Warning: Permanently added '10.128.1.67' (ED25519) to the list of known hosts. 2024/04/17 07:00:15 fuzzer started 2024/04/17 07:00:15 dialing manager at 10.128.0.163:30011 [ 50.585706][ T3545] cgroup: Unknown subsys name 'net' [ 50.693875][ T3545] cgroup: Unknown subsys name 'rlimit' 2024/04/17 07:00:17 code coverage: enabled 2024/04/17 07:00:17 comparison tracing: enabled 2024/04/17 07:00:17 extra coverage: enabled 2024/04/17 07:00:17 delay kcov mmap: enabled 2024/04/17 07:00:17 setuid sandbox: enabled 2024/04/17 07:00:17 namespace sandbox: enabled 2024/04/17 07:00:17 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/17 07:00:17 fault injection: enabled 2024/04/17 07:00:17 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/17 07:00:17 net packet injection: enabled 2024/04/17 07:00:17 net device setup: enabled 2024/04/17 07:00:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/17 07:00:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/17 07:00:17 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/17 07:00:17 USB emulation: enabled 2024/04/17 07:00:17 hci packet injection: enabled 2024/04/17 07:00:17 wifi device emulation: enabled 2024/04/17 07:00:17 802.15.4 emulation: enabled 2024/04/17 07:00:17 swap file: enabled [ 51.922866][ T3545] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS 2024/04/17 07:00:17 starting 5 executor processes [ 52.823451][ T3559] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.841751][ T3561] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.849645][ T3561] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.859018][ T3564] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.869822][ T3564] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.878130][ T3564] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.890234][ T3570] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.897581][ T3570] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.898710][ T3573] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.906500][ T3570] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 52.914149][ T3573] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.921318][ T3570] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.927113][ T3573] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.941316][ T3570] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 52.942519][ T3573] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.949404][ T3574] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.956972][ T3573] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 52.963229][ T3574] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.971180][ T3573] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 52.983777][ T3574] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 52.984126][ T3573] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.992645][ T3575] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.998311][ T3573] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.005218][ T3575] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 53.020355][ T3570] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 53.021380][ T3573] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 53.031760][ T3570] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.035450][ T3573] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 53.050262][ T3573] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.058478][ T3566] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 53.417552][ T3558] chnl_net:caif_netlink_parms(): no params data found [ 53.539892][ T3567] chnl_net:caif_netlink_parms(): no params data found [ 53.555972][ T3562] chnl_net:caif_netlink_parms(): no params data found [ 53.590160][ T3558] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.600331][ T3558] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.609018][ T3558] device bridge_slave_0 entered promiscuous mode [ 53.642208][ T3558] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.649966][ T3558] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.658293][ T3558] device bridge_slave_1 entered promiscuous mode [ 53.676380][ T3565] chnl_net:caif_netlink_parms(): no params data found [ 53.688634][ T3571] chnl_net:caif_netlink_parms(): no params data found [ 53.730848][ T3558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.762072][ T3562] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.769828][ T3562] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.777660][ T3562] device bridge_slave_0 entered promiscuous mode [ 53.803603][ T3558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.818633][ T3562] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.825880][ T3562] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.833621][ T3562] device bridge_slave_1 entered promiscuous mode [ 53.887048][ T3562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.900909][ T3562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.915365][ T3558] team0: Port device team_slave_0 added [ 53.933637][ T3567] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.940853][ T3567] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.949667][ T3567] device bridge_slave_0 entered promiscuous mode [ 53.962205][ T3567] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.969654][ T3567] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.977695][ T3567] device bridge_slave_1 entered promiscuous mode [ 53.996719][ T3558] team0: Port device team_slave_1 added [ 54.051249][ T3571] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.058492][ T3571] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.066755][ T3571] device bridge_slave_0 entered promiscuous mode [ 54.074896][ T3571] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.082011][ T3571] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.090448][ T3571] device bridge_slave_1 entered promiscuous mode [ 54.108753][ T3562] team0: Port device team_slave_0 added [ 54.115334][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.122467][ T3565] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.130731][ T3565] device bridge_slave_0 entered promiscuous mode [ 54.157482][ T3567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.170243][ T3567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.182173][ T3562] team0: Port device team_slave_1 added [ 54.196490][ T3565] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.203621][ T3565] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.211605][ T3565] device bridge_slave_1 entered promiscuous mode [ 54.219418][ T3558] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.226495][ T3558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.252510][ T3558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.300437][ T3558] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.309990][ T3558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.336521][ T3558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.349649][ T3571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.367971][ T3562] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.376351][ T3562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.402576][ T3562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.416657][ T3565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.437760][ T3571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.458885][ T3567] team0: Port device team_slave_0 added [ 54.465792][ T3562] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.472785][ T3562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.498907][ T3562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.511422][ T3565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.551607][ T3567] team0: Port device team_slave_1 added [ 54.572960][ T3565] team0: Port device team_slave_0 added [ 54.589673][ T3571] team0: Port device team_slave_0 added [ 54.608091][ T3565] team0: Port device team_slave_1 added [ 54.621766][ T3571] team0: Port device team_slave_1 added [ 54.636311][ T3567] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.643301][ T3567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.672684][ T3567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.695720][ T3558] device hsr_slave_0 entered promiscuous mode [ 54.702649][ T3558] device hsr_slave_1 entered promiscuous mode [ 54.731852][ T3567] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.738866][ T3567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.764815][ T3567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.785549][ T3562] device hsr_slave_0 entered promiscuous mode [ 54.795894][ T3562] device hsr_slave_1 entered promiscuous mode [ 54.802525][ T3562] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 54.810593][ T3562] Cannot create hsr debugfs directory [ 54.826291][ T3565] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.833272][ T3565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.859404][ T3565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.872945][ T3571] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.880031][ T3571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.906061][ T3571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.936569][ T3565] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.943535][ T3565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.972684][ T3565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.998246][ T3571] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.005753][ T3571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.032450][ T3571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.075760][ T3576] Bluetooth: hci2: command tx timeout [ 55.076608][ T3573] Bluetooth: hci3: command tx timeout [ 55.081485][ T3576] Bluetooth: hci0: command tx timeout [ 55.115989][ T3565] device hsr_slave_0 entered promiscuous mode [ 55.122666][ T3565] device hsr_slave_1 entered promiscuous mode [ 55.130828][ T3565] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.138501][ T3565] Cannot create hsr debugfs directory [ 55.155040][ T3576] Bluetooth: hci1: command tx timeout [ 55.155053][ T3573] Bluetooth: hci4: command tx timeout [ 55.182954][ T3567] device hsr_slave_0 entered promiscuous mode [ 55.190253][ T3567] device hsr_slave_1 entered promiscuous mode [ 55.196994][ T3567] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.204549][ T3567] Cannot create hsr debugfs directory [ 55.227738][ T3571] device hsr_slave_0 entered promiscuous mode [ 55.235099][ T3571] device hsr_slave_1 entered promiscuous mode [ 55.241642][ T3571] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.249343][ T3571] Cannot create hsr debugfs directory [ 55.474598][ T3558] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.509136][ T3558] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.533494][ T3558] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.558794][ T3558] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.610989][ T3562] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.620676][ T3562] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.638360][ T3562] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.659541][ T3562] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.736763][ T3565] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 55.761106][ T3565] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 55.773696][ T3558] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.791826][ T3565] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 55.825621][ T3558] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.836407][ T3565] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 55.845950][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.855614][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.875367][ T3567] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 55.887101][ T3567] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 55.905690][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.914324][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.923725][ T3604] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.931046][ T3604] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.939584][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.949062][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.957575][ T3604] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.964638][ T3604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.972547][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.004023][ T3567] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.013942][ T3567] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 56.024853][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.033126][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.068134][ T3571] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.079987][ T3571] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.091332][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.100928][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.109568][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.118184][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.139841][ T3562] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.150677][ T3571] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.160454][ T3571] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.173984][ T3558] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.184879][ T3558] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.196469][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.204336][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.212986][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.221964][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.230546][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.239042][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.255758][ T3562] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.278766][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.287350][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.301209][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.311233][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.325241][ T3153] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.332386][ T3153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.384593][ T3565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.392578][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.401705][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.411673][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.421530][ T3604] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.428713][ T3604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.436992][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.492040][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.501193][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.511507][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.521745][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.531264][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.539733][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.549164][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.558204][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.566252][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.574055][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.616963][ T3565] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.627824][ T3562] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.658332][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.667790][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.676376][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 56.683928][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 56.691898][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.700729][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.709199][ T3603] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.716325][ T3603] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.741547][ T3558] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.758673][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.767614][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.777493][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.786773][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.793923][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.817025][ T3571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.838473][ T3567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.860687][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.870330][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.879674][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.888660][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.905337][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.913167][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 