode [ 406.378161][ T38] device veth0_macvtap left promiscuous mode [ 406.395286][ T38] device veth1_vlan left promiscuous mode [ 406.429764][ T38] device veth0_vlan left promiscuous mode [ 407.076144][T10148] syz-executor.0[10148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.076621][T10148] syz-executor.0[10148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.994365][T10131] loop4: detected capacity change from 0 to 32768 [ 408.097528][T10156] loop3: detected capacity change from 0 to 16 [ 408.106173][ T38] bond1 (unregistering): Released all slaves [ 408.118772][T10131] XFS (loop4): Mounting V5 Filesystem [ 408.149138][T10156] erofs: (device loop3): mounted with root inode @ nid 36. [ 408.238509][T10131] XFS (loop4): Ending clean mount [ 408.262012][T10131] XFS (loop4): Quotacheck needed: Please wait. [ 408.356790][T10131] XFS (loop4): Quotacheck: Done. [ 408.521330][ T38] team0 (unregistering): Port device team_slave_1 removed [ 408.562242][ T9557] XFS (loop4): Unmounting Filesystem [ 408.669508][ T38] team0 (unregistering): Port device team_slave_0 removed [ 408.775971][ T38] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.854140][ T38] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 408.978587][T10176] kvm [10175]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3ce00000000 [ 409.022151][T10176] kvm [10175]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x110000000000 [ 409.079011][T10176] kvm [10175]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0x35ce00000000 [ 409.126831][T10176] kvm [10175]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x51ce00000000 [ 409.178291][ T38] bond0 (unregistering): Released all slaves [ 409.190102][T10176] kvm [10175]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x584500000800 [ 409.278531][ T26] audit: type=1800 audit(1717472745.680:176): pid=10181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="overlay" ino=1972 res=0 errno=0 [ 411.810375][T10227] loop1: detected capacity change from 0 to 1024 [ 411.818061][T10227] hfsplus: unable to parse mount options [ 412.639563][T10237] loop1: detected capacity change from 0 to 1024 [ 412.649842][T10237] hfsplus: unable to parse mount options [ 414.442304][ T26] audit: type=1326 audit(1717472750.840:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10226 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f899b67cf69 code=0x0 [ 416.403041][T10301] input: syz0 as /devices/virtual/input/input8 [ 416.881088][T10314] loop3: detected capacity change from 0 to 16 [ 416.905645][T10314] erofs: (device loop3): mounted with root inode @ nid 36. [ 417.483831][ T26] audit: type=1800 audit(1717472753.890:178): pid=10329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1967 res=0 errno=0 [ 417.849728][T10338] overlayfs: failed to clone upperpath [ 417.859452][ T26] audit: type=1800 audit(1717472754.260:179): pid=10338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1970 res=0 errno=0 [ 418.802706][T10368] loop4: detected capacity change from 0 to 16 [ 418.812287][T10368] erofs: (device loop4): mounted with root inode @ nid 36. [ 421.066959][T10414] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 422.297906][T10430] loop3: detected capacity change from 0 to 16 [ 422.377817][T10430] erofs: (device loop3): mounted with root inode @ nid 36. [ 423.034202][ T14] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 423.406251][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 423.438772][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 423.470996][ T14] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 423.502693][ T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.535860][ T14] usb 2-1: config 0 descriptor?? [ 424.793946][ T14] usbhid 2-1:0.0: can't add hid device: -71 [ 424.801380][ T14] usbhid: probe of 2-1:0.0 failed with error -71 [ 424.852048][ T14] usb 2-1: USB disconnect, device number 12 [ 425.508049][T10443] loop4: detected capacity change from 0 to 65536 [ 425.623498][ T26] audit: type=1800 audit(1717472762.030:180): pid=10490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 425.953783][ T4838] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 426.344993][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 426.392532][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 426.454559][ T4838] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 426.500702][ T4838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.517154][ T4838] usb 4-1: config 0 descriptor?? [ 427.056218][ T4838] usbhid 4-1:0.0: can't add hid device: -71 [ 427.062281][ T4838] usbhid: probe of 4-1:0.0 failed with error -71 [ 427.094351][ T4838] usb 4-1: USB disconnect, device number 11 [ 428.494654][ T3622] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 428.894090][ T3622] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 428.923379][ T3622] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.961463][ T3622] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 428.991447][ T3622] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.022066][ T3622] usb 4-1: config 0 descriptor?? [ 429.502023][ T26] audit: type=1804 audit(1717472765.900:181): pid=10574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1941 res=1 errno=0 [ 429.573887][ T3622] usbhid 4-1:0.0: can't add hid device: -71 [ 429.580111][ T3622] usbhid: probe of 4-1:0.0 failed with error -71 [ 429.598000][T10630] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'. [ 429.625377][ T3622] usb 4-1: USB disconnect, device number 12 [ 430.355375][T10658] loop4: detected capacity change from 0 to 1024 [ 430.456667][T10658] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 431.361825][T10661] loop3: detected capacity change from 0 to 32768 [ 431.639509][T10661] XFS (loop3): Mounting V5 Filesystem [ 431.753929][ T4841] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 431.807463][T10661] XFS (loop3): Ending clean mount [ 431.840293][T10661] XFS (loop3): Quotacheck needed: Please wait. [ 431.980404][T10661] XFS (loop3): Quotacheck: Done. [ 432.053985][ T26] audit: type=1804 audit(1717472768.460:182): pid=10661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir943652291/syzkaller.pTmr6F/425/file0/bus" dev="loop3" ino=9291 res=1 errno=0 [ 432.133990][ T4841] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 432.159421][ T4841] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 432.188517][ T4841] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 432.224796][ T4841] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.243294][ T4841] usb 2-1: config 0 descriptor?? [ 432.276748][ T3579] XFS (loop3): Unmounting Filesystem [ 433.458652][ T26] audit: type=1326 audit(1717472769.860:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10695 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 434.083870][ T4841] usbhid 2-1:0.0: can't add hid device: -71 [ 434.089925][ T4841] usbhid: probe of 2-1:0.0 failed with error -71 [ 434.104110][ T4841] usb 2-1: USB disconnect, device number 13 [ 434.999528][T10731] loop3: detected capacity change from 0 to 16 [ 435.025654][T10731] erofs: (device loop3): mounted with root inode @ nid 36. [ 435.579862][T10740] loop4: detected capacity change from 0 to 1024 [ 435.595405][ T26] audit: type=1804 audit(1717472772.000:184): pid=10717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1967 res=1 errno=0 [ 435.633404][T10740] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 440.031491][ T26] audit: type=1326 audit(1717472775.950:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10802 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 440.063136][ T1256] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.069666][ T1256] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.375931][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 440.490381][T10826] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. [ 440.502553][T10826] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 440.523792][T10826] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 440.536300][T10826] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 440.931259][T10851] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 441.427463][T10884] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 441.764622][T10890] loop1: detected capacity change from 0 to 1024 [ 441.881853][T10890] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 443.297478][T10939] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 443.725411][T10960] loop1: detected capacity change from 0 to 1024 [ 443.831949][T10965] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 443.987410][T10960] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 444.434094][T10967] loop3: detected capacity change from 0 to 16 [ 444.477662][T10967] erofs: (device loop3): mounted with root inode @ nid 36. [ 446.238375][T11027] loop4: detected capacity change from 0 to 16 [ 446.254244][T11027] erofs: (device loop4): mounted with root inode @ nid 36. [ 446.883718][ T4704] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 447.253891][ T4704] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 447.280906][ T4704] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 447.302888][ T4704] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 447.326464][ T4704] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.379849][ T4704] usb 2-1: config 0 descriptor?? [ 447.879429][T11072] loop3: detected capacity change from 0 to 16 [ 447.891170][T11072] erofs: (device loop3): mounted with root inode @ nid 36. [ 447.944174][ T4704] usb 2-1: string descriptor 0 read error: -71 [ 447.958024][ T4704] usb 2-1: USB disconnect, device number 14 [ 448.553946][ T4947] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 448.923972][ T4947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.955081][ T4947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.016000][ T4947] usb 5-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 449.059376][ T4947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.101184][ T4947] usb 5-1: config 0 descriptor?? [ 449.344879][T11112] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 449.596013][ T4947] zydacron 0003:13EC:0006.0004: unknown main item tag 0x0 [ 449.603231][ T4947] zydacron 0003:13EC:0006.0004: unknown main item tag 0x0 [ 449.628550][ T4947] zydacron 0003:13EC:0006.0004: unknown main item tag 0x0 [ 449.641307][ T4947] zydacron 0003:13EC:0006.0004: unknown main item tag 0x0 [ 449.656119][ T4947] zydacron 0003:13EC:0006.0004: item fetching failed at offset 4/5 [ 449.674222][ T4947] zydacron 0003:13EC:0006.0004: parse failed [ 449.682161][ T4947] zydacron: probe of 0003:13EC:0006.0004 failed with error -22 [ 449.797060][ T3620] usb 5-1: USB disconnect, device number 8 [ 450.021056][T11140] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 450.884003][ T4838] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 451.136450][ T4838] usb 4-1: Using ep0 maxpacket: 16 [ 451.274173][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 451.307814][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 451.333752][ T4838] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 451.364317][ T4838] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 451.384549][ T4838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.435274][ T4838] usb 4-1: config 0 descriptor?? [ 451.715076][ T26] audit: type=1326 audit(1717472788.120:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 451.773814][ T26] audit: type=1326 audit(1717472788.140:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 451.812514][ T26] audit: type=1326 audit(1717472788.140:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 451.849617][ T26] audit: type=1326 audit(1717472788.140:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 451.880446][ T26] audit: type=1326 audit(1717472788.140:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b5e7cf69 code=0x7ffc0000 [ 451.938238][ T26] audit: type=1326 audit(1717472788.140:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 451.961779][ T26] audit: type=1326 audit(1717472788.140:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 451.985200][ T26] audit: type=1326 audit(1717472788.140:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 452.008675][ T26] audit: type=1326 audit(1717472788.140:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 452.013983][ T4838] usbhid 4-1:0.0: can't add hid device: -71 [ 452.035368][ T26] audit: type=1326 audit(1717472788.140:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b5e7cf69 code=0x7ffc0000 [ 452.090687][ T4838] usbhid: probe of 4-1:0.0 failed with error -71 [ 452.113292][ T4838] usb 4-1: USB disconnect, device number 13 [ 452.615070][T11234] loop3: detected capacity change from 0 to 1024 [ 452.622347][T11234] hfsplus: unable to parse mount options [ 453.368432][T11243] loop3: detected capacity change from 0 to 1024 [ 453.381135][T11243] hfsplus: unable to parse mount options [ 455.713476][T11284] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 457.415246][ T26] kauditd_printk_skb: 1251 callbacks suppressed [ 457.415266][ T26] audit: type=1326 audit(1717472793.800:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 457.489403][ T26] audit: type=1326 audit(1717472793.810:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b5e7cf69 code=0x7ffc0000 [ 457.529129][ T26] audit: type=1326 audit(1717472793.810:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 457.580051][ T26] audit: type=1326 audit(1717472793.810:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 457.653807][ T26] audit: type=1326 audit(1717472793.810:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b5e7cf69 code=0x7ffc0000 [ 457.728417][ T26] audit: type=1326 audit(1717472793.850:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b5e7cf69 code=0x7ffc0000 [ 457.793682][ T26] audit: type=1326 audit(1717472793.850:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 457.862158][ T26] audit: type=1326 audit(1717472793.850:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 457.922847][ T26] audit: type=1326 audit(1717472793.850:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03b5e7a6e7 code=0x7ffc0000 [ 457.997701][ T26] audit: type=1326 audit(1717472793.850:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03b5e403c9 code=0x7ffc0000 [ 458.086106][T11307] input: syz1 as /devices/virtual/input/input9 [ 458.411212][T11320] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 459.240257][T11333] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 460.013442][T11374] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 460.866516][T11385] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 460.911932][T11385] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 462.541347][T11414] loop1: detected capacity change from 0 to 32768 [ 462.564980][T11414] XFS (loop1): Mounting V5 Filesystem [ 462.672248][T11414] XFS (loop1): Ending clean mount [ 462.704549][T11414] XFS (loop1): Quotacheck needed: Please wait. [ 462.822136][T11414] XFS (loop1): Quotacheck: Done. [ 462.872278][ T26] kauditd_printk_skb: 229 callbacks suppressed [ 462.872333][ T26] audit: type=1804 audit(1717472799.270:1686): pid=11414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2177872071/syzkaller.Vw6DzJ/397/file0/bus" dev="loop1" ino=9291 res=1 errno=0 [ 463.022459][ T5879] XFS (loop1): Unmounting Filesystem [ 463.866558][T11483] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 464.400266][T11510] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 464.544858][ T22] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 464.920005][T11525] loop4: detected capacity change from 0 to 1024 [ 464.927181][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 464.941360][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 464.951910][ T22] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 464.961712][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.975376][ T22] usb 4-1: config 0 descriptor?? [ 464.980643][T11525] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 465.321232][T11533] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.389876][T11535] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.458619][ T22] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 465.471409][ T22] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 465.488479][ T22] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 465.493322][T11539] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.504042][ T22] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 465.514314][ T22] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 465.534977][ T22] cm6533_jd 0003:0D8C:0022.0005: No inputs registered, leaving [ 465.586075][ T22] cm6533_jd 0003:0D8C:0022.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 465.661707][ T22] usb 4-1: USB disconnect, device number 14 [ 465.916065][T11555] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 465.973266][T11559] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 466.061797][T11563] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 466.608665][T11592] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 466.648517][T11594] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 466.736511][T11586] kvm [11584]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3ce00000000 [ 466.802391][T11601] loop3: detected capacity change from 0 to 512 [ 466.820968][T11601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 466.841808][T11601] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 466.855701][T11601] EXT4-fs (loop3): orphan cleanup on readonly fs [ 466.870747][T11601] EXT4-fs warning (device loop3): ext4_enable_quotas:7012: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 466.893871][T11601] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 466.919285][T11601] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor.3: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 467.007546][T11601] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 13 (err -117) [ 467.040031][T11601] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 467.067091][T11601] EXT4-fs error (device loop3): ext4_lookup:1855: comm syz-executor.3: inode #15: comm syz-executor.3: iget: illegal inode # [ 467.129917][T11601] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 467.155090][T11601] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 467.202868][T11601] EXT4-fs warning (device loop3): ext4_enable_quotas:7012: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 467.292391][ T3579] EXT4-fs (loop3): unmounting filesystem. [ 467.426399][ T26] audit: type=1326 audit(1717472803.830:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.503545][ T26] audit: type=1326 audit(1717472803.830:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.592553][ T26] audit: type=1326 audit(1717472803.850:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.697602][ T26] audit: type=1326 audit(1717472803.860:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.849925][ T26] audit: type=1326 audit(1717472803.860:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.881155][T11621] loop4: detected capacity change from 0 to 1024 [ 467.909506][ T26] audit: type=1326 audit(1717472803.860:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 467.963344][T11625] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 468.210174][ T26] audit: type=1326 audit(1717472803.860:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 468.587563][T11621] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 468.597876][ T26] audit: type=1326 audit(1717472803.860:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7605e7a6e7 code=0x7ffc0000 [ 468.679204][T11629] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 468.727263][ T26] audit: type=1326 audit(1717472803.870:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7605e403c9 code=0x7ffc0000 [ 468.814175][ T26] audit: type=1326 audit(1717472803.870:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7605e7a6e7 code=0x7ffc0000 [ 468.875492][ T26] audit: type=1326 audit(1717472803.870:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7605e403c9 code=0x7ffc0000 [ 468.908845][ T26] audit: type=1326 audit(1717472803.870:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7605e7cf69 code=0x7ffc0000 [ 468.939065][ T26] audit: type=1326 audit(1717472803.870:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7605e7a6e7 code=0x7ffc0000 [ 468.969603][ T26] audit: type=1326 audit(1717472803.870:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7605e403c9 code=0x7ffc0000 [ 468.999479][ T26] audit: type=1326 audit(1717472803.870:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7605e7a6e7 code=0x7ffc0000 [ 469.309488][ T22] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 469.403827][T11646] kvm [11645]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3ce00000000 [ 469.754242][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 469.781119][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 469.809548][ T22] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 469.833689][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.859959][ T22] usb 4-1: config 0 descriptor?? [ 470.286488][T11660] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 470.446365][ T22] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 470.521652][ T22] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 470.672331][ T22] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 470.864899][ T22] cm6533_jd 0003:0D8C:0022.0006: No inputs registered, leaving [ 470.966172][T11664] __nla_validate_parse: 1 callbacks suppressed [ 470.966274][T11664] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 470.998833][ T22] cm6533_jd 0003:0D8C:0022.