56.922223][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.953781][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.963002][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.977220][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.990474][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.002715][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.011503][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.020298][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.028299][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.036392][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.044122][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.055229][ T3567] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.064325][ T3571] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.074561][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.110383][ T3562] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.118669][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.126556][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.134097][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.144142][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.153016][ T3603] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.160206][ T3603] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.168179][ T3576] Bluetooth: hci3: command tx timeout [ 57.168337][ T3570] Bluetooth: hci2: command tx timeout [ 57.173592][ T3576] Bluetooth: hci0: command tx timeout [ 57.185165][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.194018][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.202786][ T3603] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.210034][ T3603] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.217829][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.234916][ T3576] Bluetooth: hci4: command tx timeout [ 57.235053][ T3570] Bluetooth: hci1: command tx timeout [ 57.258871][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.273300][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.282677][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.292028][ T3610] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.299240][ T3610] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.307699][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.317004][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.335316][ T3610] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.342566][ T3610] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.350539][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.359646][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.389382][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.397770][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.406214][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.414401][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.423890][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.432876][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.441628][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.450682][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.471137][ T3558] device veth0_vlan entered promiscuous mode [ 57.489232][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.497467][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.506629][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.515337][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.524160][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.533219][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.550077][ T3571] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.562633][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.578945][ T3565] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.589130][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.598406][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.607710][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.616215][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.623626][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.634308][ T3558] device veth1_vlan entered promiscuous mode [ 57.654629][ T3562] device veth0_vlan entered promiscuous mode [ 57.691570][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.705666][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.714665][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.724529][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.738801][ T3562] device veth1_vlan entered promiscuous mode [ 57.775337][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.785539][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.794240][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 57.803427][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.811422][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.820210][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.828945][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.837560][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.846043][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.854756][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.890959][ T3567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.903314][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.927640][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 57.936681][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.945713][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.954427][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 57.963572][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.973015][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 57.982102][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.995631][ T3562] device veth0_macvtap entered promiscuous mode [ 58.011254][ T3562] device veth1_macvtap entered promiscuous mode [ 58.021647][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.030209][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.038753][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.047228][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.056568][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.064365][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.075799][ T3565] device veth0_vlan entered promiscuous mode [ 58.084012][ T3558] device veth0_macvtap entered promiscuous mode [ 58.103235][ T3562] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.129332][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.141585][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.153824][ T3153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.171264][ T3558] device veth1_macvtap entered promiscuous mode [ 58.185251][ T3565] device veth1_vlan entered promiscuous mode [ 58.195492][ T3562] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.210056][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.219556][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.228405][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.237646][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.267397][ T3562] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.278765][ T3562] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.288899][ T3562] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.298091][ T3562] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.309796][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 58.322064][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.329988][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.342436][ T3558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.354037][ T3558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.368810][ T3558] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.392860][ T3571] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.401799][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.411481][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.425090][ T3558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.439972][ T3558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.454420][ T3558] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.500961][ T3565] device veth0_macvtap entered promiscuous mode [ 58.512005][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.522837][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.531922][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.541019][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.557180][ T3558] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.566506][ T3558] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.578075][ T3558] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.587460][ T3558] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.613005][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.621637][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.633382][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.642459][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.652393][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.680025][ T3565] device veth1_macvtap entered promiscuous mode [ 58.713615][ T3567] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.715356][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.737862][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.805863][ T3565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.821707][ T3565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.832198][ T3565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.843477][ T3565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.857572][ T3565] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.869227][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 58.878261][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.887228][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.896040][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.904759][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.919552][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.927635][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.937524][ T3571] device veth0_vlan entered promiscuous mode [ 58.962188][ T3565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.979666][ T3565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.989788][ T3565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.006899][ T3565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.022148][ T3565] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.068632][ T3571] device veth1_vlan entered promiscuous mode [ 59.089881][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.104412][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.118907][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.131663][ T3565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.131858][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.140594][ T3565] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.157866][ T3565] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.166722][ T3565] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.180457][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.191681][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.217794][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.233665][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.241993][ T3570] Bluetooth: hci2: command tx timeout [ 59.242684][ T3573] Bluetooth: hci3: command tx timeout [ 59.247838][ T3576] Bluetooth: hci0: command tx timeout [ 59.253068][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.269769][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.299919][ T3571] device veth0_macvtap entered promiscuous mode [ 59.311601][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.320163][ T3570] Bluetooth: hci1: command tx timeout [ 59.326541][ T3573] Bluetooth: hci4: command tx timeout [ 59.326819][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.346452][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.358970][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.387498][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.398708][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.408396][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.421311][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.430567][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready executing program 2: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) chroot(&(0x7f00000008c0)='./file0\x00') r0 = open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0) setrlimit(0x1, &(0x7f0000000440)={0xffffffff, 0xffffffffffffffff}) fallocate(r0, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) utime(&(0x7f0000000040)='./bus\x00', 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) write$P9_RLOPEN(r1, 0x0, 0x0) close(r1) rt_sigreturn() openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) rename(&(0x7f0000000300)='.\x00', &(0x7f0000000340)='./bus\x00') timer_create(0x0, &(0x7f0000000240)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000400)=0x0) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) timer_settime(r2, 0x0, &(0x7f00000010c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) [ 59.449046][ T3571] device veth1_macvtap entered promiscuous mode [ 59.460168][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.481754][ T3567] device veth0_vlan entered promiscuous mode [ 59.505967][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 2: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x20, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, r1+10000000}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}, {0x77359400}}, 0x0) [ 59.537497][ T27] audit: type=1800 audit(1713337225.031:2): pid=3641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 59.541915][ T3567] device veth1_vlan entered promiscuous mode [ 59.573950][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.582403][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.602819][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x6, &(0x7f0000000040)=@framed={{}, [@jmp={0x6, 0x0, 0xa}, @initr0]}, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r0}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff) [ 59.661335][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.681031][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.705771][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.746675][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.772082][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.793132][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.806191][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.845531][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.864815][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.886713][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.904822][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.924777][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.935525][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! executing program 0: getdents64(0xffffffffffffffff, &(0x7f0000002140)=""/4105, 0x1009) [ 59.945561][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.956800][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.968793][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_1 executing program 2: syz_emit_ethernet(0x62, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd600a0100002c2b0000000000000000000000000000000000fe8000000000000000000000000000aa06"], 0x0) [ 60.014980][ T3567] device veth0_macvtap entered promiscuous mode [ 60.031802][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.052947][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000002380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)={0xb0, 0x0, 0x0, [{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, {0x0, 0x0, 0x4, 0x0, '!]