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 471.027548][ T22] usb 4-1: USB disconnect, device number 15 [ 471.474818][T11684] kvm [11682]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3ce00000000 [ 472.057136][T11696] loop3: detected capacity change from 0 to 1024 [ 472.100605][T11696] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 472.684076][T11706] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 473.829937][T11724] loop1: detected capacity change from 0 to 256 [ 473.839017][T11724] exfat: Deprecated parameter 'utf8' [ 473.845182][T11724] exfat: Deprecated parameter 'namecase' [ 473.851249][T11724] exfat: Deprecated parameter 'utf8' [ 473.870397][T11724] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 474.734195][T11743] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 475.648719][T11755] syz-executor.3[11755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.648831][T11755] syz-executor.3[11755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.686429][T11755] syz-executor.3[11755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.700067][T11755] syz-executor.3[11755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 477.493432][T11789] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 478.713685][ T14] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 479.014389][T11823] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 479.874335][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 479.897748][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 479.923736][ T14] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 479.943206][ T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.977407][ T14] usb 2-1: config 0 descriptor?? [ 480.465277][ T14] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 480.486792][ T14] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 480.510888][ T14] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 480.531759][ T14] cm6533_jd 0003:0D8C:0022.0007: No inputs registered, leaving [ 480.589659][ T14] cm6533_jd 0003:0D8C:0022.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 480.669599][ T14] usb 2-1: USB disconnect, device number 15 [ 480.874668][T11857] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 481.965099][ T26] kauditd_printk_skb: 50 callbacks suppressed [ 481.965116][ T26] audit: type=1326 audit(1717472818.370:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.049200][ T26] audit: type=1326 audit(1717472818.400:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.076781][ T26] audit: type=1326 audit(1717472818.400:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.116984][ T26] audit: type=1326 audit(1717472818.400:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.252490][ T26] audit: type=1326 audit(1717472818.400:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.373819][ T4838] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 482.443296][ T26] audit: type=1326 audit(1717472818.400:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.540061][ T26] audit: type=1326 audit(1717472818.400:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.563299][ T26] audit: type=1326 audit(1717472818.400:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11877 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 482.774802][ T4838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 482.808576][ T4838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 482.829970][ T3589] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 482.909058][T11901] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 482.926053][ T3589] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 482.937832][ T3802] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.020151][ T3589] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 483.040228][ T3589] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 483.052209][ T3589] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 483.061198][ T3589] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 483.562966][ T4838] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 483.572170][ T4838] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.583699][ T4838] usb 2-1: config 0 descriptor?? [ 483.646438][ T3802] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.747954][ T3802] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.889856][ T3802] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.066829][ T4838] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 484.083731][ T4838] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 484.091116][ T4838] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 484.099086][ T4838] cm6533_jd 0003:0D8C:0022.0008: No inputs registered, leaving [ 484.109228][ T4838] cm6533_jd 0003:0D8C:0022.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 484.269515][ T14] usb 2-1: USB disconnect, device number 16 [ 484.306904][T11899] chnl_net:caif_netlink_parms(): no params data found [ 484.412431][T11926] loop4: detected capacity change from 0 to 16 [ 484.432695][T11926] erofs: (device loop4): mounted with root inode @ nid 36. [ 484.654092][T11899] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.667444][T11899] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.697542][T11899] device bridge_slave_0 entered promiscuous mode [ 484.731294][T11899] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.749317][T11899] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.789394][T11899] device bridge_slave_1 entered promiscuous mode [ 485.071757][T11899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 485.114073][ T3589] Bluetooth: hci0: command tx timeout [ 485.145002][T11940] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 486.434245][T11899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 486.529401][T11899] team0: Port device team_slave_0 added [ 486.627547][T11899] team0: Port device team_slave_1 added [ 486.740438][T11899] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.801709][T11899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.867085][T11899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.962527][T11899] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.970918][T11899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 487.041706][T11899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 487.203693][ T3583] Bluetooth: hci0: command tx timeout [ 487.302535][T11899] device hsr_slave_0 entered promiscuous mode [ 487.372769][T11973] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 487.414050][ T32] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 487.591033][T11899] device hsr_slave_1 entered promiscuous mode [ 487.779051][T11899] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 487.894737][ T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.990833][T11899] Cannot create hsr debugfs directory [ 488.048720][ T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 488.084254][ T32] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 488.093462][ T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.112617][ T32] usb 2-1: config 0 descriptor?? [ 488.142399][ T3802] device hsr_slave_0 left promiscuous mode [ 488.155761][ T3802] device hsr_slave_1 left promiscuous mode [ 488.173128][ T3802] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 488.183354][ T3802] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 488.224286][ T3802] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 488.234635][ T3802] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 488.245315][ T3802] device bridge_slave_1 left promiscuous mode [ 488.251790][ T3802] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.261009][ T3802] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.272720][ T3802] rdma_rxe: ignoring netdev event = 10 for team_slave_1 [ 488.285738][ T3802] device veth1_macvtap left promiscuous mode [ 488.292149][ T3802] device veth0_macvtap left promiscuous mode [ 488.298559][ T3802] device veth1_vlan left promiscuous mode [ 488.371831][ T3802] rdma_rxe: ignoring netdev event = 27 for team_slave_1 [ 488.384273][ T3802] infiniband syz2: set down [ 488.600593][ T32] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 488.623919][ T32] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 488.640298][ T32] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 488.663861][ T32] cm6533_jd 0003:0D8C:0022.0009: No inputs registered, leaving [ 488.672656][ T3802] rdma_rxe: ignoring netdev event = 27 for team_slave_1 [ 488.682149][ T32] cm6533_jd 0003:0D8C:0022.0009: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 488.693768][ T3802] rdma_rxe: ignoring netdev event = 26 for team_slave_1 [ 488.715249][ T3802] rdma_rxe: ignoring netdev event = 21 for team_slave_1 [ 488.737792][ T3802] rdma_rxe: ignoring netdev event = 9 for team_slave_1 [ 488.751485][ T3802] rdma_rxe: ignoring netdev event = 8 for team_slave_1 [ 488.773086][ T3802] team0 (unregistering): Port device team_slave_1 removed [ 488.791080][ T3800] smc: removing ib device syz2 [ 488.800518][ T4700] usb 2-1: USB disconnect, device number 17 [ 488.812938][ T3802] team0 (unregistering): Port device team_slave_0 removed [ 488.852265][ T3802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.913165][ T3802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 489.066790][ T3802] bond0 (unregistering): Released all slaves [ 489.273864][ T3589] Bluetooth: hci0: command tx timeout [ 490.491556][T12009] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 491.353797][ T3589] Bluetooth: hci0: command tx timeout [ 491.701123][ T32] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 491.980045][T11899] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 492.119587][T12036] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 492.531012][T11899] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 492.650314][T11899] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 492.712489][T11899] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 492.942505][T11899] 8021q: adding VLAN 0 to HW filter on device bond0 [ 492.997313][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 493.010196][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 493.038846][T11899] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.070545][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 493.087123][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 493.116898][ T3622] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.124202][ T3622] bridge0: port 1(bridge_slave_0) entered forwarding state [ 493.163787][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 493.196074][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 493.226863][ T32] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 493.252896][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 493.291776][ T32] usb 4-1: config 0 descriptor?? [ 493.300443][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 493.312642][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 493.345107][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 493.371971][ T4839] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.379222][ T4839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 493.395388][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 493.408285][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 493.418390][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 493.430275][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 493.439565][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 493.449719][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 493.470300][ T26] audit: type=1326 audit(1717472829.870:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.470545][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 493.493877][ T26] audit: type=1326 audit(1717472829.870:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.526903][ T26] audit: type=1326 audit(1717472829.900:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.531387][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 493.555754][ T26] audit: type=1326 audit(1717472829.900:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.589002][ T26] audit: type=1326 audit(1717472829.900:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.613071][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 493.628438][ T26] audit: type=1326 audit(1717472829.900:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.638108][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 493.688729][T11899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 493.703275][ T26] audit: type=1326 audit(1717472830.060:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 493.743996][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 493.766298][ T26] audit: type=1326 audit(1717472830.060:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f26f1a7a6e7 code=0x7ffc0000 [ 493.891432][ T26] audit: type=1326 audit(1717472830.060:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26f1a403c9 code=0x7ffc0000 [ 493.955399][ T32] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 493.962845][ T32] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 493.973469][ T32] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.000A/input/input11 [ 493.995764][ T32] cm6533_jd 0003:0D8C:0022.000A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 494.308377][T12071] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 495.287164][ T26] audit: type=1326 audit(1717472830.060:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f26f1a7a6e7 code=0x7ffc0000 [ 495.447991][ T32] usb 4-1: USB disconnect, device number 16 [ 495.601400][T12083] loop1: detected capacity change from 0 to 16 [ 495.628012][T12083] erofs: (device loop1): mounted with root inode @ nid 36. [ 495.746806][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 495.762391][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 495.784749][T11899] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 495.886255][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 495.905219][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 496.005557][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 496.034961][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 496.090735][T11899] device veth0_vlan entered promiscuous mode [ 496.111665][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 496.128266][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 496.171884][T11899] device veth1_vlan entered promiscuous mode [ 496.272214][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 496.292603][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 496.327689][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 496.364808][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 496.396002][T11899] device veth0_macvtap entered promiscuous mode [ 496.443387][T11899] device veth1_macvtap entered promiscuous mode [ 496.474411][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 496.489154][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 496.548784][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.595934][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.633814][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.658429][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.678581][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.740755][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.794264][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.821964][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.855370][T11899] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 496.874198][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 496.883080][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 496.918717][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 496.945895][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.986409][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.014903][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.153453][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.206851][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.259679][T11899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.339419][T12112] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 497.550217][T11899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.810583][T11899] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 497.989476][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 498.057110][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 498.097373][T11899] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 498.129707][T11899] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 498.149401][T11899] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 498.173750][T11899] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 498.297797][ T14] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 498.514473][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 498.523284][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 498.600202][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 498.656593][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 498.673972][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 498.678895][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 498.694054][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 498.710764][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 498.716307][ T14] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 498.749616][ T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.804801][ T14] usb 2-1: config 0 descriptor?? [ 498.883268][T12130] loop3: detected capacity change from 0 to 16 [ 498.905326][T12130] erofs: (device loop3): mounted with root inode @ nid 36. [ 499.285891][ T14] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x0 [ 499.305436][ T14] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x0 [ 499.363193][ T14] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.000B/input/input12 [ 499.491263][ T14] cm6533_jd 0003:0D8C:0022.000B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 499.610744][ T14] usb 2-1: USB disconnect, device number 18 [ 500.661614][T12192] loop1: detected capacity change from 0 to 16 [ 500.679420][T12192] erofs: (device loop1): mounted with root inode @ nid 36. [ 500.873808][ T14] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 501.244148][ T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.271547][ T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.312027][ T14] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 501.365514][ T1256] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.371907][ T1256] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.384126][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.430320][ T14] usb 4-1: config 0 descriptor?? [ 501.925738][ T14] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0 [ 501.933112][ T14] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0 [ 501.978202][ T14] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.000C/input/input13 [ 502.039113][ T14] cm6533_jd 0003:0D8C:0022.000C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 502.146735][ T14] usb 4-1: USB disconnect, device number 17 [ 502.290467][T12252] loop0: detected capacity change from 0 to 16 [ 502.317998][T12252] erofs: (device loop0): mounted with root inode @ nid 36. [ 503.084025][T12269] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 503.515034][ T3589] Bluetooth: hci3: command 0x0406 tx timeout [ 504.860496][T12301] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 505.808786][T12316] loop0: detected capacity change from 0 to 16 [ 505.837520][T12316] erofs: (device loop0): mounted with root inode @ nid 36. [ 506.333752][ T14] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 506.497430][T12339] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 507.464081][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 507.478452][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 507.505074][ T14] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 507.516948][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.534845][ T14] usb 5-1: config 0 descriptor?? [ 507.857732][T12360] overlayfs: statfs failed on './file0' [ 508.015643][ T14] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 508.023012][ T14] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 508.063043][ T14] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.000D/input/input14 [ 508.202628][ T14] cm6533_jd 0003:0D8C:0022.000D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0 [ 508.255519][ T14] usb 5-1: USB disconnect, device number 9 [ 508.395948][T12372] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 509.217962][T12378] loop4: detected capacity change from 0 to 16 [ 509.230919][T12378] erofs: (device loop4): mounted with root inode @ nid 36. [ 509.622969][T12390] loop0: detected capacity change from 0 to 256 [ 509.699047][T12390] exfat: Deprecated parameter 'namecase' [ 509.728104][ T26] kauditd_printk_skb: 62 callbacks suppressed [ 509.728121][ T26] audit: type=1326 audit(1717472846.130:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12385 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 509.784936][T12390] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 510.612320][ T4700] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 510.737476][T12416] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 510.985750][ T4700] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 511.083994][ T4700] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 511.298146][ T4700] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 511.439536][ T4700] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.495685][ T4700] usb 1-1: config 0 descriptor?? [ 511.904582][T12434] loop3: detected capacity change from 0 to 16 [ 511.922147][T12434] erofs: (device loop3): mounted with root inode @ nid 36. [ 512.038870][ T26] audit: type=1326 audit(1717472848.440:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 512.039465][ T4700] cm6533_jd 0003:0D8C:0022.000E: unknown main item tag 0x0 [ 512.072370][ T4700] cm6533_jd 0003:0D8C:0022.000E: unknown main item tag 0x0 [ 512.090720][ T4700] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.000E/input/input15 [ 512.130739][ T4700] cm6533_jd 0003:0D8C:0022.000E: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 512.234767][ T4700] usb 1-1: USB disconnect, device number 3 [ 513.295600][T12471] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 514.818856][T12497] xt_bpf: check failed: parse error [ 515.192592][T12505] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 515.947922][T12511] loop4: detected capacity change from 0 to 16 [ 515.963985][T12511] erofs: (device loop4): mounted with root inode @ nid 36. [ 516.674189][ T4700] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 516.727890][T12545] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 517.054084][ T4700] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 517.172920][ T4700] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.377158][ T4700] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 517.450068][ T4700] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.460087][ T4700] usb 2-1: config 0 descriptor?? [ 517.965681][ T4700] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0 [ 517.983910][ T4700] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0 [ 518.020800][ T4700] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.000F/input/input16 [ 518.081848][ T4700] cm6533_jd 0003:0D8C:0022.000F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 518.167628][ T4700] usb 2-1: USB disconnect, device number 19 [ 518.571509][T12581] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 519.315502][T12585] loop1: detected capacity change from 0 to 16 [ 519.326737][T12585] erofs: (device loop1): mounted with root inode @ nid 36. [ 519.741934][T12601] loop0: detected capacity change from 0 to 1024 [ 519.754739][T12601] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 520.303749][ T4838] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 520.744366][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 521.693615][ T4838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 521.706449][ T4838] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 521.715591][ T4838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.727532][ T4838] usb 4-1: config 0 descriptor?? [ 522.087674][T12645] loop4: detected capacity change from 0 to 16 [ 522.129206][T12645] erofs: (device loop4): mounted with root inode @ nid 36. [ 522.378517][ T4838] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 522.471760][ T4838] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 522.970752][ T4838] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0010/input/input17 [ 523.069400][ T4838] cm6533_jd 0003:0D8C:0022.0010: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 523.104970][ T4838] usb 4-1: USB disconnect, device number 18 [ 523.473123][T12663] syz-executor.3[12663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 523.473234][T12663] syz-executor.3[12663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 523.519141][ T26] audit: type=1800 audit(1717472859.920:1834): pid=12663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="overlay" ino=1946 res=0 errno=0 [ 523.650323][ T26] audit: type=1804 audit(1717472860.050:1835): pid=12674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3288592494/syzkaller.A5J45N/42/file0/file0" dev="sda1" ino=1964 res=1 errno=0 [ 523.710967][T12673] loop4: detected capacity change from 0 to 2048 [ 523.754308][T12673] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 524.829914][ T9557] EXT4-fs (loop4): unmounting filesystem. [ 525.036160][ T3622] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 525.185906][ T4838] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 525.440595][ T4838] usb 4-1: Using ep0 maxpacket: 32 [ 525.494192][ T3622] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 525.513435][ T3622] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 525.527858][ T3622] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 525.537800][ T3622] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 525.562974][ T3622] usb 1-1: config 0 descriptor?? [ 525.583842][ T4838] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 525.597227][ T4838] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 525.624743][ T5879] device syz_tun left promiscuous mode [ 525.784176][ T4838] usb 4-1: New USB device found, idVendor=1b3d, idProduct=931e, bcdDevice=d1.78 [ 525.803814][ T4838] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.822156][ T4838] usb 4-1: Product: syz [ 525.839242][ T4838] usb 4-1: Manufacturer: syz [ 525.850161][ T4838] usb 4-1: SerialNumber: syz [ 525.870288][ T4838] usb 4-1: config 0 descriptor?? [ 525.924878][ T4838] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 525.939165][ T4838] ftdi_sio ttyUSB0: unknown device type: 0xd178 [ 525.961543][ T53] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.045621][ T3622] cm6533_jd 0003:0D8C:0022.0011: unknown main item tag 0x0 [ 526.052982][ T3622] cm6533_jd 0003:0D8C:0022.0011: unknown main item tag 0x0 [ 526.063350][ T53] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.098522][ T3622] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0011/input/input18 [ 526.146047][ T4839] usb 4-1: USB disconnect, device number 19 [ 526.154161][ T4839] ftdi_sio 4-1:0.0: device disconnected [ 526.160382][ T3622] cm6533_jd 0003:0D8C:0022.0011: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 526.218387][ T53] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.240022][ T3583] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 526.260527][ T3583] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 526.269375][ T3583] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 526.278751][ T3583] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 526.286209][ T4838] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 526.294968][ T3583] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 526.300399][ T14] usb 1-1: USB disconnect, device number 4 [ 526.308335][ T3583] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 526.346903][ T53] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.539650][T12727] overlayfs: failed to clone upperpath [ 526.554977][ T4838] usb 5-1: Using ep0 maxpacket: 16 [ 526.579325][T12727] syz-executor.2[12727] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 526.579432][T12727] syz-executor.2[12727] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 526.620632][ T26] audit: type=1800 audit(1717472863.020:1836): pid=12727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1963 res=0 errno=0 [ 526.747631][T12731] loop3: detected capacity change from 0 to 2048 [ 526.755711][ T53] device ip6gretap0 left promiscuous mode [ 526.783837][ T4838] usb 5-1: unable to get BOS descriptor or descriptor too short [ 526.805170][T12731] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 526.850802][T12722] chnl_net:caif_netlink_parms(): no params data found [ 527.047879][ T4838] usb 5-1: config 222 has an invalid interface number: 227 but max is 2 [ 527.057031][ T4838] usb 5-1: config 222 has an invalid descriptor of length 0, skipping remainder of the config [ 527.068626][ T4838] usb 5-1: config 222 has 1 interface, different from the descriptor's value: 3 [ 527.079470][ T4838] usb 5-1: config 222 has no interface number 0 [ 527.087031][ T4838] usb 5-1: config 222 interface 227 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 14 [ 527.100653][ T4838] usb 5-1: config 222 interface 227 has no altsetting 0 [ 527.534311][ T4838] usb 5-1: string descriptor 0 read error: -22 [ 527.871716][ T4838] usb 5-1: New USB device found, idVendor=1608, idProduct=000c, bcdDevice=20.09 [ 527.998450][ T4838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.076715][T12722] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.087621][T12722] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.121435][T12722] device bridge_slave_0 entered promiscuous mode [ 528.142721][ T3579] EXT4-fs (loop3): unmounting filesystem. [ 528.146350][T12722] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.158083][T12722] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.180598][ T4838] io_edgeport 5-1:222.227: required endpoints missing [ 528.204796][T12722] device bridge_slave_1 entered promiscuous mode [ 528.292173][T12722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 528.325165][T12722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 528.398243][ T3589] Bluetooth: hci4: command tx timeout [ 528.437829][ T4839] usb 5-1: USB disconnect, device number 10 [ 528.448093][T12722] team0: Port device team_slave_0 added [ 528.493876][T12722] team0: Port device team_slave_1 added [ 528.631135][T12722] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 528.669169][T12722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 528.744596][T12722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 528.760288][ T26] audit: type=1804 