&%'}}]}, 0xb0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r3, &(0x7f00000023c0)={0x2020}, 0x2020) executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) [ 60.075875][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.099936][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.153114][ T3571] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.183619][ T3571] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='attr/sockcreate\x00') openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000580)='ns\x00') getdents64(r1, 0xffffffffffffffff, 0x43) [ 60.202925][ T3571] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.216501][ T3571] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.233385][ T3567] device veth1_macvtap entered promiscuous mode executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x140c543, &(0x7f0000000100)={[{@errors_remount}, {@nobh}]}, 0x12, 0x4b1, &(0x7f0000000a00)="$eJzs3d9rW9cdAPDvvbay/HBmZ9tDFlgSlgwnbJHseEnMHrIMxvIU2Ja9Z54tG2PZMpacxCYMh/0BgzG2wZ72tJfB/oDByJ9QCoH2vbSlpbRJ+9CHtiqSr1LHkWKHyL5gfT5wcs+5V9L3ewg6uufeYymAvnU2Im5ExEBEXIyI4Wx/mpWbzcbG5uOePnkw3SxJNBq3P04iyfa1XyvZ8pobEXE4In57M+IPyYtxa2vrC1OVSnkla5fqi8ul2tr6pfnFqbnyXHlpYmL86uS1ySuTYz3p50hEXP/l+3/7879/df3/P7n3zp0PL/yxmdZQdnxrP3pps+uF5/YNRsTKXgTLwUC2LeScBwAAu9M8x/9ORPywdf4/HAOts1MAAADgIGn8fCi+SCIaAAAAwIGVttbAJmkxWwswFGlaLEYci4jvxdG0Uq3VfzxbXV2a2VwrOxKFdHa+Uh7L1gqPRCFptsezNbbt9uVt7YmIOBERfx0+0moXp6uVmbwvfgAAAECfOLZt/v/Z8Ob8HwAAADhgRvJOAAAAANhz5v8AAABw8Jn/AwAAwIH261u3mqXR/v3rmbtrqwvVu5dmyrWF4uLqdHG6urJcnKtW51rf2be40+tVqtXln8bS6v1SvVyrl2pr63cWq6tL9TvzrZ8DBwAAAHJw4syjt5OI2PjZkVYB+kfyKg9+b+/yAPbfQN4JALkZzDsBIDeFvBMAcrfTdYCui3fe6H0uAADA3hj9/ov3/w9lx1wbgIMtzTsBAGDfuf8P/atgBSD0vW/vcPz17/83Gq+UEAAA0HNDrZKkxexe4FCkabEYcbz1swCFZHa+Uh7L5gdvDRe+1WyPt56ZvNrfDgMAAAAAAAAAAAAAAAAAAAAAAABAH2s0kmgAAAAAB1pE+kHS+jb/iNHh80Pbrw8cSj4fbm0j4t4/b//9/lS9vjLe3P/Js/31f2T7L+dxBQMAAADYrj1Pb8/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCXnj55MN0u+xn3o19ExEjH+GcOtzaHoxARRz9NYnDL85KIGOhB/I2HEXGyU/ykmVaMxGYWneIfyTF+GhHHehAf+tmj5vhzo9P7L42zrW3n999gVl5X9/Evjfb4N9Bl/Dm+yxinHv+31DX+w4hTg53Hn3b8pEv8c7uM//vfra93O9b4V8Rox8+f5LlYpfricqm2tn5pfnFqrjxXXpqYGL86eW3yyuRYaXa+Us7+7RjjLz/431cv6//RLvFHduj/+V32/8vH9598d7Na6BT/wrnOn78nu8RPs8++H2X15vHRdn1js77V6f+8efpl/Z/p0v+d/v8v7LL/F3/zp3d3+VAAYB/U1tYXpiqV8oqKiorKs0reIxMAANBr35z0550JAAAAAAAAAAAAAAAAAAAA9K/9+Dqx7TE38ukqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBLfR0AAP//vOXVDw==") [ 60.300294][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.313803][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready executing program 2: r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, &(0x7f0000000100)=""/140, 0xde) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x37, @time}) tkill(r0, 0x7) syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) pipe(&(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) dup(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129}, 0x24}}, 0x0) [ 60.348272][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.372369][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.445632][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.482862][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.500100][ T3663] loop0: detected capacity change from 0 to 512 [ 60.504813][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.509919][ T3663] ======================================================= [ 60.509919][ T3663] WARNING: The mand mount option has been deprecated and [ 60.509919][ T3663] and is ignored by this kernel. Remove the mand [ 60.509919][ T3663] option from the mount to silence this warning. [ 60.509919][ T3663] ======================================================= [ 60.531414][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.563980][ T3663] EXT4-fs: Ignoring removed nobh option [ 60.572783][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.583927][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.590306][ T3663] EXT4-fs (loop0): orphan cleanup on readonly fs [ 60.602800][ T3663] Quota error (device loop0): v2_read_file_info: Free block number too big (0 >= 0). [ 60.619482][ T3663] EXT4-fs warning (device loop0): ext4_enable_quotas:7012: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 60.622041][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.635264][ T3663] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 60.651228][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.651981][ T3663] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 16 [ 60.664410][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.682487][ T3663] EXT4-fs (loop0): Remounting filesystem read-only [ 60.687872][ T3567] batman_adv: batadv0: Interface activated: batadv_slave_0 executing program 0: getdents64(0xffffffffffffffff, &(0x7f0000002140)=""/4105, 0x1009) [ 60.690065][ T3663] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. executing program 2: bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r0, &(0x7f0000000000), 0x100000008) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x80004508, 0x0) [ 60.737681][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.758685][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.774429][ T3558] EXT4-fs (loop0): unmounting filesystem. [ 60.795152][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.803977][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.821905][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.837356][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.871533][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.899986][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000340), 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000440)=0x82, 0x49) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) [ 60.919551][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.929777][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.959329][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.974787][ T3567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.986156][ T3567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.000343][ T3567] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.032208][ T3669] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.041489][ T3669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.055625][ T3567] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.064373][ T3567] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.076804][ T3567] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.088423][ T3567] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.106356][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.114354][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'netdevsim0\x00', &(0x7f00000003c0)=@ethtool_sset_info={0x48}}) [ 61.204253][ T3669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program 1: writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff03", 0x2c}], 0x1) syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009b23fd406d04c1088dee000000010902240001000000000904000000ff01000007"], 0x0) [ 61.265166][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.273207][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.293883][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.314065][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.321689][ T3573] Bluetooth: hci0: command tx timeout [ 61.327162][ T3573] Bluetooth: hci2: command tx timeout [ 61.332586][ T3573] Bluetooth: hci3: command tx timeout [ 61.351611][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program 3: open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) [ 61.369201][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.395103][ T3573] Bluetooth: hci4: command tx timeout [ 61.400563][ T3573] Bluetooth: hci1: command tx timeout [ 61.465930][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.493909][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 3: r0 = io_uring_setup(0x3298, &(0x7f0000000200)) r1 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r2, 0x3}, 0x18) sendmmsg(r1, &(0x7f0000007bc0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)="bbe26213462b8a6b", 0x8}], 0x1}}], 0x1, 0x0) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000100)=ANY=[], 0x14}}, 0x0) close(r0) [ 61.519733][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = open$dir(0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SPACE_INFO(r0, 0x5450, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) pread64(r1, 0x0, 0x0, 0x5) close(r1) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0x7, 0x4, 0x438, 0x220, 0x110, 0x0, 0x350, 0x350, 0x350, 0x4, 0x0, {[{{@arp={@multicast1, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@remote, {[0x0, 0xff, 0xff]}}, {@empty, {[0x0, 0x0, 0xff]}}, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 'virt_wifi0\x00', 'pim6reg0\x00', {0xff}}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @mac=@dev, @dev, @remote}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @dev}}}, {{@arp={@private=0xa010100, @rand_addr, 0x0, 0x0, 0x0, 0x0, {@mac, {[0x0, 0xff]}}, {@empty, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'ip6tnl0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "029f3182eeaa63ad98a39ef86c1b2153abbd69954c3fb53cac6b52dda43e7803fb95c384223d223e38f51ecafb4b3435af0e83a73e60060ac6b71a1138b2ccca"}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488) r2 = mq_open(&(0x7f00000008c0)='\x15?