audit(1717472865.160:1837): pid=12762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3288592494/syzkaller.A5J45N/48/file0" dev="sda1" ino=1960 res=1 errno=0 [ 528.764389][T12722] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 528.798758][T12722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 528.831463][T12722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 529.001195][ T53] team0: Port device wlan1 removed [ 529.035996][T12722] device hsr_slave_0 entered promiscuous mode [ 529.057743][T12722] device hsr_slave_1 entered promiscuous mode [ 529.076775][T12722] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 529.102315][T12722] Cannot create hsr debugfs directory [ 529.314045][T12770] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (160 ns). Using initial count to start timer. [ 529.347513][T12765] device syzkaller0 entered promiscuous mode [ 529.347721][T12770] kvm: vcpu 0: requested 160 ns lapic timer period limited to 200000 ns [ 529.363366][T12770] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3702941173 (3702941173 ns) > initial count (2209245800 ns). Using initial count to start timer. [ 529.407475][ T53] device hsr_slave_0 left promiscuous mode [ 529.421365][ T53] device hsr_slave_1 left promiscuous mode [ 529.438078][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 529.453931][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 529.488818][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 529.496641][ T4838] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 529.508026][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 529.527766][ T53] device bridge_slave_1 left promiscuous mode [ 529.534597][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 529.551655][ T53] device bridge_slave_0 left promiscuous mode [ 529.563032][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 529.607790][ T53] device veth1_macvtap left promiscuous mode [ 529.631131][ T53] device veth0_macvtap left promiscuous mode [ 529.649236][ T53] device veth1_vlan left promiscuous mode [ 529.661288][ T53] device veth0_vlan left promiscuous mode [ 529.712857][T12776] loop4: detected capacity change from 0 to 2048 [ 529.751056][T12776] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 530.044168][ T4838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 530.062559][ T4838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 530.072935][ T4838] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 530.082583][ T4838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.337197][ T4838] usb 1-1: config 0 descriptor?? [ 530.485512][ T3589] Bluetooth: hci4: command tx timeout [ 530.912277][ T9557] EXT4-fs (loop4): unmounting filesystem. [ 530.919705][ T53] team0 (unregistering): Port device team_slave_1 removed [ 530.946623][ T53] team0 (unregistering): Port device team_slave_0 removed [ 530.961535][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 530.986149][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 531.066040][ T4838] cm6533_jd 0003:0D8C:0022.0012: unknown main item tag 0x0 [ 531.073442][ T4838] cm6533_jd 0003:0D8C:0022.0012: unknown main item tag 0x0 [ 531.106259][ T4838] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0012/input/input19 [ 531.128358][ T4838] cm6533_jd 0003:0D8C:0022.0012: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 531.160545][ T53] bond0 (unregistering): Released all slaves [ 531.273994][ T4838] usb 1-1: USB disconnect, device number 5 [ 532.612629][T12803] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3702941173 (3702941173 ns) > initial count (2209245800 ns). Using initial count to start timer. [ 532.793935][ T3589] Bluetooth: hci4: command tx timeout [ 533.319610][T12722] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 533.349424][T12722] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 533.416975][T12722] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 533.449501][T12722] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 533.749671][T12722] 8021q: adding VLAN 0 to HW filter on device bond0 [ 533.793365][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 533.810650][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 533.843899][T12722] 8021q: adding VLAN 0 to HW filter on device team0 [ 533.946517][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 533.955822][T12817] loop0: detected capacity change from 0 to 32768 [ 533.964855][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 533.984750][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 533.991951][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 534.018023][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 534.039377][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 534.058439][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 534.066223][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 534.150231][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 534.196905][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 534.245764][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 534.295246][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 534.408570][T12722] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 534.447713][T12722] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 534.883754][ T3589] Bluetooth: hci4: command tx timeout [ 535.410003][T12722] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 535.571798][T12722] device veth0_vlan entered promiscuous mode [ 535.625890][T12722] device veth1_vlan entered promiscuous mode [ 535.738090][T12722] device veth0_macvtap entered promiscuous mode [ 535.777450][T12722] device veth1_macvtap entered promiscuous mode [ 535.871433][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 535.916784][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 535.964716][T12817] XFS (loop0): Mounting V5 Filesystem [ 535.966819][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.005411][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.033130][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.068021][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.116633][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.143685][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.155925][T12722] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 536.160822][T12817] XFS (loop0): log mount failed [ 536.170090][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 536.178606][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 536.187962][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 536.209796][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 536.226357][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 536.241052][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 536.252194][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 536.267341][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 536.281717][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 536.291976][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 536.321151][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 536.336655][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 536.349808][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 536.354338][T12872] loop3: detected capacity change from 0 to 16 [ 536.361559][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 536.379176][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 536.388700][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 536.389549][T12872] erofs: (device loop3): mounted with root inode @ nid 36. [ 536.404489][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 536.420582][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 536.429562][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 536.440940][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 536.441642][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 536.444550][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.481653][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.491747][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.502572][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.512649][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.532888][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.550042][T12722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.561891][T12722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.603023][T12722] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 536.761976][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 536.781416][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 536.792463][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 536.834568][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 536.864305][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 536.896133][ T4700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 536.911510][T12722] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.932706][T12722] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.952056][T12722] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.994713][T12722] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 537.221807][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 537.263925][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 537.297494][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 537.322792][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 537.339724][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 537.368486][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 537.726178][T12902] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3702941173 (3702941173 ns) > initial count (2209245800 ns). Using initial count to start timer. [ 537.821428][T12913] loop0: detected capacity change from 0 to 16 [ 537.851864][T12913] erofs: (device loop0): mounted with root inode @ nid 36. [ 537.897868][ T26] audit: type=1804 audit(1717472874.300:1838): pid=12916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="file0" dev="sda1" ino=1966 res=1 errno=0 [ 538.647920][T12908] loop1: detected capacity change from 0 to 32768 [ 538.698679][ T4838] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 538.755525][T12908] XFS (loop1): Mounting V5 Filesystem [ 538.872213][T12908] XFS (loop1): Ending clean mount [ 538.902881][T12908] XFS (loop1): Quotacheck needed: Please wait. [ 539.065729][T12908] XFS (loop1): Quotacheck: Done. [ 539.075531][T12959] loop3: detected capacity change from 0 to 16 [ 539.154896][T12960] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 539.183459][T12959] erofs: (device loop3): mounted with root inode @ nid 36. [ 539.830169][ T4838] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 539.840198][ T4838] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 539.851973][ T26] audit: type=1804 audit(1717472876.250:1839): pid=12908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2524687251/syzkaller.WKZiE0/1/file0/bus" dev="loop1" ino=9291 res=1 errno=0 [ 540.063365][T12722] XFS (loop1): Unmounting Filesystem [ 540.104063][ T4838] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 540.183612][ T4838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.206305][ T4838] usb 5-1: Product: syz [ 540.215213][ T4838] usb 5-1: Manufacturer: syz [ 540.233237][ T4838] usb 5-1: SerialNumber: syz [ 540.248875][ T4838] usb 5-1: config 0 descriptor?? [ 540.284744][T12932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 540.292027][T12932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 540.360497][T12975] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 540.579287][T12932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 540.585144][T12975] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 540.592406][T12932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 540.790801][T12975] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 540.985852][T12975] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 541.099811][ T4838] dm9601: No valid MAC address in EEPROM, using 3a:f1:1f:fc:cb:d9 [ 541.137498][T12975] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 541.239309][ T4700] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 541.305856][T12932] loop4: detected capacity change from 0 to 256 [ 541.408788][ T4838] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 541.418665][T12975] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.431258][ T4838] usb 5-1: USB disconnect, device number 11 [ 541.474458][T12975] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.549668][T12975] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.609799][T12975] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.636060][ T4700] usb 2-1: config 0 has no interfaces? [ 541.884024][ T4700] usb 2-1: string descriptor 0 read error: -22 [ 541.892773][ T4700] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 541.924974][ T4700] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 541.957250][ T4700] usb 2-1: config 0 descriptor?? [ 542.216766][ T4700] usb 2-1: USB disconnect, device number 20 [ 542.939601][T13044] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (160 ns). Using initial count to start timer. [ 543.016562][T13053] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3702941173 (3702941173 ns) > initial count (2209245800 ns). Using initial count to start timer. [ 543.073694][ T4700] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 543.443959][ T4700] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 543.458902][ T4700] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 543.600722][ T26] audit: type=1326 audit(1717472880.000:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 543.634295][ T4700] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 543.651483][ T4700] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.681013][ T4700] usb 5-1: Product: syz [ 543.692516][ T26] audit: type=1326 audit(1717472880.000:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 543.709855][T13049] loop0: detected capacity change from 0 to 40427 [ 543.717352][ T4700] usb 5-1: Manufacturer: syz [ 543.739519][ T4700] usb 5-1: SerialNumber: syz [ 543.754521][ T4700] usb 5-1: config 0 descriptor?? [ 543.762903][ T26] audit: type=1326 audit(1717472880.050:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 543.776883][T13049] F2FS-fs (loop0): invalid crc value [ 543.786719][T13042] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 543.813303][T13063] loop1: detected capacity change from 0 to 1024 [ 543.820718][T13063] hfsplus: unable to parse mount options [ 543.832461][T13042] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 543.851532][ T26] audit: type=1326 audit(1717472880.050:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 543.852451][T13049] F2FS-fs (loop0): Found nat_bits in checkpoint [ 543.920387][T13063] loop1: detected capacity change from 0 to 1024 [ 543.927800][T13063] hfsplus: unable to parse mount options [ 543.944608][ T26] audit: type=1326 audit(1717472880.050:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.006810][ T26] audit: type=1326 audit(1717472880.050:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.030962][T13049] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 544.058257][ T26] audit: type=1326 audit(1717472880.050:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.073668][T13049] syz-executor.0: attempt to access beyond end of device [ 544.073668][T13049] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 544.102880][ T26] audit: type=1326 audit(1717472880.050:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.116191][T13042] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 544.144963][ T26] audit: type=1326 audit(1717472880.050:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.176718][ T26] audit: type=1326 audit(1717472880.050:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13060 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09de67cf69 code=0x7ffc0000 [ 544.180962][T13042] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 544.287058][T11899] syz-executor.0: attempt to access beyond end of device [ 544.287058][T11899] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 544.713838][ T4700] dm9601: No valid MAC address in EEPROM, using 3a:f1:1f:fc:cb:d9 [ 544.928860][T13042] loop4: detected capacity change from 0 to 256 [ 545.003885][ T4700] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 545.023382][ T4700] usb 5-1: USB disconnect, device number 12 [ 545.806064][T13109] loop3: detected capacity change from 0 to 1024 [ 545.813311][T13109] hfsplus: unable to parse mount options [ 546.568557][T13113] loop3: detected capacity change from 0 to 1024 [ 546.717815][T13113] hfsplus: unable to parse mount options [ 547.034114][T13137] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 548.657701][T13172] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 549.796088][T13202] loop1: detected capacity change from 0 to 16 [ 549.804992][T13202] erofs: (device loop1): mounted with root inode @ nid 36. [ 549.913705][ T4700] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 550.222319][T13210] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 551.213869][ T4700] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 551.223097][ T4700] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.272903][ T4700] usb 1-1: config 0 descriptor?? [ 551.623001][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 551.623019][ T26] audit: type=1326 audit(1717472888.020:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13212 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 551.897865][T13240] loop1: detected capacity change from 0 to 16 [ 551.924818][T13240] erofs: (device loop1): mounted with root inode @ nid 36. [ 551.973788][ T4700] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 551.993778][ T4700] asix: probe of 1-1:0.0 failed with error -71 [ 552.036246][ T4700] usb 1-1: USB disconnect, device number 6 [ 553.025680][T13244] loop1: detected capacity change from 0 to 40427 [ 553.045426][T13244] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 553.063818][T13244] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 553.093208][T13244] F2FS-fs (loop1): invalid crc value [ 553.130556][T13244] F2FS-fs (loop1): Found nat_bits in checkpoint [ 553.290203][T13244] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 553.298921][T13244] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 553.407840][T12722] syz-executor.1: attempt to access beyond end of device [ 553.407840][T12722] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 553.809356][ T4700] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 554.213947][ T4700] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 554.227688][ T4700] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 554.261727][ T4700] usb 5-1: config 0 descriptor?? [ 554.437255][T13303] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 555.340956][T13307] loop1: detected capacity change from 0 to 16 [ 555.366053][T13307] erofs: (device loop1): mounted with root inode @ nid 36. [ 555.574137][ T4700] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 555.594280][ T4700] asix: probe of 5-1:0.0 failed with error -71 [ 555.613653][ T4700] usb 5-1: USB disconnect, device number 13 [ 555.848382][ T26] audit: type=1326 audit(1717472892.250:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x0 [ 556.571268][T13338] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 557.364980][T13343] loop4: detected capacity change from 0 to 16 [ 557.376700][T13343] erofs: (device loop4): mounted with root inode @ nid 36. [ 557.953659][ T4949] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 558.353954][ T4949] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 558.373413][ T4949] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 558.399773][ T4949] usb 2-1: config 0 descriptor?? [ 558.436475][T13375] loop3: detected capacity change from 0 to 16 [ 558.594008][T13375] erofs: (device loop3): mounted with root inode @ nid 36. [ 558.619270][ T26] audit: type=1326 audit(1717472895.020:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.678966][ T26] audit: type=1326 audit(1717472895.050:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.744220][ T26] audit: type=1326 audit(1717472895.050:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.779330][ T26] audit: type=1326 audit(1717472895.050:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.815180][ T26] audit: type=1326 audit(1717472895.060:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.858357][ T26] audit: type=1326 audit(1717472895.060:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.906954][ T26] audit: type=1326 audit(1717472895.060:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 558.989751][ T26] audit: type=1326 audit(1717472895.060:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 559.029752][ T26] audit: type=1326 audit(1717472895.290:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13379 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 559.070243][ T26] audit: type=1326 audit(1717472895.290:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13379 