\x00', 0x42, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockname$inet6(r2, &(0x7f00000013c0)={0xa, 0x0, 0x0, @private1}, &(0x7f0000001400)=0x1c) executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001800080026bd7000fedbdf2580381004ff000001002e"], 0x40}, 0x1, 0x0, 0x0, 0x20040880}, 0x0) r2 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x5008000, &(0x7f00000004c0)=ANY=[@ANYBLOB="757466383d302c756e695f786c6174653d312c696f636861727365743d6d616363656c7469632c696f636861727365743d64656661f7481724e33fbf8d8ce629b86f38488af760fe090c2e9bd47792da3bea943665995ca5cb30b0f360512fb43bbc59ea7ad78fd9c3ce6f9c18a8c304dd547b32444350cb79af63b300"/134, @ANYRESHEX=0x0, @ANYBLOB=',utf8=1,rodir,rodir,\x00'], 0x1, 0x27c, &(0x7f0000000200)="$eJzs3TFrG2cYB/BHlmrJhiINBdNSqEqXTsZ26S5TXCgVtLRoaKeaWqbFcg02GOrB9ubkOyRfIdmSNZDBZM0XCIHgBLLYmTwEFJSTLMlRZJREuRD/fosf3nv+fl+djzs83Ku/vlxfW9nYWj05OYpCIRO5SlTiNBOlmIhsJPYDAPiYnDabcdxMpL0WAOD98PwHgMtnwPN/onMss3829ms6qwMAxuGt/v+fGMuSAIAx+/2PP39erFaXfiuXCxHrB9u17VryMzm+uBr/RiPqMRfFeB7RPJPUP/5UXZortzwuRWF9r53f265l+/PzUYzS4Px8ORG13vwnMd3OP5iOeiwcZuKzwfmFgfnJ+Pabnvlnoxj3/46NaMRKtLJJPh8Ru/Pl8g+/VM/l8y/7AAAAAAAAAAAAAAAAAAAAAABgHGbLHYX2SP/+PbPdhlL//jhJd3d/oHxxauj+QOf358nFF7n0PjcAAAAAAAAAAAAAAAAAAAB8SLb+31lbbjTqm8OK/+7duHuUj2hmI5Ybnbf2L0oNLDLt8Gipgzeaa3jx6dePrp0/lIudtfzo5+fdFne+SmHS+mbkRkkdHv3z+XdbM9+/ridyvSNXW5dLX0/rQhrwm3PjOuFPixFjOnU3O0Xl2Ss9nYupvjmVxt+0t5i5Xlm+vfvwSXskGxekhtw0mtmx3IsAAAAAAAAAAAAAAAAAAOCy6770m/ZKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA93e//H7XIR+PWle5Ioa9n8myC42aqnw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFpeBAAA//+dMpIm") r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="010400000c00000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="d2023300802b0001080211000000080211"], 0x2f0}}, 0x0) [ 61.728389][ T3689] loop4: detected capacity change from 0 to 256 [ 61.764661][ T3689] FAT-fs (loop4): IO charset defaH$?)o8H` .w;6e\0`Q/;Yz׏oT{2DCPyc not found [ 61.766268][ T3639] usb 2-1: new high-speed USB device number 2 using dummy_hcd executing program 0: syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008c12, &(0x7f0000000480)={[{@map_normal}, {@sbsector={'sbsector', 0x3d, 0xffffffffffffffe7}}, {@dmode={'dmode', 0x3d, 0xf8}}, {@mode={'mode', 0x3d, 0x3}}, {@map_normal}, {@overriderock}, {@map_off}, {@utf8}, {@check_relaxed}, {@unhide}, {@session={'session', 0x3d, 0x62}}, {@check_relaxed}, {@hide}]}, 0x2, 0xa03, &(0x7f0000003a40)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdlayZVM2yxFUrVUQYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUoQVa9NDejJxyEuBLfAl8S27JKYcAgf8FIycFCMBgZpfSklxySYUiafnzIXZ3Xn7zPL/ZmZ2Huzs7T/huWTq4Ymxpqbptdby7Of7DnUiZvevS+Ddf3L9X3j6/m33pztvFj5K+JLWkJ8nLSe/Y+OzMVIeC7iQ3knydFEn2p/G4KTdS/GeeezT+dYr/L+td177NlkwnS3yv7fb+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe1ExNj48PFLsy8T0tXdrDUltjbHx2ZkiS0tr5ywv0/BV1et38VXHepOivKWvb7mr75cPP5r9UpLaiRxtjB2tOiRPXz579qVDF17s6Vpefr1sfi/7N1/sx59+duf9xcWFj55IInvflfr0xNzMxNTFK/XaxNxM7fzZs8Onr16eq12emKzPXZ+br0/VxmbrF+dnZmsDY2/URs6fP1OrD12fuTZ9ZXxosr488dyfjA4Pn629M/RX9YuzczPTp98Zmhu7OjE5OTF9pYopZ5cx58od8S8n5mvz9YtTtdqt24sLZ1bl1J1V+28ZNNJpTcqg0U5Bo8OjoyMjo6Mjnzd7z3444ezb598+NzzcM7xK1kQ8oZ2WveWZ9Tfz9h/E4TF1Ndr/ZDITmc61vJta27+xjGc2M5laZ35TT3VffHXydH3Delvb/6OtizYcKe9O5NXmaN867f86uezc38f5NJ/lTt7PYhazkI92PaOd/buSeqYzkbnMZCJTuVhNqTWn1HI+Z3M2w3kvV3Msc6nlciYymXrmcj1zmU+92qPGMpt6LmY+M5lNLQMZyxupZSTncz5nUks9Q7memVzLdK5kPBerUm7ldvW8n9kgx4dBI5sJGm2Z2L0qaE1jvuX2v776nxO+d7b9GA6Pa6nZ/u/rHDowthMJAQAAANvuj36aA4df+MmvkiKvVJ/LX56YrA/vdloAAADANqq++T+aIuktR19J4f0/AAAAPG2K6jd2RZL+HGsMLf8SyocAAAAA8JSoLtf3aopjjyZ4/w8AAABPmc7X2O8YUQwuX/63drPxeLMZ0Rgr+i9PTNaHxmYmL4zkVHWVgeqXBmtK606K3urnB2/meCPqeH/jsf9RiWWdfWXUyNCFkbyZE80VGXitfHhtoE3kaCPy9Ubk662R3VkReWbogutzAvD0O7FBe7zZ9v/NDDYiBo9UTX7PkTZt8HDZBgMAe8HDPnZ+0+zSrE3734x4db32/083eP9fRryQW8capxQM5YN8mMXczGCaZxwca1fqcm8EjdMQBjt8GtDfPGXh5+e6Mrjm84C+h+vaGruQ0Qy2/USgpdxiOYczjbjuJ7MNAGCnndiwHd5c+z/Y4f1/v1MKAWBPediDfTXQs2bKdgzs9joCACtppQEAAAAAAAAAAAAAAAAAAAAAAAAAAGD7beoC/j87lSwuLiTb3jXABgN9W8lw44Gu7FDOuz7QnWS3av/zrJm1tJRstFS5jffKU2dg5cAuH5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYEUXS3W56V7I/yXCS0zuf1ZNzd7cT2C61x1useJAH+SQHtjsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDvu+b1/7vSeHy2MSk9XcnJJDeS/PVu57g9Gt0cPNjtNHbN31X3Ldf/70p6s1Skp7HZU/SOjc/OTJWbv9hfzv/mi/v3ylvnstf2qlAWUNawonOJZg0tU3pXLvV8tVT/+MLHd/7pw3+ojV+qdsxL85cnx6euzP7Fo8CXii8bXSC0doOwnO+/nPzxf7VM3tes/MtyTdtbXe/lqt7xtfX+Ybul16l3E24vLoyWNc3X353/57+//UnLrBdyPHltIBlYWdPflrd1ajq++vlcqfi2+PfiQP43N6rtXz4bxVJRbqKD1fo/c+v24sLQBx8u3nyY07+uyOlQjiW5mfRtPqdj1fGkrWqv6+otax2ugsq7wx3K21BLiSPrPK/PV7tM/5bWobb+OlQ6PO/NjM60zei///HFnNrylj7Voca2im+LXxZX84v8W0v/H13l9j+Ztq/ONkVUkS17Suu8FS+vrkZkteajrTPeW13muq9KnoD/yN/kzx5u/66W439zW+3M8ailxvavi2Trr4sfHFzTojxStUiHV7VIzaPPess08zzciFonzz/IW0nPkS0dUd7qcER5Uq///ysG8uvc1f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw9xVJd7vpXcnJJIeSHCzHa8nS6pi7j1FfV3/xOGlum8fJ+bunWHdFiwd5kE9yYKczAgAAAAAAAODJuDT+zRf37/126f696vv47vxxV3NOLelJcqj4n96x8dmZqQ4F9SY3lr/S79taDjfKu+cejX9djr3cYaHdPX0AAL7TfhcAAP//ekBszQ==") executing program 4: r0 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001800080026bd7000fedbdf2580381004ff000001002e"], 0x40}, 0x1, 0x0, 0x0, 0x20040880}, 0x0) r2 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x5008000, &(0x7f00000004c0)=ANY=[@ANYBLOB="757466383d302c756e695f786c6174653d312c696f636861727365743d6d616363656c7469632c696f636861727365743d64656661f7481724e33fbf8d8ce629b86f38488af760fe090c2e9bd47792da3bea943665995ca5cb30b0f360512fb43bbc59ea7ad78fd9c3ce6f9c18a8c304dd547b32444350cb79af63b300"/134, @ANYRESHEX=0x0, @ANYBLOB=',utf8=1,rodir,rodir,\x00'], 0x1, 0x27c, &(0x7f0000000200)="$eJzs3TFrG2cYB/BHlmrJhiINBdNSqEqXTsZ26S5TXCgVtLRoaKeaWqbFcg02GOrB9ubkOyRfIdmSNZDBZM0XCIHgBLLYmTwEFJSTLMlRZJREuRD/fosf3nv+fl+djzs83Ku/vlxfW9nYWj05OYpCIRO5SlTiNBOlmIhsJPYDAPiYnDabcdxMpL0WAOD98PwHgMtnwPN/onMss3829ms6qwMAxuGt/v+fGMuSAIAx+/2PP39erFaXfiuXCxHrB9u17VryMzm+uBr/RiPqMRfFeB7RPJPUP/5UXZortzwuRWF9r53f265l+/PzUYzS4Px8ORG13vwnMd3OP5iOeiwcZuKzwfmFgfnJ+Pabnvlnoxj3/46NaMRKtLJJPh8Ru/Pl8g+/VM/l8y/7AAAAAAAAAAAAAAAAAAAAAABgHGbLHYX2SP/+PbPdhlL//jhJd3d/oHxxauj+QOf358nFF7n0PjcAAAAAAAAAAAAAAAAAAAB8SLb+31lbbjTqm8OK/+7duHuUj2hmI5Ybnbf2L0oNLDLt8Gipgzeaa3jx6dePrp0/lIudtfzo5+fdFne+SmHS+mbkRkkdHv3z+XdbM9+/ridyvSNXW5dLX0/rQhrwm3PjOuFPixFjOnU3O0Xl2Ss9nYupvjmVxt+0t5i5Xlm+vfvwSXskGxekhtw0mtmx3IsAAAAAAAAAAAAAAAAAAOCy6770m/ZKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA93e//H7XIR+PWle5Ioa9n8myC42aqnw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFpeBAAA//+dMpIm") r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="010400000c00000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="d2023300802b0001080211000000080211"], 0x2f0}}, 0x0) [ 62.022619][ T3692] loop0: detected capacity change from 0 to 1764 [ 62.074499][ T3696] loop4: detected capacity change from 0 to 256 [ 62.091112][ T3696] FAT-fs (loop4): IO charset defaH$?)o8H` .w;6e\0`Q/;Yz׏oT{2DCPyc not found [ 62.108732][ T3546] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000010000e1850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = dup(r0) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001000080"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="3b00000000000200410101c0"]) [ 62.164964][ T3639] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 62.197368][ T3639] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000c30000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) keyctl$restrict_keyring(0xa, 0x0, 0x0, 0x0) [ 62.240895][ T3639] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.307117][ T3639] usb 2-1: config 0 descriptor?? executing program 4: r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$vhost_msg_v2(r0, &(0x7f0000000700)={0x2, 0x0, {&(0x7f0000000580)=""/163, 0xa3, 0x0}}, 0x23) executing program 0: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fde, 0x80, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000180), 0x20000000}, 0x20) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r0, &(0x7f0000000180), 0x0}, 0x20) [ 62.364103][ T3639] usb 2-1: Found UVC 0.00 device (046d:08c1) [ 62.381477][ T3639] usb 2-1: No valid video chain found. executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001800)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000004680)={0x9f4, 0xd, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x9d4, 0x3, 0x0, 0x1, [{0x2a4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc}, @NFTA_SET_ELEM_DATA={0x288, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0xb9, 0x1, "ea5ea34a688981ca09dc6018956963cfa784d9e47e170ebad6f397b8362d1c0b22274158af06d9711f3f05a100ecc13ef7b461693531634778abb3843f30376110d1c4356eed0b5b7ee4d73b41c09d3541a5481b59cad05d684ba83b812a2fbe68fb244d2b7ea8937d121f813d5617d7574c84c377824a66644a30be2e8ccb2450d16db9a1eb6d2d4d7442c9af310749ab1d504ee01da0e52513d6a1abe9d16e1ae2b3a4364e9f47429e9c3160137521bf4e12cc8a"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}]}, @NFTA_DATA_VALUE={0xe9, 