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f1a7cf69 code=0x7ffc0000 [ 559.124170][ T4949] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 559.138867][ T4949] asix: probe of 2-1:0.0 failed with error -71 [ 559.149198][ T4949] usb 2-1: USB disconnect, device number 21 [ 559.926969][T13396] loop0: detected capacity change from 0 to 1024 [ 559.934276][T13396] hfsplus: unable to parse mount options [ 560.595954][T13411] loop0: detected capacity change from 0 to 1024 [ 560.627526][T13411] hfsplus: unable to parse mount options [ 560.683689][ T4700] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 561.100445][ T4700] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 561.116746][ T4700] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 561.134303][ T4700] usb 5-1: config 0 descriptor?? [ 561.839830][ T4700] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 561.856126][ T4700] asix: probe of 5-1:0.0 failed with error -71 [ 561.889667][ T4700] usb 5-1: USB disconnect, device number 14 [ 562.298528][T13441] loop1: detected capacity change from 0 to 16 [ 562.321159][T13441] erofs: (device loop1): mounted with root inode @ nid 36. [ 562.463830][T13438] [ 562.466284][T13438] ====================================================== [ 562.473330][T13438] WARNING: possible circular locking dependency detected [ 562.480392][T13438] 6.1.92-syzkaller #0 Not tainted [ 562.485471][T13438] ------------------------------------------------------ [ 562.492499][T13438] syz-executor.3/13438 is trying to acquire lock: [ 562.498916][T13438] ffff888078ae0d00 (team->team_lock_key#3){+.+.}-{3:3}, at: team_del_slave+0x2e/0x1c0 [ 562.508525][T13438] [ 562.508525][T13438] but task is already holding lock: [ 562.516025][T13438] ffff8880545007c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130 [ 562.525914][T13438] [ 562.525914][T13438] which lock already depends on the new lock. [ 562.525914][T13438] [ 562.536500][T13438] [ 562.536500][T13438] the existing dependency chain (in reverse order) is: [ 562.545512][T13438] [ 562.545512][T13438] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}: [ 562.553256][T13438] lock_acquire+0x1f8/0x5a0 [ 562.558298][T13438] __mutex_lock+0x132/0xd80 [ 562.563333][T13438] ieee80211_open+0x13a/0x1f0 [ 562.568538][T13438] __dev_open+0x377/0x510 [ 562.573392][T13438] dev_open+0xa9/0x260 [ 562.577991][T13438] team_add_slave+0x96e/0x2760 [ 562.583291][T13438] do_setlink+0xe99/0x3de0 [ 562.588238][T13438] rtnl_newlink+0x172c/0x2050 [ 562.593449][T13438] rtnetlink_rcv_msg+0x818/0xff0 [ 562.598932][T13438] netlink_rcv_skb+0x1cd/0x410 [ 562.604261][T13438] netlink_unicast+0x7d8/0x970 [ 562.609683][T13438] netlink_sendmsg+0xa26/0xd60 [ 562.615004][T13438] ____sys_sendmsg+0x5a5/0x8f0 [ 562.620312][T13438] __sys_sendmsg+0x2a9/0x390 [ 562.625589][T13438] do_syscall_64+0x3b/0xb0 [ 562.630586][T13438] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 562.637031][T13438] [ 562.637031][T13438] -> #0 (team->team_lock_key#3){+.+.}-{3:3}: [ 562.645476][T13438] validate_chain+0x1661/0x5950 [ 562.650863][T13438] __lock_acquire+0x125b/0x1f80 [ 562.656248][T13438] lock_acquire+0x1f8/0x5a0 [ 562.661281][T13438] __mutex_lock+0x132/0xd80 [ 562.666316][T13438] team_del_slave+0x2e/0x1c0 [ 562.671529][T13438] team_device_event+0x269/0x570 [ 562.676999][T13438] raw_notifier_call_chain+0xd0/0x170 [ 562.682899][T13438] unregister_netdevice_many+0xec1/0x17a0 [ 562.689158][T13438] unregister_netdevice_queue+0x2e6/0x350 [ 562.695412][T13438] _cfg80211_unregister_wdev+0x174/0x570 [ 562.701577][T13438] ieee80211_if_remove+0x1cc/0x2d0 [ 562.707215][T13438] ieee80211_del_iface+0x15/0x20 [ 562.712711][T13438] cfg80211_remove_virtual_intf+0x270/0x490 [ 562.719146][T13438] genl_rcv_msg+0xc1a/0xf70 [ 562.724178][T13438] netlink_rcv_skb+0x1cd/0x410 [ 562.729477][T13438] genl_rcv+0x24/0x40 [ 562.733987][T13438] netlink_unicast+0x7d8/0x970 [ 562.739285][T13438] netlink_sendmsg+0xa26/0xd60 [ 562.744571][T13438] ____sys_sendmsg+0x5a5/0x8f0 [ 562.749861][T13438] __sys_sendmsg+0x2a9/0x390 [ 562.754999][T13438] do_syscall_64+0x3b/0xb0 [ 562.759946][T13438] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 562.766366][T13438] [ 562.766366][T13438] other info that might help us debug this: [ 562.766366][T13438] [ 562.776603][T13438] Possible unsafe locking scenario: [ 562.776603][T13438] [ 562.784134][T13438] CPU0 CPU1 [ 562.789496][T13438] ---- ---- [ 562.794858][T13438] lock(&rdev->wiphy.mtx); [ 562.799365][T13438] lock(team->team_lock_key#3); [ 562.806828][T13438] lock(&rdev->wiphy.mtx); [ 562.813866][T13438] lock(team->team_lock_key#3); [ 562.818967][T13438] [ 562.818967][T13438] *** DEADLOCK *** [ 562.818967][T13438] [ 562.827136][T13438] 3 locks held by syz-executor.3/13438: [ 562.832681][T13438] #0: ffffffff8e2fa0f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 562.840880][T13438] #1: ffffffff8e29b028 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5b/0x8a0 [ 562.850925][T13438] #2: ffff8880545007c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130 [ 562.861227][T13438] [ 562.861227][T13438] stack backtrace: [ 562.867125][T13438] CPU: 1 PID: 13438 Comm: syz-executor.3 Not tainted 6.1.92-syzkaller #0 [ 562.875538][T13438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 562.885615][T13438] Call Trace: [ 562.888901][T13438] [ 562.891921][T13438] dump_stack_lvl+0x1e3/0x2cb [ 562.896615][T13438] ? nf_tcp_handle_invalid+0x642/0x642 [ 562.902094][T13438] ? print_circular_bug+0x12b/0x1a0 [ 562.907296][T13438] check_noncircular+0x2fa/0x3b0 [ 562.912238][T13438] ? add_chain_block+0x850/0x850 [ 562.917186][T13438] ? lockdep_lock+0x11f/0x2a0 [ 562.921873][T13438] ? is_bpf_text_address+0x22/0x2a0 [ 562.927080][T13438] ? _find_first_zero_bit+0xd0/0x100 [ 562.932461][T13438] validate_chain+0x1661/0x5950 [ 562.937336][T13438] ? reacquire_held_locks+0x660/0x660 [ 562.942742][T13438] ? reacquire_held_locks+0x660/0x660 [ 562.948154][T13438] ? mark_lock+0x9a/0x340 [ 562.952506][T13438] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 562.958505][T13438] ? mark_lock+0x9a/0x340 [ 562.962847][T13438] __lock_acquire+0x125b/0x1f80 [ 562.967718][T13438] lock_acquire+0x1f8/0x5a0 [ 562.972232][T13438] ? team_del_slave+0x2e/0x1c0 [ 562.977008][T13438] ? read_lock_is_recursive+0x10/0x10 [ 562.982842][T13438] ? __might_sleep+0xb0/0xb0 [ 562.987437][T13438] ? xsk_notifier+0x20f/0x220 [ 562.992145][T13438] ? __lock_acquire+0x1f80/0x1f80 [ 562.997184][T13438] __mutex_lock+0x132/0xd80 [ 563.001690][T13438] ? team_del_slave+0x2e/0x1c0 [ 563.006463][T13438] ? __mutex_lock+0x2f7/0xd80 [ 563.011143][T13438] ? bond_netdev_event+0xde/0xe50 [ 563.016175][T13438] ? team_del_slave+0x2e/0x1c0 [ 563.020972][T13438] ? mutex_lock_nested+0x10/0x10 [ 563.025913][T13438] ? bond_ipsec_offload_ok+0x400/0x400 [ 563.031387][T13438] ? memset+0x1f/0x40 [ 563.035374][T13438] team_del_slave+0x2e/0x1c0 [ 563.039973][T13438] team_device_event+0x269/0x570 [ 563.044921][T13438] raw_notifier_call_chain+0xd0/0x170 [ 563.050298][T13438] unregister_netdevice_many+0xec1/0x17a0 [ 563.056038][T13438] ? alloc_netdev_mqs+0xeb0/0xeb0 [ 563.061074][T13438] ? kasan_quarantine_put+0xd4/0x220 [ 563.066363][T13438] ? lockdep_hardirqs_on+0x94/0x130 [ 563.071587][T13438] ? up_write+0x19d/0x580 [ 563.075965][T13438] unregister_netdevice_queue+0x2e6/0x350 [ 563.081729][T13438] ? list_netdevice+0x660/0x660 [ 563.086614][T13438] ? kernfs_remove_by_name_ns+0x10f/0x150 [ 563.092435][T13438] _cfg80211_unregister_wdev+0x174/0x570 [ 563.098077][T13438] ieee80211_if_remove+0x1cc/0x2d0 [ 563.103200][T13438] ieee80211_del_iface+0x15/0x20 [ 563.108154][T13438] cfg80211_remove_virtual_intf+0x270/0x490 [ 563.114054][T13438] ? nl80211_del_interface+0x112/0x130 [ 563.119514][T13438] genl_rcv_msg+0xc1a/0xf70 [ 563.124024][T13438] ? genl_bind+0x400/0x400 [ 563.128452][T13438] ? read_lock_is_recursive+0x10/0x10 [ 563.133854][T13438] ? ref_tracker_free+0x638/0x7d0 [ 563.138901][T13438] ? nl80211_new_interface+0x1110/0x1110 [ 563.144551][T13438] ? refcount_inc+0x80/0x80 [ 563.149086][T13438] ? __copy_skb_header+0x47b/0x600 [ 563.154222][T13438] netlink_rcv_skb+0x1cd/0x410 [ 563.159016][T13438] ? genl_bind+0x400/0x400 [ 563.163441][T13438] ? netlink_ack+0x1290/0x1290 [ 563.168314][T13438] genl_rcv+0x24/0x40 [ 563.172301][T13438] netlink_unicast+0x7d8/0x970 [ 563.177080][T13438] ? netlink_detachskb+0x90/0x90 [ 563.182025][T13438] ? __virt_addr_valid+0x44a/0x520 [ 563.187148][T13438] ? __phys_addr_symbol+0x2b/0x70 [ 563.192180][T13438] ? __check_object_size+0x4dd/0xa30 [ 563.197475][T13438] ? bpf_lsm_netlink_send+0x5/0x10 [ 563.202594][T13438] netlink_sendmsg+0xa26/0xd60 [ 563.207365][T13438] ? netlink_getsockopt+0x580/0x580 [ 563.212565][T13438] ? aa_sock_msg_perm+0x91/0x150 [ 563.217545][T13438] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 563.222837][T13438] ? security_socket_sendmsg+0x7d/0xa0 [ 563.228299][T13438] ? netlink_getsockopt+0x580/0x580 [ 563.233501][T13438] ____sys_sendmsg+0x5a5/0x8f0 [ 563.238272][T13438] ? __sys_sendmsg_sock+0x30/0x30 [ 563.243303][T13438] __sys_sendmsg+0x2a9/0x390 [ 563.247938][T13438] ? ____sys_sendmsg+0x8f0/0x8f0 [ 563.252905][T13438] ? rcu_is_watching+0x11/0xb0 [ 563.257698][T13438] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 563.263704][T13438] ? syscall_enter_from_user_mode+0x2e/0x230 [ 563.269691][T13438] ? lockdep_hardirqs_on+0x94/0x130 [ 563.274895][T13438] ? syscall_enter_from_user_mode+0x2e/0x230 [ 563.280881][T13438] do_syscall_64+0x3b/0xb0 [ 563.285311][T13438] ? clear_bhb_loop+0x45/0xa0 [ 563.289997][T13438] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 563.295903][T13438] RIP: 0033:0x7f7605e7cf69 [ 563.300340][T13438] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 563.319948][T13438] RSP: 002b:00007f7606bd40c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 563.328541][T13438] RAX: ffffffffffffffda RBX: 00007f7605fb3fa0 RCX: 00007f7605e7cf69 [ 563.336514][T13438] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 563.344498][T13438] RBP: 00007f7605eda706 R08: 0000000000000000 R09: 0000000000000000 [ 563.352471][T13438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2024/06/04 03:48:19 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 563.360457][T13438] R13: 000000000000000b R14: 00007f7605fb3fa0 R15: 00007ffd685afb98 [ 563.368460][T13438] [ 563.375632][ T1256] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.382004][ T1256] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.632955][T13438] team0: Port device wlan1 removed [ 564.286749][ T3800] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0