0x1, "ed0dd2fa3892319b008659756561db3f54a9e777135051e724f48bfcb1b22c9b70742bf0464404be581d5a14bf4919fa8f78c0f6837429b41f588f721dc12edbef60222f79bce9b5541b41f17c43dc1ed00834cd66ab5a14c8f89004ad4a67dde5f328b45867c74cbaf439d8dca3867c364f01bf18c393f454234f8be591e8b02458854a9ede7422699ae4874c34a62d649d05da1a9f270fce6797e4222784648e6b7dceb4b8b6616d4d6ae888b547a70d3092e71b2b9316b747bd120b9545cdc6035bea28bc70422b62ace2229555160f16bc3f5c6b85268256e0a31a7486221fcf4a3527"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x59, 0x1, "2493237301bb0994a3856fe20fbba088747ddeda1a371c3ced38e3b408993f9c5bbca7de95aafa074bb3fe1a5ef054428e9d729033a2025faaa6fb2888eb51633e2e876783cf649435dfe634571b821b86d18d2765"}, @NFTA_DATA_VERDICT={0x4}]}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}, {0x19c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x198, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0xc9, 0x1, "1c83375529c4d96bda10379a39a98f2a86bef6ecf0288a5db77994dfbff3c8e841cafd41f2142eda93bb3a8361ac9f03f9faeda29ad28d3f89c2d0d05640846d6f3ec45890d97136a25444bd22f7fe7a1cc369e760dc2bddb7fe50ec803e8110ced3a0832051e5b9501189fe39d938e0b59ec85b38abb25e85562d3bf941296f0c8ac3a32e523ae11e9ae60d769a70b13e664e68df695217e8560931b71faa4ecdc469c71d23a4852a00ac4f38ea0d6ad0cc1b8f0f32a5de8d5923ecd8bcb493e843c3230e"}, @NFTA_DATA_VALUE={0xa9, 0x1, "8382405400a539ac20a1f53ae1c8c106e849eb55a6da831611518df786b9de1b7f773ed6cda37014ac81480dc553cf69fc171525a9fd63c39c3ae29875dfcb5356541283611c48517832d2a25cf28e72816bce0d3a2c3cf2e8a2214a6de8020e7fae7a2a7a229a785fcdb907dea31d4633ec379f275240a0aca7deb1d19f37ee25a794f4a353c30ea826ef58b5b20b8ce08730636a7618f3c447084b1507333e508ca613a0"}]}]}, {0x518, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x301, 0x6, 0x1, 0x0, "b5d871f5ea0ec90a7cb091d9e543e393ade373798761d86779145cc0afea700976ddb49f806c42c100a707df1b0ed46f31167688d46ecb899c542705298a73ddf2fab763ca6d7d90ed79116be02795a44c58c793eb8f02f226c7b5f4865e9d77703d927290d4a98e7a7e237eaec6df9650ad2637152baf7e4cc9487c8d0fabe0d82d4e1610d409345e2991fdf0649be48a3d3243a9d091fe1a91669de17eb94848e24ca402af55424509c51915bd1719189047090bb675bbd1f9f65c8b27a02f3a6b9ea30482ddb8bb05aeb8177c7764fab62014d7ea09f68494f2deb6412acb49cc189d79833626f3ef5b9ab6674526505b9fa3517cc09d2bd4fafc279257a355927bb557cfc9af43b660ffe9b65563ad4fabff3573d19adad3f116475482a8eb3ebce5b02ab61d259b0b5b3bcbaddaf0d7bae07c386a92ad81e588f0e9e175f252675b4124805487d62d60e6de293c382ba569c14fc3abcbe6bb3adbedb258477baa02750a29e9009c6226a6c4c4ece050a6e58a782bb3bf329dcdcc7b8a495e6dd1cabd3f2b5ccd84b355e65ddcc670e85ff3f49e2e2c2036e64591d9a75f0798b9e037e055d03f9138ea2021d3baed828f6c45f7e9370b0710ae630112bef39ca6585a98aefc75af1575d3c9fe6dd2aa804b244d8fa30b8a6fabd02ca220615e79bd4eb9837fd650e84932c9c58ce8921d91cf4b2593188161dd05847480538c4d874572c72e852ee37aaba1bcd1c6f00bda8211d6a75260fc94ec21557db5edf058a61425a23912c217bddb4825fcaf4c650b9f836bcf3028ece26b2f175109cb7e278584809ae1bf361596fd82dd7acfa369b7e5d409e7bceabb5ce9de14aa208f778b5a405b5dc0a07ebf80603bbbf531644d71a3fd5d5d111016ce3ac994ef2751cc392b5ac611b9dca1eabc5fd4f6a63988c8c8b1f58adde05a3bcec0274c2961722e1ba632a2c66d267df4b7cf2ca56f3ad27b98f485be48be9943f780f41f41ef8663b52e85be744298636c1ad4bc840a17fac5bd2ca2857ea9d79a21c090202e81eecc9d88600f6c112c5e94a2228ee0b89d103deec9c7"}, @NFTA_SET_ELEM_DATA={0x70, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x69, 0x1, "27b933c7ac95f64d3226a017982dd561d4d2335a18f438a2ae13a9229b1a902c4737f8cd07c79d68d4521fcaf7d39a99b6ebabe8524e7d659f6b60914a6cae872ad196a07eb40acf9cf1fe962ab1887f9f8dc49a3b260240f76dee6f9e8793665c451735b4"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}, @NFTA_SET_ELEM_KEY_END={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x70, 0xb, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_OFFSET={0x8}, @NFTA_NG_DREG={0x8}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}, {0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8}, @NFTA_CT_KEY={0x8}, @NFTA_CT_DREG={0x8}]}}}]}, @NFTA_SET_ELEM_KEY={0x128, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}]}, {0x4}, {0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x18, 0xb, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @synproxy={{0xd}, @void}}]}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}, {0x4c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x48, 0xb, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8}, @NFTA_HASH_TYPE={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}]}]}]}]}, 0x9f4}}, 0x0) executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$tun(r3, &(0x7f0000000040)=ANY=[@ANYRESDEC=r3], 0x15) [ 62.593810][ T3639] usb 2-1: USB disconnect, device number 2 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read(r0, &(0x7f0000000040)=""/148, 0xffffff96) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {0x0, 0x1f88}], 0x2}, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000005d100e6b5000040"]) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0x3500}], 0x1, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x20}, 0x0) [ 62.723535][ T3712] kernel profiling enabled (shift: 8) [ 62.764706][ C1] ================================================================== [ 62.772820][ C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0 [ 62.780109][ C1] Read of size 8 at addr ffffc9000535fb00 by task syz-executor.2/3671 [ 62.788277][ C1] [ 62.790614][ C1] CPU: 1 PID: 3671 Comm: syz-executor.2 Not tainted 6.1.86-syzkaller #0 [ 62.798956][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 62.809027][ C1] Call Trace: [ 62.812317][ C1] [ 62.815255][ C1] dump_stack_lvl+0x1e3/0x2cb [ 62.819982][ C1] ? nf_tcp_handle_invalid+0x642/0x642 [ 62.825461][ C1] ? panic+0x764/0x764 [ 62.829549][ C1] ? _printk+0xd1/0x111 [ 62.833724][ C1] print_report+0x15f/0x4f0 [ 62.838261][ C1] ? __virt_addr_valid+0xb9/0x520 [ 62.843303][ C1] ? profile_pc+0xa4/0xe0 [ 62.847659][ C1] kasan_report+0x136/0x160 [ 62.852183][ C1] ? profile_pc+0xa4/0xe0 [ 62.856533][ C1] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 62.862466][ C1] profile_pc+0xa4/0xe0 [ 62.866649][ C1] profile_tick+0xee/0x170 [ 62.871081][ C1] tick_sched_timer+0x390/0x550 [ 62.875949][ C1] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 62.881511][ C1] __hrtimer_run_queues+0x5a7/0xe50 [ 62.886751][ C1] ? hrtimer_interrupt+0x980/0x980 [ 62.891880][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 62.897972][ C1] hrtimer_interrupt+0x392/0x980 [ 62.903464][ C1] __sysvec_apic_timer_interrupt+0x156/0x580 [ 62.909479][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 62.915138][ C1] [ 62.918074][ C1] [ 62.921018][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 62.927133][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130 [ 62.933659][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 22 4a 4d f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 d7 98 c9 f6 65 8b 05 78 b4 6d 75 85 c0 74 3f 48 c7 04 24 0e 36 [ 62.953281][ C1] RSP: 0018:ffffc9000535fb00 EFLAGS: 00000206 [ 62.959363][ C1] RAX: 4bc6f5bd2d466200 RBX: 1ffff92000a6bf64 RCX: ffffffff816ad11a [ 62.967350][ C1] RDX: dffffc0000000000 RSI: ffffffff8aec01c0 RDI: 0000000000000001 [ 62.975338][ C1] RBP: ffffc9000535fb90 R08: dffffc0000000000 R09: fffffbfff2093459 [ 62.983323][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 62.991322][ C1] R13: 1ffff92000a6bf60 R14: ffffc9000535fb20 R15: 0000000000000246 [ 62.999323][ C1] ? mark_lock+0x9a/0x340 [ 63.003685][ C1] ? _raw_spin_unlock+0x40/0x40 [ 63.008555][ C1] ? input_inject_event+0xd1/0x330 [ 63.013709][ C1] ? input_inject_event+0xd1/0x330 [ 63.018883][ C1] evdev_write+0x668/0x7c0 [ 63.023514][ C1] ? evdev_read+0xe00/0xe00 [ 63.028059][ C1] ? end_current_label_crit_section+0x147/0x170 [ 63.034355][ C1] ? common_file_perm+0x17d/0x1d0 [ 63.039414][ C1] ? fsnotify_perm+0x67/0x590 [ 63.044200][ C1] ? bpf_lsm_file_permission+0x5/0x10 [ 63.049596][ C1] ? evdev_read+0xe00/0xe00 [ 63.054118][ C1] vfs_write+0x2d9/0xba0 [ 63.058369][ C1] ? do_sys_openat2+0x42b/0x500 [ 63.063234][ C1] ? file_end_write+0x250/0x250 [ 63.068098][ C1] ? __fget_files+0x28/0x4a0 [ 63.072713][ C1] ? __fget_files+0x435/0x4a0 [ 63.077406][ C1] ? __fget_files+0x28/0x4a0 [ 63.082012][ C1] ? __fdget_pos+0x1db/0x360 [ 63.086612][ C1] ? ksys_write+0x77/0x2c0 [ 63.091040][ C1] ksys_write+0x19c/0x2c0 [ 63.095380][ C1] ? print_irqtrace_events+0x210/0x210 [ 63.100859][ C1] ? __ia32_sys_read+0x80/0x80 [ 63.105637][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 63.111627][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 63.116839][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 63.122832][ C1] do_syscall_64+0x3b/0xb0 [ 63.127275][ C1] ? clear_bhb_loop+0x45/0xa0 [ 63.131986][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.137900][ C1] RIP: 0033:0x7f7fc587dea9 [ 63.142332][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.161964][ C1] RSP: 002b:00007f7fc66b90c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 63.170404][ C1] RAX: ffffffffffffffda RBX: 00007f7fc59abf80 RCX: 00007f7fc587dea9 [ 63.178398][ C1] RDX: 0000000100000008 RSI: 0000000020000000 RDI: 0000000000000003 [ 63.186389][ C1] RBP: 00007f7fc58ca4a4 R08: 0000000000000000 R09: 0000000000000000 [ 63.194473][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.202464][ C1] R13: 000000000000000b R14: 00007f7fc59abf80 R15: 00007ffddfcdbb58 [ 63.210460][ C1] [ 63.213488][ C1] [ 63.215812][ C1] The buggy address belongs to stack of task syz-executor.2/3671 [ 63.223531][ C1] and is located at offset 0 in frame: [ 63.229084][ C1] _raw_spin_unlock_irqrestore+0x0/0x130 [ 63.234737][ C1] [ 63.237065][ C1] This frame has 1 object: [ 63.241481][ C1] [32, 40) 'flags.i.i.i.i' [ 63.241494][ C1] [ 63.248317][ C1] The buggy address belongs to the virtual mapping at [ 63.248317][ C1] [ffffc90005358000, ffffc90005361000) created by: [ 63.248317][ C1] copy_process+0x637/0x4060 [ 63.265969][ C1] [ 63.268308][ C1] The buggy address belongs to the physical page: [ 63.274733][ C1] page:ffffea00015c0200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57008 [ 63.285078][ C1] memcg:ffff888017ff3702 [ 63.289331][ C1] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff) [ 63.296474][ C1] raw: 00fff80000000000 0000000000000000 dead000000000122 0000000000000000 [ 63.305074][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff888017ff3702 [ 63.313660][ C1] page dumped because: kasan: bad access detected [ 63.320103][ C1] page_owner tracks the page as allocated [ 63.325830][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 3661, tgid 3661 (syz-executor.0), ts 60456861288, free_ts 13689079380 [ 63.344345][ C1] post_alloc_hook+0x18d/0x1b0 [ 63.349138][ C1] get_page_from_freelist+0x31a1/0x3320 [ 63.354716][ C1] __alloc_pages+0x28d/0x770 [ 63.359509][ C1] __vmalloc_node_range+0x96c/0x1460 [ 63.364909][ C1] dup_task_struct+0x3e5/0x6d0 [ 63.369690][ C1] copy_process+0x637/0x4060 [ 63.374331][ C1] kernel_clone+0x222/0x920 [ 63.378855][ C1] __se_sys_clone3+0x373/0x410 [ 63.383639][ C1] do_syscall_64+0x3b/0xb0 [ 63.388079][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.393993][ C1] page last free stack trace: [ 63.398672][ C1] free_unref_page_prepare+0xf63/0x1120 [ 63.404238][ C1] free_unref_page+0x33/0x3e0 [ 63.408928][ C1] free_contig_range+0x9a/0x150 [ 63.413797][ C1] destroy_args+0xfe/0x997 [ 63.418270][ C1] debug_vm_pgtable+0x416/0x46b [ 63.423143][ C1] do_one_initcall+0x265/0x8f0 [ 63.427927][ C1] do_initcall_level+0x157/0x207 [ 63.432872][ C1] do_initcalls+0x49/0x86 [ 63.437213][ C1] kernel_init_freeable+0x45c/0x60f [ 63.442428][ C1] kernel_init+0x19/0x290 [ 63.446784][ C1] ret_from_fork+0x1f/0x30 [ 63.451237][ C1] [ 63.453566][ C1] Memory state around the buggy address: [ 63.459210][ C1] ffffc9000535fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.467294][ C1] ffffc9000535fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.475373][ C1] >ffffc9000535fb00: f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00 00 00 00 00 [ 63.483431][ C1] ^ [ 63.487499][ C1] ffffc9000535fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.495579][ C1] ffffc9000535fc00: f1 f1 f1 f1 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 [ 63.503662][ C1] ================================================================== [ 63.511731][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 63.518919][ C1] CPU: 1 PID: 3671 Comm: syz-executor.2 Not tainted 6.1.86-syzkaller #0 [ 63.527244][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 63.537482][ C1] Call Trace: [ 63.540770][ C1] [ 63.543600][ C1] dump_stack_lvl+0x1e3/0x2cb [ 63.548281][ C1] ? nf_tcp_handle_invalid+0x642/0x642 [ 63.553750][ C1] ? panic+0x764/0x764 [ 63.557833][ C1] ? rcu_is_watching+0x11/0xb0 [ 63.562794][ C1] ? lock_release+0xd6/0xa20 [ 63.567389][ C1] ? vscnprintf+0x59/0x80 [ 63.571729][ C1] panic+0x318/0x764 [ 63.575611][ C1] ? __wake_up_klogd+0xcc/0x100 [ 63.580444][ C1] ? check_panic_on_warn+0x1d/0xa0 [ 63.585550][ C1] ? memcpy_page_flushcache+0xfc/0xfc [ 63.591008][ C1] ? do_raw_spin_unlock+0x137/0x8a0 [ 63.596203][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 63.602120][ C1] ? _raw_spin_unlock+0x40/0x40 [ 63.606972][ C1] check_panic_on_warn+0x7e/0xa0 [ 63.611920][ C1] ? profile_pc+0xa4/0xe0 [ 63.616247][ C1] end_report+0x66/0x110 [ 63.620487][ C1] kasan_report+0x143/0x160 [ 63.624981][ C1] ? profile_pc+0xa4/0xe0 [ 63.629322][ C1] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 63.635224][ C1] profile_pc+0xa4/0xe0 [ 63.639417][ C1] profile_tick+0xee/0x170 [ 63.643827][ C1] tick_sched_timer+0x390/0x550 [ 63.648671][ C1] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 63.654239][ C1] __hrtimer_run_queues+0x5a7/0xe50 [ 63.659459][ C1] ? hrtimer_interrupt+0x980/0x980 [ 63.664573][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 63.671606][ C1] hrtimer_interrupt+0x392/0x980 [ 63.676540][ C1] __sysvec_apic_timer_interrupt+0x156/0x580 [ 63.682508][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 63.688154][ C1] [ 63.691082][ C1] [ 63.693997][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 63.699969][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130 [ 63.706489][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 22 4a 4d f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 d7 98 c9 f6 65 8b 05 78 b4 6d 75 85 c0 74 3f 48 c7 04 24 0e 36 [ 63.726110][ C1] RSP: 0018:ffffc9000535fb00 EFLAGS: 00000206 [ 63.732208][ C1] RAX: 4bc6f5bd2d466200 RBX: 1ffff92000a6bf64 RCX: ffffffff816ad11a [ 63.740166][ C1] RDX: dffffc0000000000 RSI: ffffffff8aec01c0 RDI: 0000000000000001 [ 63.748133][ C1] RBP: ffffc9000535fb90 R08: dffffc0000000000 R09: fffffbfff2093459 [ 63.756106][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 63.764062][ C1] R13: 1ffff92000a6bf60 R14: ffffc9000535fb20 R15: 0000000000000246 [ 63.772038][ C1] ? mark_lock+0x9a/0x340 [ 63.776386][ C1] ? _raw_spin_unlock+0x40/0x40 [ 63.781223][ C1] ? input_inject_event+0xd1/0x330 [ 63.786325][ C1] ? input_inject_event+0xd1/0x330 [ 63.791436][ C1] evdev_write+0x668/0x7c0 [ 63.795853][ C1] ? evdev_read+0xe00/0xe00 [ 63.800376][ C1] ? end_current_label_crit_section+0x147/0x170 [ 63.806638][ C1] ? common_file_perm+0x17d/0x1d0 [ 63.811679][ C1] ? fsnotify_perm+0x67/0x590 [ 63.816348][ C1] ? bpf_lsm_file_permission+0x5/0x10 [ 63.821708][ C1] ? evdev_read+0xe00/0xe00 [ 63.826212][ C1] vfs_write+0x2d9/0xba0 [ 63.830463][ C1] ? do_sys_openat2+0x42b/0x500 [ 63.835318][ C1] ? file_end_write+0x250/0x250 [ 63.840249][ C1] ? __fget_files+0x28/0x4a0 [ 63.844838][ C1] ? __fget_files+0x435/0x4a0 [ 63.849520][ C1] ? __fget_files+0x28/0x4a0 [ 63.854384][ C1] ? __fdget_pos+0x1db/0x360 [ 63.858961][ C1] ? ksys_write+0x77/0x2c0 [ 63.863391][ C1] ksys_write+0x19c/0x2c0 [ 63.867732][ C1] ? print_irqtrace_events+0x210/0x210 [ 63.873199][ C1] ? __ia32_sys_read+0x80/0x80 [ 63.877968][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 63.883958][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 63.889153][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 63.895137][ C1] do_syscall_64+0x3b/0xb0 [ 63.899640][ C1] ? clear_bhb_loop+0x45/0xa0 [ 63.904322][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.910225][ C1] RIP: 0033:0x7f7fc587dea9 [ 63.914648][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.934551][ C1] RSP: 002b:00007f7fc66b90c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 63.943002][ C1] RAX: ffffffffffffffda RBX: 00007f7fc59abf80 RCX: 00007f7fc587dea9 [ 63.950973][ C1] RDX: 0000000100000008 RSI: 0000000020000000 RDI: 0000000000000003 [ 63.958942][ C1] RBP: 00007f7fc58ca4a4 R08: 0000000000000000 R09: 0000000000000000 [ 63.966915][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.974894][ C1] R13: 000000000000000b R14: 00007f7fc59abf80 R15: 00007ffddfcdbb58 [ 63.983046][ C1] [ 63.986274][ C1] Kernel Offset: disabled [ 63.990589][ C1] Rebooting in 86400 seconds..